Ask HN: Self Hosted vs. Gmail / Outlook?

That being said, I recently switched to https://mailbox.org (they have a very good reputation). Mainly because I love the web UI it's an awesome service and I get CalDAV and CardDAV that works beautifully.

Back in the time, I had this problem with sending emails from my private server to yahoo or microsoft (hotmail, live.com, etc...), both refusing to deliver my emails to their clients as I could be a potential evil spammer.

For the subscription fees, a few weeks ago I saw a price chart for <I don't remember which company, probably Microsoft> about how much you have to pay them depending on your situation and how many emails you plan to send to their servers. Unfortunately I didn't find this page again.

I think the best option is to go for a paid service with a good privacy policy. It will cost you a lot less in time and probably in money. Also, they will probably be more reactive than you in case of problem, and more aware about security.

Self-hosting is still possible nowadays but email delivery is an uphill battle. You can expect to write several major email providers to remove you from their blacklists even if your address and domain reputation is good.

VPS privacy and security is questionable and dedicated servers are usually expensive. Hosting SMTP from home is virtually impossible without a VPN to a "proper" IP.

Are you willing to spend the time to update all parts of your infrastructure on a regular basis? Are you certain you will keep up to date on recommended ciphers and protocols?

How is your data going to be secured at rest? If it's encrypted, how are you going to provide the keys during unexpected reboots?

If you want push notifications, synchronized calendars, contacts and notes you will need to add another layer of complexity to your setup.

Critics of Protonmail and similar will point out that browser based encryption is a weakness, however that doesn't change the fact that it is a major step in the right direction. The battle for privacy is fought in depth, not absolutes.

Protonmail is hosted in a Swiss datacenter, run by a Swiss company under strict data protection laws. They offer a free tier and a paid one for your own domains.

If you still want to go the self hosted route iRedMail and Mailinabox both work well. Sovereign runs too many services - it should really be split into VMs or containers.

The mail server is fully built into the platform itself and automatically takes care of all the tiny details required to get over the often stated deliverability issues (SPF, dkim, PTR, ...). So far we have found that many of the issues described here are not actually a big issue as long as everything is setup the way those large providers want it to be. The occasional report from a user about getting blacklisted usually is a matter of submitting the required form on the providers unlisting site. They do act timely as well in my experience and the process is not very time consuming.

Overall I was pretty surprised how well it works in the end, given that there are so many reports about selfhosting email is too complex to deal with.

I have a mailserver handling some personal email, but I feel it's too risky (to take the responsibility) and too much effort to host email accounts for just a few other people. You can and probably will be every once in a while blacklisted by one of the big providers or have legitimate email bounce, even if you have SPF, DKIM, TLS and your own spam filters set up. You also have to keep an eye on your servers to see if no new filth gets through. And you'd probably want to keep a backup relay ready. You have to provide ways for the users to configure or fine-tune their individual spam settings and mark messages. You most likely want to install a web interface next to the IMAP and/or POP service, which opens another can of worms.

I feel I'm too old now – meaning I have so many other responsibilities – that I don't want to babysit something that is after all rather crucial and should "just work". If you have the energy and time, please go for it, otherwise just search for a reliable paid service.

Note that assuming privacy when talking about email, even though most protocol interactions might be encrypted these days, is in my opinion somewhat misguided. Don't use email if it's truly private. Or use end-to-end encryption, such as PGP.

There might be a hole in the market for a company that helps geeks host reliable email servers, for those that want more control than just an IMAP account with sieve support, but maybe the margins are too low and fighting spamming subscribers too hard.

https://oakmail.io/

Hosting an email server yourself is a great learning exercise but you'll be forever playing whack-a-mole with spam and wondering if your setup is actually properly secure and waiting for the day you get hacked.

I did this myself for a few years and at one point had very few deliverability problems, then one day out of the blue I ended up on a black list and started getting complaint emails. After that it was either rebuild on a new ip address and start again or choose a paid provider and move on, I did the latter and opted for Fastmail.

Formerly, I'd say maintaining your own email server isn't easy. It was hell trying to set one up 10-15 years ago. This guy (and the contributors) have made it about as easy as it can get. I've hosted mail for one of my domains on a DO droplet, where I set up a mail server with that guide. Been running it for ~4 years. No issues. Highly recommended.

So I used a scaleway.com instance and installed https://github.com/sovereign/sovereign/

I forked it and made it especially for my own usecase working for the scaleway VPN https://github.com/tomw1808/sovereign

So far I am pretty pleased. I opted against mailinabox because I want to use the server for other things too and mailinabox strongly suggests against it...

Deliverability will only be an issue if you land up on an IP address that was previously abused, so it may be worth checking out the IP address reputation on DNSBL [2] before setting up Mail-in-a-Box.

Make sure you configure an SPF record for the server's IP address, and then also set up DKIM and SPF. I have yet to see any deliverability issues using this setup.

[1] https://mailinabox.email

[2] http://www.dnsbl.info

Failing that, head on over to https://privacytoolsio.github.io/privacytools.io/ and check out alternatives and other related information.

I had to ask my ISP to disable some rules on their end and pay a fee to have a static IP address, but overall it was pretty painless. Though I can imagine some providers being much worse.

After the initial hurdle of setting everything up in my experience everything went mostly fine. I had to whitelist my domain on Microsoft's site, but Gmail and Yahoo worked fine from the start. I haven't had a problem since. My university teachers receive my email just fine, so did my co-workers before I was given a corporate email address.

Is it worth it? Maybe not. It was more of a learning experience for me, but I find it works just as well as any other provider I've used. At least for now.

As others have said there are lots of outdated guides. I found the Archlinux Wiki and the manpages to be the most useful resources. Also please stay up to date on the software.

If you want to use another web mail service other than GMail then I can recommend;

https://kolabnow.com/ (the lite option just gives you webmail)

or

https://posteo.de/en (very green-energy and privacy focused

https://kolabnow.com/