Comment on What I host myself
Cyber@feddit.uk 7 months ago
Mail servers?
How are you finding that these days? I thought all the anti-spam stuff meant that self-hosted email was just not worth it these days?
Not really. Postfix is very robust against attackers and knows to how to deal with bots by default. It makes sense to also configure SPF, DKIM and DMARC for your own safety.
If you want to stop the attackers from hammering, you can also add fail2ban.
If you want to avoid spam, you can attach a spamfilter to the delivery agent and let Sieve do the rest.
I’ve been running my postfix/dovecot combo using 4 mail domains for over 5 years without any problems. It’s simply fantastic.
I also have a mail filter, I have been hosting my own mail server for the last 25 years.
Out of interest what are you using? I was postfix/courier for a long time, with a must migrate to dovecot 10 years ago. Finally migrated this year and the performance difference is noticeable
I recently moved to Mailcow, it’s a one in all solution. My spam filter is Proxmox mail gateway, also very user friendly.
Have you by any chance documented your PMG set up? I’m also a very happy Mailcow user and spinning up PMG is something I’ve been meaning to tackle for years so I can implement archiving with mailpiler, but I’ve never really wrapped my head around how everything fits together.
It’s not worth it but some people don’t mind the cost.
What cost?
Real email security gateways cost money. There’s no good way to deal with it at small scale.
They don’t have to cost money. The mail filter appliances are all based on postfix, spamassassin and a virus scanner like clamav. The thing you pay for is the nice gui.
Depends what you mean by “security”
On residential connections it’s a bit pain in the rear, but if you get VPS (or something similar) it’s perfectly manageable. You just need to maintain stuff properly, like having proper DNS records, and occasionally clear false positives from spam lists. The bigger issue is to have proper backups and precautions, I’ve hosted my own emails for over 10 years and should I lose all the data and ability to receive new messages it would be a massive personal problem.
It is hard to set up and you might need an SMTP relay since most ISPs close port 25. But it is feasible.
JadedBlueEyes@programming.dev 7 months ago
I host mail via Stalwart, which makes it pretty damn easy - it handles most everything, just giving you a big block of DNS records to upload with all the DKIM SPF MTA-STS nonsense. However, spam filtering from big providers is still occasionally an issue. I still occasionally get reports of mail making it into Gmail’s spam inbox, for example.