Ask Al: Should I set up my own mail server?


A friend asks: Hey, kind of a random question for you, I know you've done a ton of work setting up your own email server and such. [Spouse] and I are following the Google antitrust stuff and are considering getting off Gmail and I said, "oh I'll ping Al and see what he has to say," so here I am: "Is setting up our own email server a stupid idea?"

Should you run your own mail server in 2024? Yes! No! Well, maybe. If you're up for a challenge. I did it myself for a while, using Mail-in-a-Box. It was fun and I liked it. I ultimately went back to Google Workspace, though, because my life is pretty well entangled with Google's services, and I didn't want to randomly have to juggle those eggs across multiple baskets in a way so time consuming. Though, I keep telling myself that I may actually move one of my alternate domains back to Mail-in-a-Box self hosting here soon, because there are upsides to hosting your own mail that I miss.

Mail-in-a-Box has pretty good documentation, but you still will need to be a bit unix-y to set it up. You'll need to configure DKIM authentication on the server (and SPF authentication in DNS), and you'll need to think about spam filtering. I recommend signing up for the free tier of Spamhaus's DQS and using that to help keep the spammers away. It will help. All of this implies that you need to be able to follow instructions written by nerds, and you might need to be a bit unix-y. I've used postfix for years, and Mail-in-a-Box uses postfix underneath, so that made things a bit easier for me, personally.

Reasons to set up your own mail server in 2024:
  • Mail-in-a-box is easy to set up and use, and it's a full suite of tools that gives you IMAP, webmail and calendar email access. It can indeed get the job done and it's fun to play with.
  • No more reliance on a mega-technology corp to host your mailbox! (Even though you might host your instance on a cloud provider, like I did! Kinda weird, if you think about it. Don't think about it too closely.)
  • Email is really just email. Get authentication right, don't send spam, and build up that reputation, and it will work just fine. A few people complain loudly that it's all a big conspiracy by "big email" to lock out the little guys, but a lot of little guys send mail just fine. I have done it just fine myself, and so can you.
  • When you block mail, it bounces back with the error message YOU want the sender to see. If you want them to know that you use Spamhaus, they'll know! If you want to insult senders with profanity-laden rejections you can! You want to use weird blocklists that will block tons of possibly legit mail? You can! It's all up to you. You truly are the postmaster in charge.
Reasons not to set up your own mail server in 2024:
  • Where you choose to host the mail server could matter. Some VPS providers are blocked because of the perception of being a "bad network neighborhood" full of spammers. I don't track who, so don't ask me. It's hard to tell how much of a problem this really is. Ask on Mailop and a bunch of hobbyists will share loud opinions, that sometimes are bereft of data.
  • If you want to host it in Amazon EC2 or Google Cloud, they actually block outbound port 25. Amazon was not amenable to my request to unblock port 25, so that meant no outbound mail for me directly from that IP. (I didn't even try on Google Cloud.) That means that you've got to have some sort of email service to link up to for outbound email. Amazon's SES email service can be linked up this way, and it's probably what I'll use, next time I set up Mail-in-a-Box.
  • If you set it up on a server where port 25 outbound is not blocked and the ISP seems relatively fine, reputation wise, even still, building up IP reputation from scratch is not for the faint of heart. People will tell you that it's just as easily done on IPv6 as IPv4, but they're probably lying or misinformed. It will take at least a few weeks of sending before you'll get reliable inbox placement at the biggest mailbox providers.
  • Spam filtering is tricky. Google's better at it than you are, hands down. It's fun to be able to build your own blocked senders list in postfix, and great to be able to directly utilize DNSBLs, as well. But this will require ongoing administration and periodic review of your mail logs.
  • If it dies, your mail archive vanishes. You're not likely to lose your saved messages in Gmail because of a system issue. Self-host, and that becomes a concern.
I ran Mail-in-a-Box in Google Cloud; it fit nicely in their free tier. Because they don't allow outbound port 25, that means that outbound mail from Mail-in-a-Box was blocked from reaching the internet. At the time, I worked around this by relaying outbound mail (over port 465 or 587) from my Mail-in-a-Box instance to a dedicated VPS that I used as an MTA, hosted elsewhere. That worked just fine. Note that inbound mail was not blocked, so your MX record can point directly to your cloud-hosted server instance.

If/when I set this up in Google Cloud again, I plan to try using Amazon's SES email service to relay outbound mail for my domain. It's easy to configure Postfix to relay all mail outbound via Amazon SES. I don't think it's quite an intended use for Amazon SES, so that might merit a follow up to share how well it works and what challenges one might run into when doing that.

Comparing the pros and cons, the math almost works out against trying this and that it might be crazy. But I actually think you should do it, if you think you can tackle it. Like I said, I found it to be a lot of fun, and I have enough postfix and unix knowledge to not be afraid of configuring and utilizing stuff like this. So if you've got some expertise there, too, or want to build that expertise by trying something like this, I think you should give it a shot. Don't be afraid – it's not like you have to switch your domain over to it before it's working. Or set it up on a subdomain, or alternate domain, just for a learning experience, if you're worried about accidentally running into a problem that could impede your ability to send or receive important 1:1 email.

I'm sure there's other options out there as far as what to install to become your own mailbox provider. I've chosen to focus on Mail-in-a-Box because that's what I'm familar with. Alternately, Michael W Lucas has written a book called, "Run Your Own Mail Server: A Book for Independence & Privacy," aimed at the "hard-core Unix sysadmin," if you're looking for another way to go. What I found to be great about MIAB is that it's basically just a set of scripts that preconfigures various open source utilities for user management, IMAP, webmail, contact and calendar management, and more. It is indeed stuff you could configure on your own, if you have the mad skillz.
Post a Comment

Comments