Hi,
It had been twenty year that I stopped my couples of self-hosted email servers… ( That did run on a 10 years span )
Now, I’m digging to relaunch one… OMG the GAFAM etc… did well screw us !!
Selected quote (I'm open for more)
13 June 2023 10:06
You’re right. It’s a mess nowadays with email hosting because Google for example just rejects everything except the other big services even if you comply with DKIM etc. Fuck them honestly
25 November 2024, 16H57
I guess what I mean is that even a single user email system is a pain.Want to send an email from one person to another? Stupid easy, I can do that with a single command.
Want to be able to send messages over long periods (years) to friends/family AND clients AND prospective employers (who are probably running their own email system) AND various businesses that you are trying to get support or services from? Well, okay, but the more messages you send, the more chances for some douche (or automated system) to report as spam because they think that anything other than @yahoo or @gmail is a hack-spam (I’ve had this happen, and had someone call me frantically telling me that my identity was stolen, and I had to tell them it was actually me; People are fucking stupid). And if you navigate all that, you still have to worry about your IP going wayward because you needed to change your infrastructure for some reason (switching regions, system types, whatever), and if that happens you basically start from scratch with an IP that might have had a shitty reputation (even if only due to range association).
And it’s not just needing to maintain your IP/domain/account reputation with dumb people/systems/lists. You also need to set up SPF and DKIM or you’ll be summarily rejected (even though SPF has fallen out of favor, some services still use it, or use both). One time config, sure, but not intuitive unless you work with systems all the time, and it’s just a matter of time before they introduce yet another secure email verification system that you need to jam into your DNS (or server, or header, or…).
So now you’re sending mail (probably), but you still have to receive it. More DNS configuration, and you have to make sure your email server never goes down, or you permanently miss any messages you might have gotten (yes, email systems are supposed to retry, but I’ve seen a LOT of admins at very recognizable names in email basically just retry for 15 minutes then dump the mail, rather than keeping their outbound queue backed up for multiple days).
And god help you if you set up multiple incoming servers, because now you have to deal with some kind of centralized storage, which itself also needs multiple nodes to avoid yet another SPOF. Again, not super hard by itself, but now you’re basically designing multi-tiered infrastructure, which you have to maintain and pay for. We’re definitely in for more than you’d end up paying for an email service, and that’s not counting your personal time at all (which even a single hour of is probably double the monthly cost of an email provider’s top tier offering, if you know how to manage all this crap).
TL;DR, you’re still not wrong that centralization is very, very bad, but if you actually care about people receiving your messages, and not missing any important incoming messages, it’s not easy to deal with. Not saying people shouldn’t try it, but they need to be ready for a mountain of headaches.
I think those two post summarize well what happened…
On the technical level email are OLD ! ~1982(SMTP), and since then few revisions were released, but they only build extra thing complexity on top of it !! and the last revision date was in 2008 ! ( 17 year ago… )
And they are complex because of this build-up,
For the example, the list of the daemons running in docker-mailserver give a clue…
- Postfix
- Dovecot
- Rspamd
- Amavis
- SpamAssassin
- ClamAV
- OpenDKIM
- OpenDMARC
- Fail2ban
- Fetchmail
- Getmail6
- Postscreen
- Postgrey
- Support for LetsEncrypt, manual and self-signed certificates
- SASLauthd with LDAP authentication
- OAuth2 authentication
On the mass level, the GAFAM managed to convince the mass that email server (and more broadly any self-hosted (aka computing) ) is complicated, so “let’s us do” that could be understand as “Let’s us own your technology”
For a time I was thinking “maybe I should get away from email, that only belong the GAFAM now… and maybe found an alternative… ?” But If I found an alternative, I must convince the others to do the same… slower… way slower…
No ! , the first step is to have more and more people re-owing their technology ! So having more and more self-hosted email server again…
To reverse the tendency, instead of feeling like a black sheep (and be censored) to not have a GAFAM email. It will be people that use a GAFAM email that will pointed out ! to have deleted ( or move email to SPAM without reason etc…) your email from YourEmail@MyLittleHosting.MyPlace
If you use a none GAFAM email ( like me ), and someone tell you:
“hoo sorry I didn’t get it”
“Sorry, I didn’t see it, it felt in my SPAM folder” (with a tone that’s your fault because you use something else than everyone else (aka GAFAM))
Please note, that legally, is their responsibility ! Whenever it was automated or not !
If your MTA[1] did send your email the the recipient MTA it’s their sole responsibility…\
and if the attempt has been blocked before reaching the destination MTA, by a firewall or something else on their side (even on ISP level), no matter if they own it or not, it’s also their responsibility :) )
Mail Transfer Agent Handles the transfer of emails between servers using SMTP ↩︎
There was a recent thread on reddit about this, where I wrote this comment (copied here):
I’ve been hosting my own email for a long time (almost 25 years).
Today it’s better than it was, but there are some hurdles:
- Microsoft has their own system, but it’s reasonably easy to get listed
- Google does their own thing, and it’s IMPOSSIBLE to get anywhere
- UCEPROTECTL3 is just a fucking extortion scam
When I switched providers, I found out I was in a “bad IP neighbourhood”. Microsoft wanted a letter from my VPS provider saying that I am in control of the IP I wanted listed, and that was not too hard to get. Also, Microsoft’s blacklist management is sane - you can log in, see the status, raise issues and get a hold of people. A little frustrating, but workable.
Google, on the other hand… You can’t participate in their spam system unless you have a minimum volume of email, which means little guys like me who send maybe 50-100 emails a day end up in gmail’s junk folders by default and there’s abso-fucking-lutely nothing you can do about it. There’s no one to report it to, there’s no way to fight it… they simply don’t care. And whether an email gets flagged as junk or not seems completely random. It has nothing to do with the content as far as I can tell. All you can do is contact people from your personal gmail and ask them to check spam/whitelist. It’s been years and I’m still waiting for the “eventually your domain will get whitelisted globally” bullshit to happen.
That leaves UCEPROTECTL3. Fuck these guys sideways. They block entire ASes and no, you can’t get an exception made. You can pay them to get whitelisted which is why I call them an extortion scam. They’re the only blacklist I’m on and I’ll be fucked if I’ll pay them to get off it. Bunch of fucking pretentious scammers.
Everything else is pretty easy: DNS, DMARC, DKIM, SPF… it’s hoops to jump through but not overly difficult. Ensuring you’ve got SMTPS set up and constraining the encryption protocols to get it tight takes some iterative work, but nothing too difficult.
I totally understand why people give up. This is a huge problem with these gigantic monolithic companies – they hold way too much power over the internet and there’s no way to hold them accountable.
In a moment of weakness and angry clients I once paid uce.
Shortly thereafter my credit card got stolen. That is the one time in my life that has ever happened. It was my business card which rarely get used.
Coincidence? Up to the reader.
Almost every scam email I get comes from a gmail address. If a business is not sending emails from their own domain, I automatically assume it’s a scam.
This right here. If you are promoting your biz with a generic email address, it goes in the junk folder. It’s 2025 people. Legit businesses use legit email addresses. I as hardnosed about my texts or phone calls. If you are not on my extensive list of friends, family, business associets or aquaintances, and you don’t leave a message, you get banned as spam.
The issues with IP reputation, and mail providers like Microsoft and Google choosing to make massive, sweeping email blackholes with no recourse are the real problem.
Hosting your own email is not really all that hard.
It does require some understanding of how SMTP works, and how to avoid things like backscatter - but its all very tractable.
I run my own mailserver on Linode. Granted it is a single user instance, and I don’t send that much email, but I have had very few issues.
The few times I have had an issue is usually places just flat out not accepting email addresses with custom domains. (Looking at you, AutoZone… Looking at you.)
Yeah. Hosting your email is easy! Resolving being labeled as spam is not. (Filtering incoming spam is also hit or miss, but more just an annoyance than a problem.)
FWIW, I have no issues sending mails/having them be received from my self-hosted to Google mail
I also self hosted for years (using tuta mail with my own domain now), and have never had issues with my deliverability either.
Though now that I think about it, I did have to register my domain with Google in some way to stop being flagged as spam iirc.
How did you do this? I have only seen the google postmaster tools and they’re absolutely useless unless you are sending significant email volume. If you’re a little guy they won’t even give you basic reporting on deliverability.
That’s the one. I dong get any insights either, but iirc it did stop my emails from automatically going to spam. It’s been a while though, and I remember trying a whole bunch of different things, but I believe that’s what eventually fixed it.
Don’t agree. Being hosting my email server for 20+ years without issues.
Yes you need to study, no its not difficult at all.
Check https://wiki.gardiol.org/doku.php?id=email%3Astart it’s really that, and guess what? It works!
So, yes its getting more complicated but its still well at the grasp of a home hoster.
Do you want it as simple as docker compose up? Grab mailcow.
I’ve been using email since it was text-based.
I think email for the average person is kind of dead. I rarely use it for personal comms, and it’s more of a repository of receipts and the occasional password reset.
I reluctantly use it for person-to-business.
Work? That’s not my concern. I use the tools that they manage.
Email is practically dead to me - it’s not encrypted, and plenty of encrypted I’m systems exist that provide equivalent, and in some ways, better functionality for personal use.
I wish companies would start embracing them.
email does still seem like the least bad way of receiving stuff from corpos though. I’d rather get emails than whatsapp messages or nonfree apps’ push notification.
Yes, this. And with WhatsApp or an dedicated app they’re either directly on your phone. Or have your (personal) phone number. Which isn’t great. With eMail you can just have another spam address. And that’s more complicated with phone numbers and most people don’t have a second one dedicated to spam and advertisements…
Encrypted messaging is unrelated to phone numbers. That’s an issue of using apps like WhatsApp (which I refuse to use), and a beef I have with Signal (part of why I really don’t trust them).
Simplex doesn’t use your phone number, why would it? It’s not technically difficult to solve this, it’s a business/social/political issue.
Apps have no need of your telephone number, not that it isn’t hard to find anyway.
GAFAM: Google, Apple, Facebook, Amazon, Microsoft.
I was reading it as “Google Apple Facebook Associated Mafia” which also works.
Thanks
