You must log in or register to comment.
Hosting email is bad because the few companies everyone tells everyone to use run email. It is fine if hosting email isn’t for you but discouraging others to not try is exactly how we lose ground ona completely open protocol. Everyone who is willing should host email. There are “distros” like mailinabox and mailcow that make it very easy. The more folks that host it the more the larger hosts will have to start to be more of a tram player.
highly recommend https://mailinabox.email/ for setting up and and ticking every compliance box. dmarc, spf etc
unfortunately you can be the best, most compliant host on the planet with the with a cleanest of IP’s… google is still going to randomly and silently drop your email to different email addresses. so its pretty much completely untenable for non hobby project.
fuck google so fucking hard
I sorta self host my email. Technically aws hosts my email but I’ve a local postfix and dovecot to serve devices.
That simplifies ip address reputation, dkim, spf, etc. It also provides a backstop if my homelab goes down as messages buffer to s3. I pay a few cents per 1k messages, which effectively means zero.
It is great.
Mailcow protected by crowdsec, using SMTP2GO as outbound relay. No issues. I even have Addy.io running without issues.
I only allow inbound port 25. All other ports and access can only be done over WireGuard.
Best part is. My emails stay in my control on a server in Canada.
I just wish mailcow supported podman. Weirdly enough, apparently Docker Mailserver does, but I haven’t had the energy to sink time into setting it up
This is an amusing thread for me as my day job used to be unfucking postfix and exim servers daily for a fleet of vps and dedi boxes.
unfucking postfix
This is not a task for the feint of heart, nor was it ever, even back when the technology was first invented. I salute you.
Tbf most of the time you just had to clear ssd space and rebuild indices after restarting services as mostly the mail was there but stuck in queue
Given the amount of spam selfhosting your email sounds like the 7th circle of hell. Media servers should be enough, thankyouverymuch
Firewall with pfblocker and good feeds solves most of the problem. Spamassassin and URLBLs still work. It really isn’t hard, once you set it up the config never changes. The static IP is by far the worst part.
Self hosting for years and have none of these issues, but I’m going to migrate soon and will probably be able to use this as a checklist 😐
Why don’t selfhost?
Reliability.
My server is down sometimes. Sometimes days.
No server no email.
No server no email.
I fail to see the problem.
Skill issue. My server has better online times than CloudFlare or AWS.
AWS offers an SLA of 99.9 availability, which it has usually exceeded each year. That means your server can’t be down more than ~8h per year to beat it. Your residential ISP (in a nearly optimal case) has a 15-30 min service period overnight every few weeks.
Hope your area gets less than ~3 hours of power outages per year or you’re going to be breaching your SLA before you even hit software.
Your ISP is kind of dogshit if it’s forcing 15-30m of downtime overnight every few weeks. And power outages are kind of a weird thing to focus on, you should be on a UPS anyway.
In any case, someone interested in self-hosting email very likely has a redundant connection anyway. I’m not even hosting my own email and I have 5gb/mo of cellular backup in dual-WAN, and enough battery capacity to run my entire stack for several hours.
Not to mention a generator to recharge them, if it comes down to that.
Like, I need you to understand that in the networking industry, 99.9% uptime is genuinely laughable. You should be able to hit that by accident. The gold standard is ‘five nines’, or 99.999% uptime, or less than 5 minutes of downtime a year.
8 hours of downtime a year? If a service I was managing had 8 hours of downtime a year I would be laughed out of my job lol.
Your ISP is kind of dogshit if it’s forcing 15-30m of downtime overnight every few weeks. And power outages are kind of a weird thing to focus on.
Point being that these are not “skill issues”. AWS’s actual uptime over the last decade was something like 5 or 6 9s, 99.9 is just their official SLA. From where many people live (shit ISP, brown outs, floods, tornadoes, etc…), they can’t even match that bare minimum. God forbid budget enters the equation (no money for 3-2-1 backup? oops everything is fried from a freak accident).
So yeah you could definitely do OK with a real budget, a quality server setup and enough hours during the week for firefighting. But that’s not really “self hosting”, you’re just making your homelab a $0 revenue small business. For the 95% of people who can’t do that, they wouldn’t get anywhere close to a cloud provider’s service.
I would actually disagree- it doesn’t take much budget at all, or even a quality server setup, to have a decent uptime. A consumer router with a sim card slot is possibly something you already have. If not, a cell modem can be as cheap as $30. You could stick your email server on a old shitty raspberry pi. A data sim is $6/mo. If all you’re running is a cable modem, a router, and a rpi, you don’t even need a big fancy UPS, you can just get a DC battery UPS for like $40. And all this is assuming you’re buying stuff new instead of used.
You don’t need a lot of budget, quality stuff, or even a ton of hours in the week for self hosting- once you get this stuff set up it should stay working other than the standard upgrades/maint your email server will need.
Everything past that, like setting things up so your mail server is reachable on two IP addresses, is just… skill.
Lol the commenter you replied to didnt expect a one of a kind person to reply.
Normal people don’t have a ginormous battery and a generator for when the power goes out.
Every ISP is dogshit too. If it doesn’t go down from incompetence, it’s their physicial infra being broken from weather or some other “natural event”.
Even then, I can’t justify paying their crazy rates for 5g backup year round just for it to kick in once or twice a year or a couple nights where I’m not awake anyways.
Every email server that sends mail should have a rety mechanism if it fails to deliver too, so you shouldn’t miss any mail as long as your server isn’t offline for too long.
Ofc you are allowed to need 99.99% uptime for your home server, just disagreeing that it’s a need for most of us (including me).
I mean, my use case is abnormal and generally has more beef behind it than most people would have, yes, but a simpler, cheaper version of what I have set up is kind of a no-brainer if you want to self-host.
e.g. I don’t think a simple cyberpower/APC ups on your home server is any kind of a weird ‘specialty’ thing, and it should definitely run your server for 2-3 hours during an outage for like $100-150 if you grab it on sale (which, you know, why wouldn’t you?) As for the generator, I don’t have that for my network stack, I have that for my fridge/deep freeze lol. It can just also recharge my UPS if it’s really that big of a deal.
As for cell backup, that’s definitely less a ‘common’ homeserver thing, but I’m only paying like $10/mo for my cell backup connection from tello for 5gb of 5G. Hardly breaking the bank, and honestly probably overkill, you could likely get away with their $6/mo 2gb plan. No complaints with it either, I use them for my regular cell plan too. if you were interesting in self-hosting your own email server and wanted better uptime than 99.9%, you probably don’t even need that if your ISP only sucks slightly instead of mostly, but it allows you to just not care about your ISP having extended downtime and potentially timing out any retry mechanisms.
If you have a regular data plan that you use if your internet goes down, you’re server would technically have an internet connection, but your services (like email) still wouldn’t work would it?
Do you have some type of setup that keeps that working on data?
I don’t know how buying the ISPs data addon works, but I’ve been skeptical that the swap over would keep anything online either (but getting a generic data plan surely cant work at all right?).
So this sort of a setup is called Dual-WAN, and yes, it allows it all to work. Basically, my router has two connections to the internet- a cable modem on one port, which connects to Spectrum, and a cell modem on another port, which has my sim card on it. Both provide internet access simultaneously, and at that point, internet is internet- it doesn’t matter if it’s over data or through cable, you’re part of the net. My router is then configured to reach the internet via what it decides is the ‘best’ internet. In my case, because my cell connection is metered, I have it configured so that it prefers the spectrum connection, and only falls back to the cell connection if the spectrum connection is losing traffic, and only for as long as that connection is losing traffic.
Note that a dedicated cell modem is not necessarily required- some routers have sim card slots themselves, for exactly this reason, and tend to make this sort of configuration very simple to do. I’m personally using a small computer running OPNSense, which is again, probably overkill for the average homelabber, but you don’t need something that complicated.
As a result, my server always has access to the internet, and should you configure your firewalls appropriately (remember, I don’t personally run my own email- I have a custom dns name I point towards tutamail), the internet will then always have access to your server. There’s some details here and there about IP address caching, dns resolution, and the like which have various solutions from DDNS to an external proxy/loadbalancer/etc, but those are more implementation details.
And a fraction of the users so hardly comparable.
And yours does, that’s why you can’t self host your mail?
I’m not the other person. Try not being so combative dude. Jeez.
I can’t see how their reply was combative if yours wasn’t in the first place. Coming out of nowhere to protect AWS’s honour or something?
I mean, the person they initially responded to was being a bit combative too.
Yeah fair, kinda funny how implied tone can work when reading things. On my first read, for some reason I took the “skill issue” as more playful but on second read, who knows.
Playful banter or a deadly duel of words?
I know, but you engaged in this conversation to state your point and I am trying to understand how it relates.
Personally I use addy.io (previously anonaddy). Self-hostable and an easy way to get and control your own email @
True story. Email is one of the last things I’d try to host myself.
I knew someone online who did.
Their autism level was in a category that I’ve yet to find words for. The train people fear them.
This person has been there.
I’m still there. I’ve always wanted to be able to offer an email service to family or friends. But, even though I’ve been doing it for a couple of decades, it’s never been stable enough to offer to them. For part of that time it’s because I didn’t really know enough of what I was doing, but the more I learned and the better I got at it, the more I started to lose the war against both spammers and against the major service providers who kept making it harder and harder to prove you’re not a spammer.
The latest one was literally issue 3. My provider splits an IPV6 /64 among multiple VPSes, when most of the world, including blocklist publishers, think a /64 is for a single “entity”. The only way to resolve it was to not use IPV6.
deleted by creator
ai image… with positive vote??? on myfediverse??? what a shame
Because it’s hard to notice it.
it looks uncanny and i also know OP, they used to post chatgpt slop here
It really is. I used to be able to tell the difference, but where do you people see that it’s AI in this image?
If you’re in doubt, zoom in. There’s probably more, as some background detail are blurred enough for the AI to be allowed to be sloppy there.I still don’t see it. This just looks like one of those schizoid gangstalker images where they circle nothing.
From left to right:
-
The pattern on the tie is nonsensical and quite noisy
-
The edge of the sign above and below the man’s arm is discontinuous. It’s parallel but it “breaks”
-
The man’s ring is constricting the fuck out of his finger, and is also slightly offset from the finger’s position and angle
-
Same as 2 but horizontally
Ignoring that other person(?)'s garbage response, it’s a good breakdown and explanation
Honestly, it doesn’t look like AI to me. Funnily enough I think it’s exactly what the other reply said and it’s just badly photoshopped text on an existing image. But I do think their reasons for thinking it’s real are pretty terrible, and I still think the things I listed are sus, as they don’t look like typical artifacting to me.
In particular the detail on the ceiling in the background is quite clear and the spacing between the lights is consistent, and most other details seem to check out (the guy’s watch and clothes, people and stands in the background, veins on their hands, etc).
As a whole I would say it looks a bit uncanny just because of their poses and facial expressions, plus the weird design of the sign.
- I have a tie that’s the same pattern
- Using a straight edge, the sign is continuous. The white block makes it look like it’s not
- He might have gained weight since buying the ring
- Same as 2.
This is pretty clearly a real image that’s be photoshopped to change the words on the sign.
-
You don’t need to look at the details in this case, even. The whole sign-thing is distorted in an unnatural way
The Uncanny Valley hit me in the face directly, when I opened the image. That tie pattern makes no sense, the ring on his finger is at least 4 sizes too small, and the image makes very little sense either, like what would this have looked like originally without the badly shopped in text if it hadn’t been AI slop. Like what part of that sign is that dude on the left staring at? What is the other dude pointing out?
Oh shit the ring is the giveaway
I downvoted it the moment it popped up.
Been self hosting mail for over a decade and its never been easier thanks to stalwart. The IP block list thing is true though, but mostly you request removal once from Microsoft and spamhaus and that’s it.
What is stalwart?
A software stack for mail hosting
that third one killed it for me. I hate what the Internet has become. We need to setup a second Internet that somehow can’t be monetized.
It’s called the i2p network
Correct. Come to I2P and experience 90s internet again. It’s slow but has character, if by character you understand I mean anonymous Geocities.
Honest question: is there also a boatload of sketchy stiff to avoid if you just wanted to have a nice SFW time? Early 2000s internet before Google indexed everything had some pockets of unsavory.
Also, is it just a bunch of middle aged dudes in mostly text forums? That’s like 85% of my experience with 90s internet.
I haven’t stumbled upon much sketchy stuff, you’d need to know where it is and discovery is still fairly manual though indexing services exist. Of course you need to find those services in the first place…
Anonymity is more of a focus than 90s internet, so it’s hard to tell who anyone really is but you’re probably right. There are active Russian and Iranian dissident text forums though.
However, for me, it’s the people just hosting personal websites e.g., a darkwave radio site, or a cryptography blog. Obviously the barrier to entry means it leans fairly techy.
Cool, thanks for sticking with me and explaining.
To avoid? Remember when you had to go to Yahoo! Directory to find the few websites which exist? It’s like that.
Yes, to avoid. Boolean search operators looking by filetype led me to 2 instances of finding someones CP foolder circa 2000. No real easy way to report it back then.
I understand that 90s internet was much more streamlined and meager, withy own fair share of geocities pages. But I2P also exists in a more complicated time.
So it’s slow, barely contains anything, and near useless. Got it.
With black jack and hookers?
I’m locked in a contract with a company that enshittified their services a little and assigns restrictive IPs to non-Business customers that have been using port 25, but am switching to a more libre ISP as soon as it ends. I basically snoozed and didn’t realise the ISP hadn’t been rated the best for several years.
Al slop
Give it up, dude. The models that just recently came out are so good you are kidding yourself if you think you can tell them apart from photographs.
Wait, why? I thought I was generally gold at spotting these things, but here I’m struggling. The only thing that looks a little out of place to ne is the ring on his pointing hand, but that might genuinely be a dark band + shadow. What else have I missed?
The tie is the most egregious part, if you zoom in the pattern makes no sense at all.
Mostly to me it’s about the quality. Everything in focus is incredibly smooth, more so than you’d get with a normal camera or phone, while the background is blurred. This looks like a convension setting of some sort, they would’ve taken the photo with their scratched phone camera and posted it immidiately without trying to edit anything.
Also, the text is different on every board. The top 2 texts are oriented straight at the camera, while the bottom texts are angled a bit, but not angled equally. Indicating it wasn’t just copy pasted, but an attempt to get a new angle every time. This could just mean badly edited, but I’m going with AI on that part too, because someone badly editing a joke like this, would simply copy paste the first textbox after getting the angle sort of right.
I stopped hosting my own email servers many years ago, even when I was being paid for it. Any time anyone mentions DKIM or yahoo throttling or anything of that nature I get a thousand yard stare and and start to hyperventilate. I’m sure it easier when you aren’t sending 5 million messages a month, but who needs the headache.
What kind of operation was this? That’s 170,000 emails a day!
Backend provider for Realtors. New listing alerts and updates on properties that potential buyers were tracking.
Long ago I think it was 2006, I worked in a computer store/corporate it support that used to also be a 56k dial up isp. When i first got hired it was supposed to be like a paid internship. 2 weeks in the guy “mentoring” me was fired. Only other employees was the owner was had a PhD in information technology from 1984 and never kept up and his wife who did the accounting.
Over the next year he hired and fired probably 15 people and then decided he liked me enough to make me full time. He had no idea what he was doing and neither did I. Basically I was responsible for 8 business networks(including a 150 employee credit union), any computers a customer brought in, and our own internal network.
One day it was slow so I was browsing various web comics. The owner comes on at 1030(we opened at 900) furious with me. He claimed I was “reading a page with black text on a white background” which meant I was reading how to operate a spam business. That was his proof, a page with black text and a white background which he could not find my history.
He had received a letter from his isp that we were sending 2.5 million emails a day, we had 72 hours to resolve the issue or we were to be cut off. I argued that I didn’t run a spam operation, he had no proof and there were simpler explanations. It got so heated I quit, keep in mind I was only employee.
Next day the credit union was having a server issue and he had no one to fix it. He called me asking for me to return, I negotiated a $1 hour raise, an official written letter of apology, pay for time the previous day and that day and told him I would be back the following day.
I went in, solved the server issue(eventually found out cleaning crew was unplugging the power strip to plug in their vaccum over night and the server was configured not to restart when power returned). Went back to the office and talked with the owner. He showed me the letter and it identified 2 ip addresses as being the source. Neither was my computer and I didn’t recognize them. There was a command you could send over the terminal to open the CD tray based on ip address. I ran the command and basically walked around looking for a computer with open CD trays.
Turns out there was 2 servers, outside of our firewall directly facing the internet and yes for the memes they were originally dns servers from the 56k isp days. They were running original nt4, completely unpatched, with no security software installed and permanent outside facing ip addresses. I ran a virus scanner on it, I stopped when it detected over 100k infected files. Disconnected the servers, waited 10 minutes, called isp and effectively all email had stopped (the boss and myself both sent 1 email to confirm it was still working).
Spam farm.
