Ask Slashdot: Self-Hosted Gmail Alternatives? 554
linkedlinked writes "I'm tired of building my sandcastles on Google's beachfront. I've moved off Docs, Plus, and Analytics, so now it's time to host my own email servers. What are the best self-host open-source email solutions available? I'm looking for 'the full stack' — including a Gmail-competitive web GUI — and don't mind getting my hands dirty to set it up. I leverage most of Gmail's features, including multi-domain support, and fetching from remote POP/IMAP servers. Bonus points: Since I'm a hobbyist, not a sysadmin, and I normally outsource my mail servers, what new security considerations do I need to make in managing these services?"
zimbra (Score:5, Informative)
Roundcube (Score:4, Informative)
SquirrelMail is awesome for being simple, fast, and non-JavaScript.
If you want something more JavaScripty, there's Roundcube [roundcube.net].
It's not gmail, but the point is your data's yours.
Postfix/Dovecot setup tutorials [google.com]
Email is public anyway. (Score:3, Informative)
At least google has proven their worth with standing up to the US gov't in stead of just bending over and giving them all plus some extra as some others have.
Roundcube (Score:5, Informative)
The best webmail UI I've used other than Gmail is Roundcube [roundcube.net]. It's simple, clean, and works quite well.
Been doing this for a decade... (Score:2, Informative)
... and I can safely write that there is no way you will ever achieve anything comparable to gmail.
You can try:
- squirrelmail, ugly and so last century
- openwebmail, old-fashioned Perl webmail, not maintained any longer
- zimbra mail, lots of functionalities and fancy features
- roundcube, decent but nowhere near what you're hoping for
Spam control on the server side is going to be an issue. You will have to use a combination of solutions (e.g. custom sendmail configs, RBL/XBL blacklists, spamassassin, greylisting, procmail rules, smf-spf, j-chkmail) and it will take quite some time and effort to get everything fine-tuned.
For anti-virus, clamav works well
For IMAP I found that dovecot does a decent job. If you want to fetch from remote servers into your own server then fetchmail can do the job.
Usual security considerations apply - patch early, patch often.
You will spend long hours maintaining this, highly recommend using a log colorizer to help watching logs e.g. ccze
In the end you will feel you got a half-baked solution that doesn't even come close to comparing to gmail in terms of functionality, ease of user interface, security and spam control. But hey, it'll be your own stuff.
Maybe not Zimbra (Score:5, Informative)
I've run Zimbra for 3 years now, back to 5.0.9, which I installed for my then employer. The architectural people there have taken, right along, an attitude that I can characterize only as "RFCs? Who cares about those?"
It doesn't handle fixed-pitch well; its editor won't re-wrap (though they might have finally fixed that in 7), it doesn't uknow from RFC 2369 -- in fact, it handles mailing lists poorly in general; notably, you can't change the Reply-To in any way when replying, if you generally want HTML off (as I do), the only way to turn it on is to dive into the Preferences and switch it, then reload; same turning off...
Check for bugs filed on their bugzilla by jra@baylink.com if you want a full list of the ignominy. But in general, I would say: evaluate it pretty thoroughly to see if you can deal with its crap before deploying.
It's *very* pretty. I just don't know if it's worth the trouble.
Re:Thats funny (Score:5, Informative)
Same here. I had an online agenda, mail, address book and all that running from my dsl box. Things were fine. Now I am full 100% Google. There is no way anyone is going to approach this level of polish with a 10 foot pole with open source stuff. You can get things done, sure, but it's going to take a heck of a lot of time and the result will be nothing compared to Google. But your data is yours. Can't beat that.
Re:why? (Score:4, Informative)
As a guy who ran email servers for a small organization, let me say enjoy it while you can, because email admin is a never-ending pain in the butt. The spam management, the 24x7x365 server monitoring for security issues, the blacklisting and DNS issues, and that people get really bitchy when their email service is disturbed in any way.
I also manage such things. I don't know why you say it's a never-ending pain because that's just not my experience. I use BIND, Postfix+Postgrey, DNSBLs, Spamassassin, ClamAV, SPF, Cyrus, Roundcube, and Nagios monitoring everything. Every now and then I get someone panicking because he hasn't got mail for 4 hours, and every now and then I have to investigate where a specific mail went wrong. Every 2 years or so I rebuild the systems on a newer distro and in the mean time I apply updates as needed. I have learn/spam and learn/ham folders that all users can dump spam and ham in and spamassassin is trained from those. It is work to look after these things but I would not call it a never ending pain in the butt. Most of the time it just works.
I totally agree about people getting bitchy when their email is disrupted in any way. I did have to go to work on xmas day once to reboot a crashed mail server. Guess it serves me right for using an old dell server for a critical service.
Worth the hassle (Score:1, Informative)
Re:Email is public anyway. (Score:2, Informative)
Uh, look at the headers in one of your mesages. Nowadays, most mail transport agents ("email servers") will use encrypted channels for talking to each other. In a typical 2011 setup, there will be an encrypted connection between the sender's mail user agent and his mail relay, then an encrypted connection between that one and the destination user's mail transport agent, then an encrypted connection between the destination's imap server and his mail user agent.
It's "open" in that this is transport security, not end-to-end encryption. The message is still present in an unencrypted form on each of the systems involved in transmitting it. And none of these steps are guaranteed to be encrypted -- normally, the MTA will just fall back to an unencrypted connection if the other host does not advertise that it can receive encrypted data. But it's not exactly public, either.
Re:why? (Score:2, Informative)
Spot on. I ran my own full mail server for a while. It got old very fast. You really need at least two servers for fail-over and simply the ability to down one while you update the other.
No, you don't. If you are running a mail server just for yourself, you know it is going to be down, and you are probably trying to get it up again instead of reading mail. Other MTAs are required to hold on to mail they can't deliver for up to three days. If they don't, you probably didn't want that mail anyway.
You do not need two servers for anything else than the DNS entries.
You're opening the door to a world of pain. (Score:5, Informative)
It's ironic for me that you should post this on the day after I just abandoned my last home-maintained mail server in favour of Google.
For the past 15 years I've been a mail administrator in some capacity for a variety of mail systems ranging from my own personal colo to a vast multi-national corporation. Solving the technical problems of building and maintaining a functional and reliable system was fun for a number of years, especially when email was dominated by geeks. But nowadays, running your own server is a perpetual nightmare.
First, there's the problem of where to host it. It has to be accessible wherever you are, and it has to be able to send mail out. If you're planning on hosting it at home, on the end of a cable/DSL/fios connection, bear in mind that your IP address will almost certainly be blackhole listed. Also, your ISP may well be blocking outgoing mail to prevent spam. You will probably have to configure your system to route all out going mail via your ISP's SMTP server. Why are you hosting an SMTP server again?
If you're hosting it in a nice VM or in a colo, you're better off, but paying. Google costs you nothing.
Next, storage. Obviously that's no problem because you have a mirrored RAID eleventy-five array you built yourself. If that's in the colo then you can forget about it - except when a drive goes bad or it crashes unexpectedly. But then it's fine because you're paying for support aren't you. And backups. You are backing it up aren't you?
Next the server software. Personally I've had a lot of success with Sendmail/Cyrus IMAP/IMSP/Squirrelmail and friends, despite enduring jeers from other sysadmins who think they have a better combination. In the end, it doesn't matter. They all suck. They all need patching regularly. They all break. They all need tweaking on a regular basis.
Then the final turd in the swimming-pool: spam. It costs you so, so much; bandwidth, around 95% of all of the inbound traffic is spam; time, configuring and maintaining spamassassin and various blackhole lists that occasionally start rejecting mail indescriminately; pride, the only time your clients contact you will be to ask why the mail is so slow and why there's so much spam. "But my gmail doesn't get this much spam - can't you filter it" they say, while you bite chunks out of your tongue. Spam to a mail administrator is like the gopher in Caddyshack: it will keep you awake and turn you into a monster. And the day will come where you, spam-slayer and junk-mail terminator, get put on a blackhole list for being a spammer. That's really fucking harsh the first time.
I could go on. but we're already in the TL;DR territory.
Most people do not host their own mail server. They live longer and healthier lives as a result. Follow their example and let Google worry about all of that for you - and in return you just have to pay them...nothing.
Re:Spam filtering (Score:5, Informative)
And that makes you Google's bitch.