Forgot your password?
typodupeerror
Google Software

Ask Slashdot: Self-Hosted Gmail Alternatives? 554

Posted by timothy
from the that-is-one-tall-order dept.
linkedlinked writes "I'm tired of building my sandcastles on Google's beachfront. I've moved off Docs, Plus, and Analytics, so now it's time to host my own email servers. What are the best self-host open-source email solutions available? I'm looking for 'the full stack' — including a Gmail-competitive web GUI — and don't mind getting my hands dirty to set it up. I leverage most of Gmail's features, including multi-domain support, and fetching from remote POP/IMAP servers. Bonus points: Since I'm a hobbyist, not a sysadmin, and I normally outsource my mail servers, what new security considerations do I need to make in managing these services?"
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Self-Hosted Gmail Alternatives?

Comments Filter:
  • Well, for starters, you want a damn good spam filter.
    • Re:Spam filtering (Score:5, Insightful)

      by baptiste (256004) <mike@@@baptiste...us> on Sunday August 07, 2011 @02:18PM (#37015682) Homepage Journal
      I think the whole exercise is short sighted. I've been there, done that. The amount of effort to keep everything running, updated, configured, etc is a PITA. Setting up a solid spam filter is a huge undertaking because it's a multi layered approach. SA or equiv, various milters, and more and you still won't come close to GMail. When I finally gave in and decided to switch to Google Apps I was floored by the improvement in Spam filtering. Are there quirks with Google' stuff. Sure. But they are improving it. I finally today got most of my stuff tied to my personal count migrated to my Apps account. The family enjoy using their apps accounts too compared to what we used to have. We've used IMP, Squirrel Mail, ROundcube, and others. Roundcube is the best in that group interface wise, but is still very buggy. Was Horde fun to play with way back before Google's services existed? Yup - because they were something not easily done elsewhere. But now? So good luck - it certainly can be done, but to be done right requires a lot of effort that's only worth it if you have nothign better to do or are a internet services admin at work and like to tinker at home. And even then... I can spend all that time spent screwing with my internet 'stack' and apply it to better things now that Google just handles the day to day stuff. Am I concerned about them 'owning' me - maybe a little. But so far, they've not done evil to me. Plus even if I wanted to migrate all my stuff back to a personal server again, Google Voice is the deal breaker for me. Can't live without it.
  • by Anonymous Coward

    Especially with email, I like the fact that I'm not going to accidentally break something, miss an email and lose my job.

    I also like that I'm not updating everything all the time with security updates. Google does all that for me.

    I also like the integration between all the services.

    I also like the two-factor authentication. (Good luck getting that set up on a self-hosted system, I suppose you could use X.509 on a USB drive or something).

    Don't fix what ain't broke.

    • Depends.

      While yeah, Google does all the grunt-work on the back-end, you still have all the hazards that any SaaS has... and it's not like GMail hasn't had its share of embarrassing security bombs or occasional outages (however brief they may have been) due to either the back-end, or the ISP you use to connect to it.

      • Depends.

        While yeah, Google does all the grunt-work on the back-end, you still have all the hazards that any SaaS has... and it's not like GMail hasn't had its share of embarrassing security bombs or occasional outages (however brief they may have been) due to either the back-end, or the ISP you use to connect to it.

        True - but you can download and remove from the server your mail so at least you can limit the damage while still having the benefits of letting GMail do the grunt work; unless of course Google caches all your mail somewhere else as well.

      • by DrgnDancer (137700) on Sunday August 07, 2011 @12:36PM (#37014852) Homepage

        I've been a sysadmin for about 15 years now. I used to host all my own e-mail, my own website, all that stuff. I had a webmail interface (Squirrelmail), spam filtering, IMAP, blah, blah blah. Then about 6 years ago I got deployed to Iraq. I couldn't use SSH from the DoD network, so updates became a big issue, spam became an issue as I couldn't maintain my filters easily. After a couple of months I went hosted on my domain. Web based admin tools meant I could maintain stuff without SSH, they had a much less "hands on" backup procedure (at the time mine involved CDs), the service was down less often than my DSL used to be... Honestly at this point I can't see the value in maintaining all this stuff for myself. I pay less for hosting than I would have to pay for a "business class" DSL or cable line for the static IP, they handle most of the hard work, and what they don't handle, I manage from a web based dashboard.

        There are tradeoffs and disadvantages, but for 80-90% of personal uses cases I can't see why you'd want to personally maintain a server these days. If you simply enjoy doing it, that's one thing. If you have a business of any size, again, there's a good argument for self hosting. For most people though, just pay someone to take care of the grunt work for you. You'll have less downtime, and spend a lot less of your free time fiddling with it.

        • If you simply enjoy doing it, that's one thing.

          Well, right there you've hit 99% of the "I'm running servers at home" demographic.

          Also, it gets you a few bonus geek points in sysadmin job interviews (not a joke).

        • Very possibly the most insightful post for this article, and I'm without mod points this week. If you value your time at all, and don't want to make your server one of your personal hobbies, it's always better to pay for email service - even it it means just getting a domain and buying an apps account (if you are scared of free).

      • Re: (Score:2, Insightful)

        by bickerdyke (670000)

        But Google has a whole team to counter any security threads.

        Good luck finding that for your one-person hobby server.

  • zimbra (Score:5, Informative)

    by lampsie (830980) on Sunday August 07, 2011 @11:43AM (#37014386)
    Grab yourself a Zimbra appliance from http://www.turnkeylinux.org/email [turnkeylinux.org] - up and running in a few minutes, and it should give you most of what you'd expect coming from Gmail.
  • by Xiph1980 (944189) on Sunday August 07, 2011 @11:45AM (#37014408)
    You do know that whatever email solution you choose, unless you use full encryption in all your email messages, outbound and inbound (good luck with that) it's still pretty much in the open, and anyone who knows what they're doing in the intermittant path, especially your internet provider, can intercept and read (parts of) those emails?
    At least google has proven their worth with standing up to the US gov't in stead of just bending over and giving them all plus some extra as some others have.
    • by CastrTroy (595695)
      One wonders why it has to be so public though. You can easily set up secure login and data transfer to your own servers. I would wonder why email servers wouldn't be able to set up secure services for sending mail between them. Sure at one time encryption may have been too much extra work, but now it seems like it would be quite advantageous without having too much extra load on the systems. It would be really nice if you could request a message to be sent using encryption between your mail host and the
      • Re: (Score:2, Informative)

        by Anonymous Coward

        Uh, look at the headers in one of your mesages. Nowadays, most mail transport agents ("email servers") will use encrypted channels for talking to each other. In a typical 2011 setup, there will be an encrypted connection between the sender's mail user agent and his mail relay, then an encrypted connection between that one and the destination user's mail transport agent, then an encrypted connection between the destination's imap server and his mail user agent.

        It's "open" in that this is transport security,

      • by PAjamian (679137)

        There is, it's called TLS (which is the same technology that modern SSL uses, so the same encryption used by https) and is implemented by STARTTLS. It establishes a secure connection between two email servers and sends the email off secure between them and it suffers from the following pitfalls:

        1. It only encrypts the data stream between two email servers that support it, or between the email server and client.
        2. The email is still decrypted and stored plaintext in the queue of any given email server, and

    • If you're running the SMTP server on your machine, and set it up to accept encrypted SMTP, most SMTP MTAs systems will encrypt mail to you and your ISP won't have access to it. The real issue is getting other people to accept SMTP from you, as opposed to deciding that any home internet connection that tries to send mail is a spam botnet zombie.

      And gmail may not be proactively handing the Feds everything they want on a whim, but if the Feds hand them a subpoena and a "don't tell the customer" order, they'l

  • Try Zimbra! (Score:3, Insightful)

    by i_want_you_to_throw_ (559379) on Sunday August 07, 2011 @11:47AM (#37014418) Homepage Journal
    My company uses Zimbra [zimbra.com]. It works pretty well for us.
    • My university just moved off Zimbra to Google Apps and most folks I know couldn't be happier.

      Zimbra had an annoying, Hotmail-esque interface and was missing many of Gmail's innovative labs features.

      It also had the disadvantage of, well, not being Gmail -- meaning the vast majority of folks I know use Gmail for their personal accounts, data security be damned, and thus having the same interface was a huge plus.

      Are you absolutely sure you need to do this (as opposed to, say, regular automated exports from Goo

      • by ZorinLynx (31751)

        >betting on a Google server failure or data breach

        Nah, it's not this.

        Google has proven they can no longer be trusted. People have had their accounts suspended for "name violations" and other perceived ToS violations that have led to loss of access to Gmail. They CLAIM to have fixed the issues, but then I see more people suspended. Also, their appeal process is inefficient and unreliable (I know one person waiting over two weeks now and their account still isn't fixed)

    • by msobkow (48369)

      I'll second that. Zimbra has the best HTML interface of any web-based email system I've ever used, but still supports "traditional" email clients as well.

  • Roundcube (Score:5, Informative)

    by wolrahnaes (632574) <sean&seanharlow,info> on Sunday August 07, 2011 @11:47AM (#37014422) Homepage Journal

    The best webmail UI I've used other than Gmail is Roundcube [roundcube.net]. It's simple, clean, and works quite well.

    • by booch (4157) *

      I'm also a big Roundcube fan, and use it on several sites. The nice thing about it is that you can just point it at an IMAP server, and it uses the IMAP server for authentication. It's quite easy to set up, and the GUI is a lot nicer than other competitors, like SquirrelMail.

      Zimbra is nice too, but seems to lock you into a full stack of software. (There have been promises of a stand-alone version, but I've never been able to find it.) That might be the right answer for the original poster, but I found it to

  • why? (Score:5, Insightful)

    by mr.dreadful (758768) on Sunday August 07, 2011 @11:51AM (#37014450)
    As a guy who ran email servers for a small organization, let me say enjoy it while you can, because email admin is a never-ending pain in the butt. The spam management, the 24x7x365 server monitoring for security issues, the blacklisting and DNS issues, and that people get really bitchy when their email service is disturbed in any way.

    That being said, I hear nice things about Zimbra.
    • Re: (Score:3, Interesting)

      by dbc (135354)

      Spot on. I ran my own full mail server for a while. It got old very fast. You really need at least two servers for fail-over and simply the ability to down one while you update the other. (And those two should be geographically separated so power outages don't take out both, etc.) *blech* So in the end what I've done is just have simple pop accounts, and then use fetchmail to pop the mail down to my own IMAP server. If my server goes down, I don't care, the mail just spools up at the ISPs (yes, multipl

      • by wagnerrp (1305589)
        So use a free service like rollernet to operate as a backup MX. If your server goes down, it spools up on their server and then gets pushed through whenever yours comes back online.
      • Re: (Score:2, Informative)

        by Anonymous Coward

        Spot on. I ran my own full mail server for a while. It got old very fast. You really need at least two servers for fail-over and simply the ability to down one while you update the other.

        No, you don't. If you are running a mail server just for yourself, you know it is going to be down, and you are probably trying to get it up again instead of reading mail. Other MTAs are required to hold on to mail they can't deliver for up to three days. If they don't, you probably didn't want that mail anyway.

        You do not need two servers for anything else than the DNS entries.

      • by Vellmont (569020)


        You really need at least two servers for fail-over and simply the ability to down one while you update the other. (And those two should be geographically separated so power outages don't take out both, etc.)

        Honestly, why would you go to that extreme for your own personal email? Do you have that level of redundancy for other pieces of equipment, like your car?

    • Re:why? (Score:4, Informative)

      by 1s44c (552956) on Sunday August 07, 2011 @12:21PM (#37014742)

      As a guy who ran email servers for a small organization, let me say enjoy it while you can, because email admin is a never-ending pain in the butt. The spam management, the 24x7x365 server monitoring for security issues, the blacklisting and DNS issues, and that people get really bitchy when their email service is disturbed in any way.

      I also manage such things. I don't know why you say it's a never-ending pain because that's just not my experience. I use BIND, Postfix+Postgrey, DNSBLs, Spamassassin, ClamAV, SPF, Cyrus, Roundcube, and Nagios monitoring everything. Every now and then I get someone panicking because he hasn't got mail for 4 hours, and every now and then I have to investigate where a specific mail went wrong. Every 2 years or so I rebuild the systems on a newer distro and in the mean time I apply updates as needed. I have learn/spam and learn/ham folders that all users can dump spam and ham in and spamassassin is trained from those. It is work to look after these things but I would not call it a never ending pain in the butt. Most of the time it just works.

      I totally agree about people getting bitchy when their email is disrupted in any way. I did have to go to work on xmas day once to reboot a crashed mail server. Guess it serves me right for using an old dell server for a critical service.

      • You don't understand why it's a never-ending pain while you're detailing how you have to do all of that stuff, which sounds like a full-time job? Look, if you're a sys admin, then it's not a never-ending pain; it's your job. But if it's not your job, it's a never-ending pain.

        For many other people, email is mission critical. If you lose your email or lose connectivity for a bit, you're fucked. So yes, you can go through all that effort to run your server on a Dell and risk losing all your data, but it's not

    • Re:why? (Score:4, Interesting)

      by Vellmont (569020) on Sunday August 07, 2011 @12:42PM (#37014906)

      I've hosted my own email for the past 15 years, and I simply don't see the problem you're describing at all. Spam is well handled by spamassassin. I've never had blacklisting or DNS issues. With just YOU controlling everything, and not multiple people, the change management problems are minimal. If you choose software with a proven track record, then the security problems become minimal. Install all your software from a linux distribution with multi-year support, turn on auto-updates, and the security problems mostly go away from all but the most dedicated and skilled attackers. You're a lot less juicy of a target than say Google, so the skilled attackers don't really care about you anyway. If it's just YOUR email, then the people getting bitchy is just you. I'd never host email for someone else. The only real issues are when the internet connection is down. Even then, you can get to any old mail, but new mail obviously doesn't come in. Even that you could fix with a low priority mx record pointed to a gmail account.

      The one thing I would caution is you need to know what the hell you're doing. The OP said he was "a hobbiest and not a system admin". Well, if you want to host your own email, you'll soon learn the skills to be a real system administrator, (or give up and go back to hosting).

      • by elbles (516589)
        I agree completely. I started hosting my own e-mail server when I was in college (~6 years ago now), and I've been running it ever since. I did a lot of learning as I went along, and the setup has been about as stable as you can possibly expect it to be running over a home connection. Just in case though, I threw in a VM from Linode earlier this year (initially acting as my primary MX and forwarding to my home server, but now acting only as my backup MX), which brings the reliability up to a pretty good sta
    • by Greyfox (87712)
      Ooh I'm jumping on this thread! I had a static IP and ran my own E-Mail server for years and it is a huge pain in the ass. Every time you think you've killed the spammers, another one gets through. Constantly having to worry that your set-up is secure is also a huge pain in the ass. Even finding a mail client that doesn't completely suck is a huge pain in the ass.

      I switched to google a few years ago and even though I'm not completely happy with them, the ass-pain factor is so much lower that I really don'

  • ... and I can safely write that there is no way you will ever achieve anything comparable to gmail.

    You can try:
    - squirrelmail, ugly and so last century
    - openwebmail, old-fashioned Perl webmail, not maintained any longer
    - zimbra mail, lots of functionalities and fancy features
    - roundcube, decent but nowhere near what you're hoping for

    Spam control on the server side is going to be an issue. You will have to use a combination of solutions (e.g. custom sendmail configs, RBL/XBL blacklists, spamassassin, greylis

  • Maybe not Zimbra (Score:5, Informative)

    by jra (5600) on Sunday August 07, 2011 @11:56AM (#37014490)

    I've run Zimbra for 3 years now, back to 5.0.9, which I installed for my then employer. The architectural people there have taken, right along, an attitude that I can characterize only as "RFCs? Who cares about those?"

    It doesn't handle fixed-pitch well; its editor won't re-wrap (though they might have finally fixed that in 7), it doesn't uknow from RFC 2369 -- in fact, it handles mailing lists poorly in general; notably, you can't change the Reply-To in any way when replying, if you generally want HTML off (as I do), the only way to turn it on is to dive into the Preferences and switch it, then reload; same turning off...

    Check for bugs filed on their bugzilla by jra@baylink.com if you want a full list of the ignominy. But in general, I would say: evaluate it pretty thoroughly to see if you can deal with its crap before deploying.

    It's *very* pretty. I just don't know if it's worth the trouble.

  • Thats funny (Score:5, Insightful)

    by WindBourne (631190) on Sunday August 07, 2011 @12:00PM (#37014526) Journal
    For over 15 years, I spent my time doing my own servers. Figured out that I was spending too much time doing server admin and not enough building sand castles. Now, I am on Google.
    • Re:Thats funny (Score:5, Informative)

      by Pieroxy (222434) on Sunday August 07, 2011 @12:07PM (#37014606) Homepage

      Same here. I had an online agenda, mail, address book and all that running from my dsl box. Things were fine. Now I am full 100% Google. There is no way anyone is going to approach this level of polish with a 10 foot pole with open source stuff. You can get things done, sure, but it's going to take a heck of a lot of time and the result will be nothing compared to Google. But your data is yours. Can't beat that.

    • by jedidiah (1196)

      I've had my own self-hosted email for years. Every so often I wonder if it would make sense to "outsource" it all.

      Then there was this rash of accounts being hacked on sites like Yahoo and that entirely cured me of any interest in depending on anyone else for this. I may not be the best mail admin out there but at least I don't have a target painted on my forehead. Whatever headache I have from being my own server admin is mitigated by not needing to explain myself to clueless rubes that think I've started s

      • Well, and that is understandable. That is also why I continue with a couple of domains and use google applications (though I do the web hosting on rackspace at this time). But, I used to enjoy doing my own server, etc. however, I have decided that I want a family and to focus on start-ups.
      • BTW, at some point, I will probably use fetchmail or some other daemon to copy our emails just to have local backups. But I will continue to use gmail to send. They handle too many things nicely and easily.
        As to their looking into my mail, well, yeah, they do. So does microsoft, apple, yahoo, etc. And when you send your email, even the backbone servers watch and record. But if security is a real issue, then simply encrypt it and that way only those on the commercial server will not know what you sent.

        W
      • by JAlexoi (1085785)

        I don't have a target painted on my forehead

        And that will be your undoing. As an admin you should feel like it, always. Because you are responsible for security. If you think small sites don't get hacked, then where are the spam relays coming from? A crapload of them are small MX'es hacked....

      • Re:Thats funny (Score:4, Insightful)

        by MojoRilla (591502) on Sunday August 07, 2011 @03:20PM (#37016166)
        So you offer two factor identification? SSL webmail?

        Gmail does.

        Security through being small isn't security.
  • ... + squirrelmail + apache + spamassassin (later switched to dspam)

    I used this guide: http://www.gentoo.org/doc/en/virt-mail-howto.xml [gentoo.org]

    It was great when it started out. It handles multiple domains. Handled spam well. Ran on a low end PC. Handled email for my family and a couple of friends.

    Then it became a fucking pain in the ass to maintain. Mainly the spam filtering started failing, and it was a resource drain. Switched from spamassassin to dspam which improved the situation. But dspam was a fucking chore

    • by jedidiah (1196)

      Training spamassasin is not that big of a deal really. Just automate a process for feeding it new bits of spam to train the filters. You can do this by just designating a standard place for it to look for new examples.

      It's Unix. If there are any "chores" then you probably failed to automate something and the solution is probably not that hard.

      • I've got the same setup and it is indeed a pain. I find myself having to constantly tweak my blacklists. Part of the problem is that we absolutely can't ever have any false positives, so I subtract points for DKIM and SPF. This would have been a great idea if companies like Yahoo! actually scanned their outbound mail before marking it as valid and hosting providers took faster action against spammers. Hurricane Electric and Rackspace seem to mostly just forward the abuse emails on to their customers, wh

  • by cshark (673578) on Sunday August 07, 2011 @12:04PM (#37014576)

    The whole beauty of gmail isn't that you get a lot of neat features. It's the fact that your email almost always gets from point a to point b. This is because you have the luxury of being on a "big" mail server. Smaller mail servers, like one that you or I would set up do not get special treatment. The whole system right now is stacked against small mail servers. The minute you hit operation, you'll find that you might already be on spam lists, and that you have to fight to get yourself off of them. The minute you find that you're off the lists, you'll probably end up back on them because someone three ip addresses away has been sending welcome emails from his web site, and someone forgot that they asked for one.

    If none of that scares you, the following list will get you close to what gmail can do.

    So here is what you need first and foremost:

    1. A dedicated server just for Zimbra with Domain Keys installed
    2. A block of 24-32 ip numbers. (49 ip numbers would be ideal, but it's harder to buy odd blocks like that.) Put your mail server as close to the middle of that range as possible. It sounds like a lot, but most collocation facilities can hook you up with this for 300-500 usd a month.
    3. Proactive attention to getting your ip block removed from all spam lists (especially Barracuda, their list is the most annoying for the high number of false positives) before the fact. Just let them know you exist.
    4. Pray that all of the hundreds of moving pieces you've just put in place don't break, that bad hackers don't brute force their way into your server. Strong passwords don't really help as much as people tell you they do either. That's now something you have to worry about too.

    So there you go.
    It doesn't make sense to me that you would try to do this for something that only you would use.
    The expense is too high, and the benefit just isn't there.

    Over the last few years, I've been offloading my email to the social networks and blogs. Facebook, Linked In, personal Drupal installations, Twitter, etc.

    They don't have a lot of the core problems that email has, and pretty much everyone I communicate with will use one or multiples of those.

    For everything else, I use Gmail for domains because, even if I end up upgrading and paying per account... it's still less of a headache than the Dante inspired hell that is managing my own email server.

    I hate running fucking email servers.
    Hate them.
    Hate.
    Hate.
    Hate.

    There. I feel better now.

    • by SJS (1851)

      The minute you hit operation, you'll find that you might already be on spam lists, and that you have to fight to get yourself off of them. The minute you find that you're off the lists, you'll probably end up back on them because someone three ip addresses away has been sending welcome emails from his web site, and someone forgot that they asked for one.

      It's partially a matter of what you want to deal with, and how comfortable you are with making some issues somebody else's problem. Set up your own system.

      • by rsborg (111459)

        Remember, telling a friend, relative, or business "*Your* system is rejecting my RFC-complaint emails. *You* should look into fixing that if you want to hear from me." is perfectly acceptable, even though a business telling you exactly the same thing isn't.

        I don't know who your friends or relatives are, but if anyone told me that, I'd personally put them on my ignore list, as I have way too many things to do, and have about 0 control with any of my email "systems".

        This kind of message is similar to "your government is not accepting my packages, *you* should look into fixing that if you want my deliveries"... it may be valid, but good luck with getting any meaningful response on that.

  • Why #2? (Score:5, Insightful)

    by theNAM666 (179776) on Sunday August 07, 2011 @12:04PM (#37014578)

    The previous "why" poster has it right. It's like you're complaining about success. You are never going to do it 50 percent as well as Google. -- don't try. Rolling your own is an academic exercise. Zimbra is ok-- if you can live in the 90s. Google is it. Just backup your data.

  • I know this isn't what your question is, and I respect your reasons (even though I don't understand them), but I think you'll find that most admins are going in the other direction. Email is something that should just work. When you host it yourself, you have to worry about a ton of factors... spam, incoming, outgoing, forwarding, being sure your mail isn't getting filtered by recipients' services (which requires a surprising amount of work from the default installations of most self-host services, though t

  • ...these guys:
    http://fastmail.fm/ [fastmail.fm]

    I think their staff frequent /., at least they have in the past. I'm not using them yet, but I keep the link handy for the day when I get kicked off my current server.

  • You have at least two good choices:

    1. You rent a Linux host, point a domain name to it, and set up your own email accounts on that domain by means of installing the relevant email software stack like IMAP/POP3 service etc. You host - your rules - you can set up your own spam filters, rules, actually you can do so much my rambling cannot even cover half of it. You certainly can install some form of web interface to access your mail on it.

    2. You do the same as above, but instead of renting, you just set up a

  • Kerio Connect is based on a lot of open-source technologies, and they do contribute back - but it is in itself a commercial product. For a small number of users, though, it's still a good value for those looking to DIY.

    (disclaimer: Though I'm a user of it, I'm also a fairly large reseller by Kerio standards and my business gets a lot of our revenue from it)

    The minus of Kerio is that it's commercial software and therefore not roll-your-own in nature. Limited tinkering is available. And to get updates after y

  • We used to run Kolab at the office until we switched to Google Apps. It wasn't bad.

  • Kerio Connect [kerio.com]. Can be free if you become a partner and have less than 5 users or $540 which is still a great deal IMO due to the ease of administration and being able to set it up in mere minutes with very little effort. You very well could spend many times this in effort trying to do it yourself with a free product.

    100% configurable via intuitive web GUI
    Multi-platform (Windows, Linux, Mac, VMWare)
    Very good multiple anti-spam features
    Full featured webmail, very near parity with MS Outlook.
    ActiveSync support

  • Why are you doing this?

    I guarantee you that any self-hosted system will have more downtime, and more overall management time than just sticking with Google or another provider.

    I wouldn't put the e-mail server and the Web/database server on the same machine. In fact, if you're going to do this right, you probably want a mail server in a datacenter that does nothing but receive the incoming mail and hold it back in case your local e-mail server is down. And once you've done that, you might as well be using a

  • have you considered Exchange ?
    • by ResQuad (243184) *

      Outlook Web App, at least as of Exchange 2007, sucked. 2010 is probably better, but IMO Outlook is still the main method of access that Microsoft is concerned with. The other issue with Exchange is typically poor anti-spam/anti-etc, at least built in. If you're willing to run your mail through another anti-spam service first... then you're ok.

      Otherwise, it actually isn't a bad option.

  • ...because in one breath, story submitter says he/she is ready to host his/her own email server, then the very next breath he/she is talking about hosted solutions.

    My recommendation? If you can't figure out what it means to "host my own email servers" as opposed to "outsource my mail servers," you should probably just stick with Gmail or another hosted provider.

    That said, I'll play: I've been hosting my own e-mail servers for 15 years now. That's 15 years of SpamAssassin tweaking, 15 years of qmail vs. p

  • by toygeek (473120) on Sunday August 07, 2011 @01:02PM (#37015070) Homepage Journal

    1) Install Linux
    2) Put all the software on it
    3) Be happy with yourself for mail actually working
    4) Get blocked by your friends email hosts because they have no idea who the hell your server is
    5) Learn about reverse dns, all the fucking host entries that you have to add so that you don't get automagically blocked by half the populated world
    6) Some asshole user sends email with no subject and an executable attachment, it comes back to them bounced and they scream at you.
    7) Same asshole user bitches and moans 3 times a day about how much spam they get and what a piece of shit your server is

    This ends up with the following consequences:

    1) Give up your life as an actual person. You're now a mail server admin
    2) You stop giving a shit about said asshole user.
    3) You start to second guess your decision to run your own mail server after somebody exploits something (weak password from asshole customer?) and sends half a million spam messages, and 2/3 of them bounce back at you.
    4) You start growing pale and have hideous dark bags under your eyes
    5) You're "that guy" in your apartment complex ("he never leaves!")
    6) Eventually you miss your life, the outside world, and what is left of your sanity.
    7) You start prioritizing your life and you finally give up and.....go back to Gmail.

  • by veg (76076) on Sunday August 07, 2011 @01:02PM (#37015074) Homepage Journal

    It's ironic for me that you should post this on the day after I just abandoned my last home-maintained mail server in favour of Google.
    For the past 15 years I've been a mail administrator in some capacity for a variety of mail systems ranging from my own personal colo to a vast multi-national corporation. Solving the technical problems of building and maintaining a functional and reliable system was fun for a number of years, especially when email was dominated by geeks. But nowadays, running your own server is a perpetual nightmare.

    First, there's the problem of where to host it. It has to be accessible wherever you are, and it has to be able to send mail out. If you're planning on hosting it at home, on the end of a cable/DSL/fios connection, bear in mind that your IP address will almost certainly be blackhole listed. Also, your ISP may well be blocking outgoing mail to prevent spam. You will probably have to configure your system to route all out going mail via your ISP's SMTP server. Why are you hosting an SMTP server again?
    If you're hosting it in a nice VM or in a colo, you're better off, but paying. Google costs you nothing.
    Next, storage. Obviously that's no problem because you have a mirrored RAID eleventy-five array you built yourself. If that's in the colo then you can forget about it - except when a drive goes bad or it crashes unexpectedly. But then it's fine because you're paying for support aren't you. And backups. You are backing it up aren't you?
    Next the server software. Personally I've had a lot of success with Sendmail/Cyrus IMAP/IMSP/Squirrelmail and friends, despite enduring jeers from other sysadmins who think they have a better combination. In the end, it doesn't matter. They all suck. They all need patching regularly. They all break. They all need tweaking on a regular basis.
    Then the final turd in the swimming-pool: spam. It costs you so, so much; bandwidth, around 95% of all of the inbound traffic is spam; time, configuring and maintaining spamassassin and various blackhole lists that occasionally start rejecting mail indescriminately; pride, the only time your clients contact you will be to ask why the mail is so slow and why there's so much spam. "But my gmail doesn't get this much spam - can't you filter it" they say, while you bite chunks out of your tongue. Spam to a mail administrator is like the gopher in Caddyshack: it will keep you awake and turn you into a monster. And the day will come where you, spam-slayer and junk-mail terminator, get put on a blackhole list for being a spammer. That's really fucking harsh the first time.

    I could go on. but we're already in the TL;DR territory.

    Most people do not host their own mail server. They live longer and healthier lives as a result. Follow their example and let Google worry about all of that for you - and in return you just have to pay them...nothing.

    • by discord5 (798235) on Sunday August 07, 2011 @03:20PM (#37016168)

      Personally I've had a lot of success with Sendmail/Cyrus IMAP/IMSP/Squirrelmail and friends, despite enduring jeers from other sysadmins who think they have a better combination. In the end, it doesn't matter. They all suck. They all need patching regularly. They all break. They all need tweaking on a regular basis.

      This! Even on the software side of things, it's constant fiddling and tinkering. I spent about 7 or 8 years administrating qmail and postfix. If it wasn't Spamassassin or the anti-virus going haywire, there would be some other issue. Some braindead mope setting his password to something ridiculous resulting in a flurry of spam sent out a week later, some guy infecting his laptop with something nasty and sending out a fuckton of spam... A bug in all the shit that glues qmail, spamassassin and the anti-virus together that generates a veritable shitstorm of bounce messages to yourself, resulting in more bounce messages to yourself until finally the queue is stuffed with bounce messages...

      Of course, nothing would be complete without the mail queue going corrupt. And once that happens you know you'll be making a tarball of that sucker and cleaning it as fast as possible to get it back online. After that you get do something fun, that's digging through the mailqueue with some obscure shell script from some guy who actually had this very rare thing happen to him too that one time, only with just a small difference, so it won't work out of the box of course. Oh, don't worry, at times like these there will be absolutely nobody breathing down your neck, especially not the person who told you to go F*** yourself when you suggested that it might be a good idea to not be so dependent on a single mail server.

      Then the final turd in the swimming-pool: spam.

      And the problem with spam is : once you've mitigated the issue you just KNOW that by this time next month you'll be at it again and again and... And then there's the problem of false positives. If someone so much as suspects having a false positive there's hell to pay. "You marked this as spam but this is an actual e-mail". Not "The mailserver marked this as..." but YOU.

      various blackhole lists that occasionally start rejecting mail indescriminately

      Oh, don't worry, the foam you have at the mouth that day can be reused in meetings about why the mailserver was rejecting all incoming e-mails.

      the only time your clients contact you will be to ask why the mail is so slow and why there's so much spam

      Or why they can't send out an attachment of 4GB, why their mailbox is full, why their mail from russianbrides.com isn't coming through, ... Oh don't worry, deep down you know by the sheer volume of mail you handle daily your users love you.

      put on a blackhole list for being a spammer. That's really fucking harsh the first time.

      That was the breaking point for me. I simply gave the mailserver an IP in a range that wasn't blacklisted and started looking for a new job. On my way out I congratulated the guy who was promoted to the new mail admin and whistled a merry tune as I shut the door behind me. I vowed never to touch mailservers again in my life and became a better person because of it.

      Take this advice and heed it well : Unless you have a REALLY good reason to do your own e-mail, just fucking don't. I'm sure that a lot of people are going to say "Run qmail", "Run postfix" or "Run sendmail" or whatever and point you towards a lot of incredible HOWTOs, but the truth is that's just the beginning of it, and it will slowly devour more and more of your time until one day somewhere between 10PM and 1AM you're upgrading some part of the mailserver again and wondering to yourself : "What happened? I used to do so many cool and interesting things..."

      If you don't want to deal with Google, find a reliable company you want to deal with and have them do it for you. Running a decent mailserver is just a pain in the ass.

  • Have you thought about buying a Technet Plus subscription and installing Exchange 2010 plus Forefront Protection for Exchange?
  • I have been doing it for years and it is not that big a deal once it is configured.
    If you want to get fancy then it can be a problem.
    We run courier (I wanted sendmail but lost ) using imap to our local net.
    it runs on a local virtual machine and is pretty much maintenance free.
    It can not be accessed from outside (the "fancy" part) and it has no spam filtering.
    The jewel in this is the alias file. Untrustworthy sites (most) get a specific alias.
    If I get spam with that I delete the alias.

  • I've got my own domain and hosting. I use that to manage all my email addresses and then forward them to Gmail. When I send an email in Gmail, it authenticates and sends it via the email address of my choice. This means that I get the benefit of google's interface, labels, spam filter etc without my email address belonging to them. Effectively, I can get the good stuff now and should they pick up the ball and go home I still have what I really need (access to the addresses people are using).

    The above mig
  • by Requiem18th (742389) on Sunday August 07, 2011 @02:06PM (#37015604)

    Even before opening this article I knew it would be overflowing with cries to drop this self-dependency stupidity and just surrender to the corporate gods.

    What the fuck?

    What is the purpose of free software if you are not supposed to use your freedom? You can build your system using open standards, install an open source OS with an open source mail server. But you will get blocked because you are not a business? More over, what is the purpose of freedom when you are not supposed to exercise it? It really has come to the point where "freedom" means "freedom to work for the system".

    It should not be like this, it doesn't have to be like this. There's plenty of solutions, something like WoT can be build to prevent spam much better than a simple "block everything not from gmail yahoo or hotmail" that's just business whoring.

    • by cgenman (325138) on Sunday August 07, 2011 @06:21PM (#37017372) Homepage

      The guy is "a hobbyist, not a sysadmin" and is looking for a self-hosted alternative webmail. The thing is, unlike a lot of other parts of life, mail hosting is basically a sewer of pain. Potholes and pitfalls are absolutely everywhere. To make a bad analogy, the guy basically posted "I'd like to be more independent. So I've decided to learn to fix my car, start growing some vegetables in my backyard. And, oh yes, have a baby. Are babies hard?" All of those are valid goals, that people everywhere should aspire to. But, as the germans say, he needs to be aware of the commitment and Kindersheisse of maintaining a mail server.

      And I've been on both sides of the "black-hole everyone's mail" problem. If a server is sending out spam, a single server can easily be sending out hundreds of pieces of spam to each and every one of your users per day. Chances are, that "server" is a hacked Windows XP box someone in their IP block left online (there really aren't anything other than hacked Windows XP boxes online these days). Or a server with inadequate protections that is being maliciously harnessed. Or someone put the address into a blacklist wrong. Either way, without these blacklists e-mail service as we know it would be over. And, unfortunately, there are people profiting from spam, fighting every bit as hard as the legitimate users to get off of the blacklists.

      And that's without taking into account the basic technological issues, like needing redundancy and response significantly higher than take-it-or-leave-it services. If your docs server is down, you have to wait a bit to access your documentation. If your mail server is down for long enough, you lose all of those messages. Also, all of your clients get messages that your system is down, but you don't. You get hit constantly by volumes of spam, leading to waves of DDOSing. People don't back any mail up, but require it to be available forever. And, this may just be personal perception, but I swear that all mail servers are coded to be suicidal.

      So yes, the effort put out to host one's own mail server is disproportional to the payoff in terms of personal information security. Because it's not building a server. It's committing to hosting an ongoing part of the mail ecosystem.

It's time to boot, do your boot ROMs know where your disk controllers are?

Working...