Home email server
Hi everyone,
This whole Clinton email server has got me thinking. I currently use an email service that is part of the U.S. PRISM surveillance program. I'd like to change this but I don't trust my mail to other services. How difficult and expensive would it be to set up a home email server, register a domain on a free/open source DNS, and run it myself. Additionally (and why I post about it here) would Trisquel be useful in making this happen? I don't have a formal education in computer science but I'm moderately knowledgeable.
Thanks.
I haven't done this myself, but based on the little that I've read about this topic, the main components are an MTA, to implement SMTP, and an MDA, for getting your mail locally (through IMAP or POP3). Also DKIM and spam filtering, and perhaps virus filtering and webmail.
There's a good guide here: http://arstechnica.com/information-technology/2014/02/how-to-run-your-own-e-mail-server-with-your-own-domain-part-1/
Here are some interesting blog posts related to running your own mail server
* B. Kuhn on spam http://www.ebb.org/bkuhn/blog/2015/09/15/email.html
* B. Mako Hill on the recipient's role https://mako.cc/copyrighteous/google-has-most-of-my-email-because-it-has-all-of-yours
I think everybody should run their own, we don't need the current gatekeepers.
I am a member!
I agree. A simple automated device would help with this. I'd like to see something like this combined with GPG built-in and a simplified user interface. Unfortunately SPAM filtering has made bringing mail in-house difficult. I think it is still doable, but doing it will be complicated.
I am a member!
Mailinabox (https://mailinabox.email) is very good and has made this easy to set up. The author insists it's designed to be run from a VPS, but I run it in a VM on my home server and it works marvellously. All you need is a static IP. The ability to set reverse-DNS at your ISP also helps.
SPAM isn't an issue for me - spamassassin works really well.
I would try https://yunohost.org (if I had time to administrate it...). Without ever enabling the "contrib" and "non-free" sections of the package repository, of course. This all-in-one solution looks very attractive. But, sure, a mail server can run on Trisquel. You can choose the "Postfix mail server" from 'sudo tasksel'... and then enter the most difficult parts: spam filtering, not being blacklisted by the popular email providers, etc.
I am a translator!
Easiest way I know of is ->
https://mailinabox.email/
I have a personal mail server, but I find that other's anti-spam systems make my email server almost unusable sometimes. In fact, one the only email service I could reliably communicate with is GMail. Others block my emails for reasons I could hardly fix. Most notably:
- They block me because of anti-spam services (namely Spamhaus) which labels whole IP ranges as spammers, because someone on that IP range did spam at some point. I can't just change my IP network, so I can't fix this problem.
- They block me because the reverse IP address doesn't correlated with my email's domain. I can't change that, only my ISP can, but it wouldn't bother doing it for a home Internet user.
Both are awful reasons to be completely blocked by someone, keeping in mind that I'm using DKIM, SPF and DMARC. This especially awful when I'm replying to someone, so they know I'm not a spammer, yet they still block me for no good reason.
If you have your own mail server, please don't go crazy on the spam filtering and think before blocking in mass.
" I can't change that, only my ISP can, but it wouldn't bother doing it for a home Internet user."
I guess my ISP is nice then: They did a reverse DNS sub-delegation so I control forward and backward DNS resolution. All from a small "mom and pop" ISP that allows servers in their TOS and assigns a group of static IPs (a /29) at no extra charge.
"They did a reverse DNS sub-delegation so I control forward and backward DNS resolution."
Sentences like this are the reason most people don't host their own email and probably never will ;) What I think is more realistic, at least in the short term, is setting up more not-for-profit community email hosts like RiseUp, and social enterprises like OpenMailBox, so that even non-geeks can have a choice of email services that are not pre-pwned by The Stacks (Hotmail, GMail, Yahoo etc).
Increasing the number of people who are competent at running mail servers for such organisations (and others kind of federated servers eg GNU Social/ Hubzilla) needs to be a priority for the software freedom movement. Especially sharing knowledge about how to harden such servers against interference, whether by states, corporations, spammers, or others.
I have to agree with you: I stopped watching the mailinabox tutorial when the guy said "this will take about an hour or two".
When you think that the people you communicate with must do as much for the whole thing to make sense, you can be that only a few would try it.
Even gpg is intimidating.
In the long run, maybe dark mail might be worth it.
Im using the ovpn.se VPN service which allow for static ip and reverse DNS self-administration. Personally using it for my from-home-self-hosted email server to avoid being spam-sorted.
Supertramp / lloydsmart: thank you both so much for pointing out Mailinabox. I migrated my personal domain to it a month ago. My Mailinabox server scores 10/10 at mail-tester.com and received an "A+" security evaluation from a scan by Qualys SSL Labs. I couldn't be happier with it.
I am a translator!
very good, knacky ^^
I was in your situation before - also surveillance concerned and learned computer stuff mostly due to interest instead of education. Im now self-hosting email successfully from home - not from a vps like mailinabox - without being spam-sorted by gmail and hotmail etc. If you (or someone else reading this) wants to migrate to home-hosting, then my own findings on home email server suites and some guides for self-hosting are here:
1. https://useritsecurity.wordpress.com/self-hosting-guides-2/how-to-easily-host-your-own-email-server/
2. under Webaddress / Domain and below: https://useritsecurity.wordpress.com/self-hosting-guides-2/self-hosting-general-guides/
I hope it's useful to someone.