avatarJeremy Cheng

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

2180

Abstract

ce of technologies:</p><ul><li><a href="https://www.iredmail.org/">iRedMail</a> — Docker all-in-one is not production ready and <a href="https://www.sogo.nu/">SoGo</a> is too heavy for me while falling short compared to NextCloud in many non-e-mail aspects.</li><li><a href="https://mailcow.email/">MailCow</a> — Multiple containers for just mail and uses <a href="https://www.sogo.nu/">SoGo</a> as well :(</li><li><a href="https://mailinabox.email/">Mail-In-A-Box</a> — No official docker image and <a href="https://roundcube.net/">RoundCube</a>… yuk… Plus Mail-In-A-Box needs to manage your DNS…. I get why but I want to manage my own DNS for more reasons than I can cover here.</li></ul><p id="3c85">As you can tell from the above, while each of them have their own perks and comes with a simple web interface to administer your e-mail service, they all fell short when it came to the choice of components for me and none of them were really “easy” enough to setup to offset the sub-par choices. Plus, I don’t mind doing everything from the terminal so whether or not there’s a web interface to manage my mail service is almost irrelevant.</p><p id="134b">As such, I decided to use some of my knowledge from all the years of working with e-mail servers and set out to build a solution of my own as a fun side-project. During this process, I evaluated and built each component into 4 logically separated docker containers:</p><figure id="98ed"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*ZYBKpQ0m2YjHZOIxRJso7w.png"><figcaption></figcaption></figure><p id="3483">And derived the following lists of technology choices that make up my custom solution.</p><p id="be2e"><b>Docker Host:</b></p><ul><li>Let’sEncrypt — SSL used by all containers for https, imaps, and smtps</li></ul><p id="b312"><b>Reverse Proxy:</b></p><ul><li><a href="https://github.com/nginx-proxy/nginx-proxy">jwilder/nginx-proxy</a>— Stock Docker image automating the reverse proxying of web, webmail, and NextCloud</li></ul><p id="2285"><b>Web container:</b></p><ul><li>Niginx — Serving mta-sts</li></ul><p id="354a"><b>Mail/WebMail container:</b></p><ul><li>Postfix — Smtp and smtps</li><

Options

li>Postgrey — Grey listing</li><li>OpenLDAP — Authentication</li><li>SASL — Authentication</li><li>AMavis — Anti-Virus</li><li>ClamAV — Secondary Anti-Virus</li><li>SpamAssassin — Spam Filter</li><li>OpenDKIM — DKIM signing</li><li>Dovecot — IMAPs</li><li><a href="http://www.rainloop.net/">Rainloop</a> — WebMail</li><li>Nginx — to serve Rainloop</li><li>postfix-policyd-spf-python — SPF</li><li>postfix-mta-sts-resolver — MTA-STS</li><li>DNS Configs — SPF, DKIM, DMARC, MTA-STS</li><li>Test mail server with <a href="https://checktls.com">checktls.com</a>:</li></ul><figure id="5992"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*1PM7p8zvYiXQ0PJ5lRHRpA.png"><figcaption></figcaption></figure><p id="3218"><b>NextCloud Container:</b></p><ul><li>OpenLDAP Auth (Client)</li><li>Calendar</li><li>WebMail — So that calendar can be integrated with e-mail</li><li>Contacts</li><li>File Storage</li><li>Video Conferencing</li><li>Web-Based Office</li></ul><p id="63d5"><b>*Note: </b>The NextCloud container is actually 2 containers in reality. One for web and one for DB.</p><p id="fab5">That’s it! Based on the above setup, I have been happily self-hosting my own personal e-mail service covering all the features that I use with Google. The only thing that might be missing is activesync for those who actually want to use Outlook related products but I don’t and I am perfectly happy with Geary and the super lean and fast Rainloop for web mail. Perhaps, the only not immediately fixable downside with what I have so-far is that as of now, recipients of my e-mails may have to mark my first e-mail as “not spam” or have my e-mail address added to their contact list first before my e-mails start to directly land in their inboxes instead of their spam folders but I guess this is a small price I am willing to pay to have full-control over my data. Who knows… as my sender reputation increases and maybe some further tweaking of what I have, this may no longer be an issue either.</p><figure id="7b8c"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*TMKDl90gOlIUu6uL09aodg.png"><figcaption>Rainloop Web Mail</figcaption></figure></article></body>

CODEX

Tech Choices for Self-Hosting E-Mail

Taking Steps Towards Enhancing My Personal Life’s Privacy

According to TechJury, as of 2020, GMail owns 43% of the e-mail services market share which equates to over 1.8 billion users. There’s a good reason for this as Google runs what’s questionably the best e-mail service out there with a long and distinguished list of associated integrated features that make all of our lives easier.

Part of the reason why I still recommend GMail to my friends and also GSuite (or Google Workspace… they keep changing names) to all of my clients is because there’s pretty much no way for anyone not dedicated to running e-mail services to even come close to Google given the inherited user familiarity, manageability, and deliverability of GMail. In fact, even someone like myself who started their career as an “E-Mail Administrator” have grown to become a long-time customer of GSuite because it really allows technical folks to focus on more important things than to troubleshoot and maintain an e-mail server which can be a tedious up-taking.

However, recently, I have been thinking about how I might potentially de-google a portion of my personal life by hosting my own e-mail and file sharing services once again in exchange for more flexibility and privacy; something I haven’t really done since Google Apps (GSuite/Workspace’s former name) came to life in the mid to late 2000’s. Of course, right off the bat, I was hoping there are easier solutions now-a-days just as how coding has become much simpler over the years with all the growing amounts of opensource libraries and such. Unfortunately, while there are options out there, none of them seem to come close to meeting my needs. Here are some of the better options that are out there which I have looked at but fall short from my perspective when it came to the choice of technologies:

  • iRedMail — Docker all-in-one is not production ready and SoGo is too heavy for me while falling short compared to NextCloud in many non-e-mail aspects.
  • MailCow — Multiple containers for just mail and uses SoGo as well :(
  • Mail-In-A-Box — No official docker image and RoundCube… yuk… Plus Mail-In-A-Box needs to manage your DNS…. I get why but I want to manage my own DNS for more reasons than I can cover here.

As you can tell from the above, while each of them have their own perks and comes with a simple web interface to administer your e-mail service, they all fell short when it came to the choice of components for me and none of them were really “easy” enough to setup to offset the sub-par choices. Plus, I don’t mind doing everything from the terminal so whether or not there’s a web interface to manage my mail service is almost irrelevant.

As such, I decided to use some of my knowledge from all the years of working with e-mail servers and set out to build a solution of my own as a fun side-project. During this process, I evaluated and built each component into 4 logically separated docker containers:

And derived the following lists of technology choices that make up my custom solution.

Docker Host:

  • Let’sEncrypt — SSL used by all containers for https, imaps, and smtps

Reverse Proxy:

  • jwilder/nginx-proxy— Stock Docker image automating the reverse proxying of web, webmail, and NextCloud

Web container:

  • Niginx — Serving mta-sts

Mail/WebMail container:

  • Postfix — Smtp and smtps
  • Postgrey — Grey listing
  • OpenLDAP — Authentication
  • SASL — Authentication
  • AMavis — Anti-Virus
  • ClamAV — Secondary Anti-Virus
  • SpamAssassin — Spam Filter
  • OpenDKIM — DKIM signing
  • Dovecot — IMAPs
  • Rainloop — WebMail
  • Nginx — to serve Rainloop
  • postfix-policyd-spf-python — SPF
  • postfix-mta-sts-resolver — MTA-STS
  • DNS Configs — SPF, DKIM, DMARC, MTA-STS
  • Test mail server with checktls.com:

NextCloud Container:

  • OpenLDAP Auth (Client)
  • Calendar
  • WebMail — So that calendar can be integrated with e-mail
  • Contacts
  • File Storage
  • Video Conferencing
  • Web-Based Office

*Note: The NextCloud container is actually 2 containers in reality. One for web and one for DB.

That’s it! Based on the above setup, I have been happily self-hosting my own personal e-mail service covering all the features that I use with Google. The only thing that might be missing is activesync for those who actually want to use Outlook related products but I don’t and I am perfectly happy with Geary and the super lean and fast Rainloop for web mail. Perhaps, the only not immediately fixable downside with what I have so-far is that as of now, recipients of my e-mails may have to mark my first e-mail as “not spam” or have my e-mail address added to their contact list first before my e-mails start to directly land in their inboxes instead of their spam folders but I guess this is a small price I am willing to pay to have full-control over my data. Who knows… as my sender reputation increases and maybe some further tweaking of what I have, this may no longer be an issue either.

Rainloop Web Mail
Email
Linux
Docker
Self Hosted
Privacy
Recommended from ReadMedium