You may look at a problem and think "Aha!
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide
These are good threat model points to consider.I’ve had quite good experiences with nixOS simple mailserver and landing in people’s inboxes with 10/10 delivery on test websites. However, nothing really prevents Gmail (or others) from suddenly deciding to fuck over someone in particular by their choice (or gag order I guess)
Patching is always going to be an uphill battle for any non-managed service but can be made manageable. Setting and forgetting your infrastructure is just… not an option.
Subpoenas, I don’t even begin to know where to begin with that. It also depends on your location and country. If there exists guides for that, with actual legal opinions, then I have not seen it but would love to read it.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide The solution to all your new problems is the Jason Mendoza maneuver. Then you'll only have one big problem.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide I just receive my own email and use my isp to send it. as nature intended.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide I haven't had a call from police detectives since I stopped running a mixmaster remailer (not on the same system I run my private email on, I'm not crazy)... and TBH, Austrian police is pretty civilized. Now to get google to stop marking everything as spam, I'm still looking for a solution to that...
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide And modern email ecosystem is ridiculously complicated. With DKIM, SPF, DNSSEC and whatever else you need to get everything running reliably it requires serious commitment. Mess it up just a little and you’ll be left wondering why everybody has to turn over their trash bin in order to find your emails. What, DMARC is supposed to help? Yeah, now you’ll receive tons of notifications regularly leaving you wondering whether you’ve misconfigured something, the receiving server messed up or it’s about actual spam. And the existing software is woefully unprepared to handle anything beyond the basic SMTP protocol – or does your email server software of choice support SRS without requiring you to sacrifice your firstborn child?
I have my reasons to run my own email server but I wouldn’t recommend that to anybody these days. And even I gave up on sending emails from my server directly, delegating this task to my hosting provider instead – it just isn’t feasible.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide Which is as it should be.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide it takes some effort, which everything to stay safe requires.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide I don't get this. I've had multiple sysadmins look at me in abject forror when I tell them about the mailserver I've run at home for several years, and yet the only time I've ever had an issue, the receiving host responded with what I was doing wrong -which was a misconfigured dmarc. My emails do not go to spam. Gmail, Hotmail, all the others are happy to receive my electronic scratchings. I have rDNS properly configured. In fact, my own hosted email has been vastly more reliable than the email provided for me by several reputable domain providers.
There's so much fud about hosting email out there, it's really not that hard to do.
-
@evacide I don't get this. I've had multiple sysadmins look at me in abject forror when I tell them about the mailserver I've run at home for several years, and yet the only time I've ever had an issue, the receiving host responded with what I was doing wrong -which was a misconfigured dmarc. My emails do not go to spam. Gmail, Hotmail, all the others are happy to receive my electronic scratchings. I have rDNS properly configured. In fact, my own hosted email has been vastly more reliable than the email provided for me by several reputable domain providers.
There's so much fud about hosting email out there, it's really not that hard to do.
@northernscrub How many activist organizations that can expect to be targeted by court orders are you hosting on your mail server?
-
@northernscrub How many activist organizations that can expect to be targeted by court orders are you hosting on your mail server?
@evacide none, but I *am* hosting part of a community that has refused to enact the new OSA requirements, which runs both a revolt/stoat instance, and a bridge between that instance and our discord, two IRC rooms, and matrix room on a connected domain, for which the primary domain manages email. Perhaps small potatoes, but given my governments authoritarian stance on anything internet...
-
@evacide none, but I *am* hosting part of a community that has refused to enact the new OSA requirements, which runs both a revolt/stoat instance, and a bridge between that instance and our discord, two IRC rooms, and matrix room on a connected domain, for which the primary domain manages email. Perhaps small potatoes, but given my governments authoritarian stance on anything internet...
@northernscrub So none, then? Ok.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide@hachyderm.ion the answer is never run your own mail server. God that’s a pain in the ass.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide I've been running my own server for years. (I used to operate the mail for a tier-3 ISP.)
I can't recommend the practice lightly.
The main reason I can't recommend it has nothing to do with security - that's much easier to do these days than it's ever been.
It's exactly as you say: Gmail and the other secret email police don't want you to run your own stuff. Nevermind that the majority of my spam is coming in from G and O365 validated domains these days.
-
@evacide I don't get this. I've had multiple sysadmins look at me in abject forror when I tell them about the mailserver I've run at home for several years, and yet the only time I've ever had an issue, the receiving host responded with what I was doing wrong -which was a misconfigured dmarc. My emails do not go to spam. Gmail, Hotmail, all the others are happy to receive my electronic scratchings. I have rDNS properly configured. In fact, my own hosted email has been vastly more reliable than the email provided for me by several reputable domain providers.
There's so much fud about hosting email out there, it's really not that hard to do.
@northernscrub I hope you have some wood around to knock on. If your emails really get delivered reliably then this is just incredible luck, particularly for a server on a residential IP address. Having rDNS configured was sufficient a decade ago, maybe two. Now you need SPF, DKIM, and even then your emails may be dropped silently. I’ve got into the habit of emailing my own Gmail account with important mails first, just to see whether these would go to spam – they normally would, so I’d pull them out, and it increased the chances of the actual recipient seeing the email. Microsoft would just randomly blacklist my server with no way to appeal. And in case you are wondering: no, my server wasn’t sending any spam and in fact no bulk mail at all. Eventually I just had to give up: there is no way a low volume mail server can function today, so I started using my hosting provider’s email server as sending relay. Getting the server off blacklists is now their concern.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide Gmail will do whatever it wants under the pretense of helping the user, while Gmail originating spam will happily reach my inbox
-
@evacide@hachyderm.io
Problem: Google is marking all my e-mail as spam
Solution: I don't want to talk to people using gmail. -
Also, this isn’t supposed to be my full time job.
Also, also I have a hard enough time just getting through my inbox.
@CptSuperlative @evacide getting through your inbox isn't a problem anymore when Big Email
stop delivering to your server. -
@CptSuperlative @evacide getting through your inbox isn't a problem anymore when Big Email
stop delivering to your server.Is this the One Simple Trick to productivity I keep hearing about?!
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide
It's not that hard, but then I've been running my own mail server for over 20 years. You just have to keep on top of the latest demands such as DMARC and DNSSEC. -
@evacide I've been running my own server for years. (I used to operate the mail for a tier-3 ISP.)
I can't recommend the practice lightly.
The main reason I can't recommend it has nothing to do with security - that's much easier to do these days than it's ever been.
It's exactly as you say: Gmail and the other secret email police don't want you to run your own stuff. Nevermind that the majority of my spam is coming in from G and O365 validated domains these days.
@jhaas I tend to enter any sort of self-hosting carefully since I know how the sausage is made and don't like the idea of having to do urgent tech support for my own critical services for free after having to do it all day long. years ago a friend offered to host a VM for me to run my own mail server as he does for a number of other friends. I declined because, "then I'd have an idiot running my mail server"
