All this new excitement with Lemmy and federation has got me thinking that maybe I should learn to run my own instance. What always comes up though is how email is the orginal federated technology.

I am looking at proxmox and see that is has a built in email server, so now I am wondering if it is time to role my own.

I stopped using gmail a long time ago, and right now I use ProtonMail, but I am super frustrated with the dumb limitation of only having a single account for the app. I get why they do it, and I am willing to pay, but it is pricey and I don’t know if that is my best option. I guess it is worth it since ProtonVPN is included. It looks like they are expanding their suite.

Is it worth it? Can I make it secure? Is it stupid to run it off a local computer on my home network?

  • Album@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    2 years ago

    Your own email server requires near 100% uptime or you risk not receiving critical emails. If a remote email server is trying to contact your email server and it can’t it’s only going to retry a few times and then give up. Hosting this yourself sounds great until you realize high uptime is not cheap and requires constant attention.

    Setting it up securely can be difficult depending on your understanding of server infrastructure as well as protocols like DNS. You need to set up SPF, DKIM, DMARC, etc in order to prevent someone from faking an email from your server.

    Of course, federated email does not use SPF/DKIM/DMARC because the whole point is that someone from another server could use your server to send an email (hence the federation). Open email servers were common 20 years ago but very rare today. That makes setup easier, but the main caveat is that most known non-federated email servers will reject email from servers that don’t have SPF/DKIM/DMARC because they generally end up being havens for bots and spam since there is no verification or authenticity of the sender.

    As someone who self hosts a lot of things, I would never self host my email. If i did I would be paying for two boxes in different parts of the world on different ISPs to provide that uptime. I would definitely set it up securely and not as a federated server otherwise it would be practically unusable for day to day emails.

    • Saik0@lemmy.saik0.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 years ago

      Your own email server requires near 100% uptime or you risk not receiving critical emails.

      I disagree. You can take some amount of downtime without issue.

      https://wpmailsmtp.com/docs/how-to-automatically-resend-a-failed-email/ as an example for some services.

      Many services (including postfix by default) will attempt a number of resend operations before it gives up.

      Of course, federated email does not use SPF/DKIM/DMARC because the whole point is that someone from another server could use your server to send an email (hence the federation).

      What? All email is federated. What are you talking about here? SPF/DKIM/DMARC are on top of email… and have nothing to do with the federated property of email. Federation does not mean that you login or use another server. But that you have your instance, and the servers hash out the cross communication amongst themselves. That’s EXACTLY what email servers do using SMTP.

      I would definitely set it up securely and not as a federated server otherwise it would be practically unusable for day to day emails.

      If your email wasn’t federated then you would get emails from anyone outside of your own instance. That would make email useless for 99% of the world.

      • Album@lemmy.ca
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 years ago

        I take “federated email” to refer to a juxtaposition with normal email implementation which harkens back to how it was in the 90s or early 00s where you didn’t need to be registered on many SMTP servers in order to use it and it’s stripped of server-side validation. There’s some discussion on this topic in the fediverse.

        You’re right that the default current implementation is already federated.