<div dir="ltr"><div dir="ltr" class="gmail_msg">Back to the roll-your-own-email-server idea..  Linux.com is currently running a multipart series on building an email server, written by Carla Shroder, at <a href="https://www.linux.com/learn/how-build-email-server-ubuntu-linux" class="gmail_msg" target="_blank">https://www.linux.com/learn/how-build-email-server-ubuntu-linux</a><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg"><br class="gmail_msg"></div></div><br class="gmail_msg"><div class="gmail_quote gmail_msg"><div dir="ltr" class="gmail_msg">On Thu, 15 Dec 2016 at 10:30 Chamunks <<a href="mailto:chamunks@gmail.com" class="gmail_msg" target="_blank">chamunks@gmail.com</a>> wrote:<br class="gmail_msg"></div><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr" class="gmail_msg">Any example of a SaaS filter because I thought that SaaS meant something else.</p>
<br class="gmail_msg"><div class="gmail_quote gmail_msg"><div dir="ltr" class="gmail_msg">On Thu, Dec 15, 2016, 10:05 AM Cedric Puddy <cedric@ccj.host> wrote:<br class="gmail_msg"></div><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg"><div class="gmail_msg">tl;dr: I recommend using a outside SaaS inbound/outbound email filter to keep the jerks from causing you hassle -- I think that cuts out 90% of the hassle of running your own server.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">------------</div>Setting up a straight-forward SMTP/POP/IMAP mail server is pretty straightforward, most have decent implementation how-tos written; though I might be remembering my own learning process through rose-tinted glasses -- perhaps it was harder to learn to than I remember.<div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">I used to use Sendmail extensively, and now I use EXIM (under cPanel, which, granted, automates several of the key points of setting up a mail server, but costs enough that it's not practical for revenue-free projects), but the tuning, understanding delivery rules, being able to understand the and correct the behaviour of the system remains. </div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">We've got tonnes of accounts in there, multiple servers, etc... but the biggest simplifying factor that keeps the wily internet jerks at bay is choosing to use an outsourced SaaS email filter on both inbound and outbound email; if your goal is guaranteed privacy*, or absolute minimal cost, then this might not be an option; for people running like me trying to run a service, and don't want to be fighting with RBL blacklist operators, wondering what to do when someone tries to DDOS your SMTP port, etc, then it's very viable indeed, especially if you have a small number of users.  </div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">The key point is that when outbound mail goes out, it goes out via the filtering providers outbound relay nodes (and if they want to keep getting paid, they've got to make sure those nodes stay off blacklists, etc), and when mail comes in, the only thing they can talk to is the relay provider (who has security and network people to deal with all the inbound crazy, DDOS crap, etc).</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">Something to consider anyway; I expect to be always running mail servers for myself and clients, and I have no plans to ever do so without a managed filter in front of those machines.</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">-Cedric</div><div class="gmail_msg"><br class="gmail_msg"></div><div class="gmail_msg">*(if you believe that email can be secured, without encrypting content, and even then that the meta-data is nothing to worry about, and the fact the servers you communicate with can be huge info leaks you can control or monitor ... all I'm saying is that the SaaS filter has to be considered in context.  If you already encrypt 100% of your email body text, use smtp mixers via Tor from a VPN exit node in Sweden, and etc, etc to accomplish perfect info-sec, then yeah, you probably don't want or need a SaaS filter)<br class="gmail_msg"></div></div><div class="gmail_extra gmail_msg"><br class="gmail_msg"><div class="gmail_quote gmail_msg"></div></div><div class="gmail_extra gmail_msg"><div class="gmail_quote gmail_msg">On 15 December 2016 at 00:06, Chamunks <span dir="ltr" class="gmail_msg"><<a href="mailto:chamunks@gmail.com" class="gmail_msg" target="_blank">chamunks@gmail.com</a>></span> wrote:<br class="gmail_msg"></div></div><div class="gmail_extra gmail_msg"><div class="gmail_quote gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="gmail_msg">I figured since I accidentally threadjacked that last conversation about NextCloud that I would start a new one.<br class="gmail_msg"><br class="gmail_msg"><font face="monospace" class="gmail_msg"><span class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031inbox-inbox-fX gmail_msg" style="display:inline-block;font-weight:bold;color:rgb(33,33,33);font-size:13px;white-space:nowrap">B.S.</span><span style="color:rgb(117,117,117);font-size:13px;white-space:nowrap" class="gmail_msg"><span class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031inbox-inbox-Apple-converted-space gmail_msg"> </span><<a href="mailto:bs27975.2@gmail.com" class="gmail_msg" target="_blank">bs27975.2@gmail.com</a>></span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031inbox-inbox-Apple-interchange-newline gmail_msg"><i class="gmail_msg"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">Running one's own e-mail server is always a popular topic.</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">Any amount of poking into the idea quickly reveals an unexpected amount</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">of complexity and gotchas, which can be daunting - perhaps not so much</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">e-mail / the server itself, but the necessary ecosystem that surrounds</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">it in today's world. Let alone if you expand the topic to</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">'communications' (instant messaging, 'skype', IRC, and the like). I</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">expect many skitter away from the idea rather quickly.</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">Yet many do it, presumably happily and successfully.</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">[Mind you, I thought the same thing about voip /<span class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031inbox-inbox-Apple-converted-space gmail_msg"> </span></span><a href="http://voip.ms/" rel="noreferrer" class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="font-size:13px" target="_blank">voip.ms</a><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">, but</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">eventually, especially after posts from John, Oksana, and Raul, haven't</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">looked back since.]</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">Any favourite 'how to' links out there?</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">(Such seem to be a moving target, it can be hard to discern what's</span><br class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514m_2438836958039303031gmail_msg gmail_msg" style="color:rgb(33,33,33);font-size:13px"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg">'current'.)</span></i></font><br class="gmail_msg"><div class="gmail_msg"><i class="gmail_msg"><span style="color:rgb(33,33,33);font-size:13px" class="gmail_msg"><br class="gmail_msg"></span></i></div><div class="gmail_msg"><font color="#212121" class="gmail_msg"><a href="https://mailinabox.email/" class="gmail_msg" target="_blank">https://mailinabox.email/</a> if you trust the concept of curl'ing directly to bash.  I've been tempted to try and get all of the dependencies pulled into one gigantic docker image and see if I can't get it running there. Just seems kinda crazy complex it includes everything like even a damn DNS provider so that it can just update its own DNS records which will open you up to DDOS problems.  <br class="gmail_msg"></font><br class="gmail_msg">There are a few dockerized megalithic containers now that exist that can theoretically ship all of the stuff you need too but I think that MailInABox recommended via <a href="https://privacytools.io" class="gmail_msg" target="_blank">https://privacytools.io</a> sounds like just about the most promising.  <br class="gmail_msg"><br class="gmail_msg">I personally would prefer using something more like <a href="https://www.rainloop.net/" class="gmail_msg" target="_blank">Rain Loop</a> which might actually help me encourage myself to use PGP.  I don't trust options that offer to host my PGP keys on someone else's proprietary service but I also need to have sync.  Also, my biggest problem is Protonmail may boast a great concept but I don't need yet another damn app on my phone that's going to burn my battery.  It also needs to be something that I'll actually check too so I realize modern convenience has made this somewhat of a tall order but I don't want my stuff in the cloud anymore.</div></div>
<br class="gmail_msg"></blockquote></div></div><div class="gmail_extra gmail_msg"><div class="gmail_quote gmail_msg"><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">_______________________________________________<br class="gmail_msg">
kwlug-disc mailing list<br class="gmail_msg">
<a href="mailto:kwlug-disc@kwlug.org" class="gmail_msg" target="_blank">kwlug-disc@kwlug.org</a><br class="gmail_msg">
<a href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" rel="noreferrer" class="gmail_msg" target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br class="gmail_msg">
<br class="gmail_msg"></blockquote></div><br class="gmail_msg"><br clear="all" class="gmail_msg"><div class="gmail_msg"><br class="gmail_msg"></div>-- <br class="gmail_msg"><div class="m_-6817437327291794107m_-5329022943896801591m_-66847420227271514gmail_signature gmail_msg" data-smartmail="gmail_signature"><div dir="ltr" class="gmail_msg">







<p class="gmail_msg">|  CCj/ClearLine - Hosting and TCP/IP Network Services since 1997</p>
<p class="gmail_msg">|  118 Louisa Street, Kitchener, Ontario, N2H 5M3, <a href="tel:(519)%20489-0478" value="+15194890478" class="gmail_msg" target="_blank">519-489-0478x102</a></p>
<p class="gmail_msg">\________________________________________________________</p>
<p class="gmail_msg">   Cedric Puddy, IS Director            cedric@ccj.host</p></div></div>
</div>
_______________________________________________<br class="gmail_msg">
kwlug-disc mailing list<br class="gmail_msg">
<a href="mailto:kwlug-disc@kwlug.org" class="gmail_msg" target="_blank">kwlug-disc@kwlug.org</a><br class="gmail_msg">
<a href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" rel="noreferrer" class="gmail_msg" target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br class="gmail_msg">
</blockquote></div>
_______________________________________________<br class="gmail_msg">
kwlug-disc mailing list<br class="gmail_msg">
<a href="mailto:kwlug-disc@kwlug.org" class="gmail_msg" target="_blank">kwlug-disc@kwlug.org</a><br class="gmail_msg">
<a href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" rel="noreferrer" class="gmail_msg" target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br class="gmail_msg">
</blockquote></div></div>