[kwlug-disc] Re-re-re-re hashing the idea of running your own email server.
Chamunks
chamunks at gmail.com
Thu Dec 15 10:27:36 EST 2016
Any example of a SaaS filter because I thought that SaaS meant something
else.
On Thu, Dec 15, 2016, 10:05 AM Cedric Puddy <cedric at ccj.host> wrote:
> tl;dr: I recommend using a outside SaaS inbound/outbound email filter to
> keep the jerks from causing you hassle -- I think that cuts out 90% of the
> hassle of running your own server.
>
> ------------
> Setting up a straight-forward SMTP/POP/IMAP mail server is pretty
> straightforward, most have decent implementation how-tos written; though I
> might be remembering my own learning process through rose-tinted glasses --
> perhaps it was harder to learn to than I remember.
>
> I used to use Sendmail extensively, and now I use EXIM (under cPanel,
> which, granted, automates several of the key points of setting up a mail
> server, but costs enough that it's not practical for revenue-free
> projects), but the tuning, understanding delivery rules, being able to
> understand the and correct the behaviour of the system remains.
>
> We've got tonnes of accounts in there, multiple servers, etc... but the
> biggest simplifying factor that keeps the wily internet jerks at bay is
> choosing to use an outsourced SaaS email filter on both inbound and
> outbound email; if your goal is guaranteed privacy*, or absolute minimal
> cost, then this might not be an option; for people running like me trying
> to run a service, and don't want to be fighting with RBL blacklist
> operators, wondering what to do when someone tries to DDOS your SMTP port,
> etc, then it's very viable indeed, especially if you have a small number of
> users.
>
> The key point is that when outbound mail goes out, it goes out via the
> filtering providers outbound relay nodes (and if they want to keep getting
> paid, they've got to make sure those nodes stay off blacklists, etc), and
> when mail comes in, the only thing they can talk to is the relay provider
> (who has security and network people to deal with all the inbound crazy,
> DDOS crap, etc).
>
> Something to consider anyway; I expect to be always running mail servers
> for myself and clients, and I have no plans to ever do so without a managed
> filter in front of those machines.
>
> -Cedric
>
> *(if you believe that email can be secured, without encrypting content,
> and even then that the meta-data is nothing to worry about, and the fact
> the servers you communicate with can be huge info leaks you can control or
> monitor ... all I'm saying is that the SaaS filter has to be considered in
> context. If you already encrypt 100% of your email body text, use smtp
> mixers via Tor from a VPN exit node in Sweden, and etc, etc to accomplish
> perfect info-sec, then yeah, you probably don't want or need a SaaS filter)
>
> On 15 December 2016 at 00:06, Chamunks <chamunks at gmail.com> wrote:
>
> I figured since I accidentally threadjacked that last conversation about
> NextCloud that I would start a new one.
>
> B.S. <bs27975.2 at gmail.com>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *Running one's own e-mail server is always a popular topic.Any amount of
> poking into the idea quickly reveals an unexpected amountof complexity and
> gotchas, which can be daunting - perhaps not so muche-mail / the server
> itself, but the necessary ecosystem that surroundsit in today's world. Let
> alone if you expand the topic to'communications' (instant messaging,
> 'skype', IRC, and the like). Iexpect many skitter away from the idea rather
> quickly.Yet many do it, presumably happily and successfully.[Mind you, I
> thought the same thing about voip / voip.ms <http://voip.ms/>,
> buteventually, especially after posts from John, Oksana, and Raul,
> haven'tlooked back since.]Any favourite 'how to' links out there?(Such seem
> to be a moving target, it can be hard to discern what's'current'.)*
>
> https://mailinabox.email/ if you trust the concept of curl'ing directly
> to bash. I've been tempted to try and get all of the dependencies pulled
> into one gigantic docker image and see if I can't get it running there.
> Just seems kinda crazy complex it includes everything like even a damn DNS
> provider so that it can just update its own DNS records which will open you
> up to DDOS problems.
>
> There are a few dockerized megalithic containers now that exist that can
> theoretically ship all of the stuff you need too but I think that
> MailInABox recommended via https://privacytools.io sounds like just about
> the most promising.
>
> I personally would prefer using something more like Rain Loop
> <https://www.rainloop.net/> which might actually help me encourage myself
> to use PGP. I don't trust options that offer to host my PGP keys on
> someone else's proprietary service but I also need to have sync. Also, my
> biggest problem is Protonmail may boast a great concept but I don't need
> yet another damn app on my phone that's going to burn my battery. It also
> needs to be something that I'll actually check too so I realize modern
> convenience has made this somewhat of a tall order but I don't want my
> stuff in the cloud anymore.
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
>
>
> --
>
> | CCj/ClearLine - Hosting and TCP/IP Network Services since 1997
>
> | 118 Louisa Street, Kitchener, Ontario, N2H 5M3, 519-489-0478x102
>
> \________________________________________________________
>
> Cedric Puddy, IS Director cedric at ccj.host
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20161215/43080677/attachment.htm>
More information about the kwlug-disc
mailing list