
Mail-in-a-Box - of
https://mailinabox.email/
======
brongondwana
It's a great idea except that for one person it's going to cost a lot more
than buying an account on FastMail (disclaimer: I work there) or any of the
other hosting sites (even before you start start thinking redundancy and
backups - we have about 10Tb of disk for every 1Tb of pure email quota, by the
time you count search indexes and RAID and 3x replication redundancy - two
local one offsite)

For more than one person it can get cheaper, but you're going to be on call to
fix it every time it breaks - because those other people aren't going to like
waiting until you need it. Have fun with that (and I say this after being
paged at 3:30am last night to fix a problem that was only affecting redundency
for about 1% of our userbase - no user visible problems - most issues are
solved without user visible outages)

~~~
spindritf
Fastmail costs $40/yr. You can get a half-decent VPS for that with a few bucks
to spare on Tarsnap.

~~~
gojomo
Just curious, what's the "half-decent VPS" you're thinking of for ~$3/month?

~~~
hackmiester
I'm not spindritf, but I am thinking of BuyVM:
[http://buyvm.net/](http://buyvm.net/)

~~~
spindritf
You will probably need to go a little lower on the price than BuyVM to squeeze
SpamAssasin in.

------
gingerlime
One thing worth noting if you consider running any mail server yourself - is
checking the IP address / range that your VPS provides you. I've had outbound
email blocked or blacklisted with IPs from DigitalOcean - especially on Yahoo,
whereas Linode or AWS give you better reputation.

It was virtually impossible to get unlisted on Yahoo for IPs that are owned by
the hosting provider, and I'm not sure all providers would make the effort of
doing this on your behalf.

I suspect lower-end VPS providers are even worst in that respect.

~~~
joshdata
Mail-in-a-Box includes a check like this in its setup script, actually. [I'm
the guy behind the project.]

~~~
gingerlime
That's cool. I just had a look, and noticed a couple of rbl checks. Very smart
idea.

However, I have to say, I had occasions where the IP was not listed on any
RBL, but Yahoo was still flagging my IP.

I don't remember the exact error Yahoo were returning, but I think it was
basically blocking all email... Perhaps even from the entire network range,
since it was listed as residential or something of that sort (apologies, but I
really don't remember the exact details, it was quite a while ago)

~~~
joshdata
Yup, didn't mean to imply that I had solved the whole problem. :)

------
oops
See also:
[https://github.com/al3x/sovereign](https://github.com/al3x/sovereign)

~~~
lukeholder
wow, that look awesome, thanks for sharing. Especially like that it is a
ansible playbook!

~~~
lemming
Sovereign is awesome, I run the VPS for my product off a customised version of
it. Highly recommended. I especially like that you can run the unit tests
locally against Vagrant, it's great.

------
mrmondo
Love the idea, I do wish it was based on Debian and not Ubuntu though.
Ubuntu's package testing team leaves a lot to be desired and I've found Debian
in general a lot more stable and secure over the years.

------
sanbor
> Why build this?

> Mass electronic surveillance by governments revealed [...]

Then why are they suggesting to use DigitalOcean? I think they have to respect
the sames laws than Google, right?

~~~
ClashTheBunny
Because then you get the warrant or NSL?

~~~
scott_karana
Why would _you_ get the warrant or NSL?

They could still give that to DigitalOcean, and simply see your VM's
filesystem through the host server, see all your traffic, etc...

------
jwr
Finally! As someone who has been running his own email server for many years,
I've been waiting for this to happen, so that I can tell my friends to do the
same thing.

Best of luck to this project. It is very, very needed.

------
techsupporter
If you want to do something similar yet hands-on, I really like Ars Technica's
series: [http://arstechnica.com/information-technology/2014/02/how-
to...](http://arstechnica.com/information-technology/2014/02/how-to-run-your-
own-e-mail-server-with-your-own-domain-part-1/)

Also, for those of you with mobiles that have ActiveSync clients, Francisco
Biete's fork of the Zarafa ActiveSync (Z-Push) implementation is really
stable, it will do calendar and contact syncing with ownCloud, and it supports
remote wipe from your own CLI. [https://github.com/fmbiete/Z-Push-
contrib](https://github.com/fmbiete/Z-Push-contrib)

------
jph
Great project, thank you Josh. I am donating to your project and will also
offer $100 to help fund the creation of an apt-get deb package, if you or
anyone here would like to commit to creating it.

I run mail servers with Postfix and much of the same setup, to enable custom
domains, scriptable responders, message tagging, and the like. Using apt-get
to install Mail-in-a-Box would be wonderful.

~~~
IgorPartola
I will look into creating a .deb package. No $100 necessary for me. My email
address is in my profile, I'd anyone wants to connect before I can put
together a pull request.

~~~
joshdata
Hey. Please start an issue on github sooner rather than later so you don't do
lots of work and then I end up rejecting the PR. :) Communication! [I'm the
guy behind the project.]

~~~
mattl
I have a use for this at CC if we can get it working on Debian wheezy.

Thanks for releasing this under CC0.

------
metadata
I have a Linode VPS and am happy to fire up another VPS to handle email
exclusively. In fact, I already did and installed Mail in a Box as
mail.mydomain.com. I have to say (being a developer with enough Linux
knowledge to handle hosting and simple stuff) that nameserver setup is
completely confusing. I should stop using Linode nameservers? If so, I should
set up glue records and place that into NameCheap domain specification
instead? And then set up www CNAME to point to original website server? Very
confusing... Why not having a section in the guide titled something along:
"Adding Mail-in-a-Box as additional server to your existing website"? I am not
sure if that defeats security/reliability, as External DNS section message is
kind of scary:

"Although your box is configured to serve its own DNS, it is possible to host
your DNS elsewhere. We do not recommend this.

If you do so, you are responsible for keeping your DNS entries up to date. In
particular DNSSEC entries must be re-signed periodically. Do not set a DS
record at your registrar or publish DNSSEC entries in your DNS zones if you do
not intend to keep them up to date."

~~~
joshdata
Hi, metadata.

It sounds scary to set up glue records, but so is setting up all of the DNS
records manually that you'd need for really good mail: MX, SPF, DKIM, and
DMARC, and if you want secure DNS and/or mandatory encryption on the wire
you'll want DANE records and zone signing.

Mail-in-a-Box wants to take over your DNS because it wants to take care of all
of this for you. If you run your own DNS, it's still secure. An alternative is
to use a new domain name.

Thanks for the feedback.

[I'm the guy behind the project.]

~~~
iurisilvio
I had the same problem. Also, I had some DKIM and SPF already configured to
external SMTP server.

I understand your message, but it is not clear in Mail-in-a-Box interface.
What exactly is the problem with my own DNS server? If I want to work without
DANE, I can just add all these new records to my DNS and it works out of the
box?

I started to setup a personal email server several times and abandoned it
because it is just too difficult. This time, it was easy. Thanks!

------
illuminated
How does this compare to Kolab.org? For quite some time I want to migrate my
emails to my own server and the first contender on my list was Kolab.

~~~
ausjke
Same here, tried citadel and am interested in kolab

------
techdragon
ownCloud needs to integrate this kind of easy email setup.

I already run an ownCloud server but deliberately avoided moving my email to
it due to the less than ideal state of email on ownCloud

~~~
Brakenshire
The situation we really want to get to is a single streamlined sign up and set
up for email alongside owncloud, with contacts, file storage, calendar,
bookmarks and webmail. That would make it an attractive proposition for quite
a large section of the population.

~~~
sciurus
I really hope owncloud won't try to reinvent the wheel for email; Kolab
already provides those features.

[http://kolab.org/](http://kolab.org/)

------
IgorPartola
What service would the more experienced out there recommend run this on? AWS
seems rather expensive, but Digital Ocean wouldn't provide much storage space.
Also, what about reliability? Any advice on not getting blacklisted for
sharing a subnet with spammers? Or do people generally run setup like this old
school: on a server in their bedroom?

~~~
liamzebedee
I think 20GB is certainly reasonable. I use Thunderbird heavily for three
accounts and my profile barely exceeds 3GB.

~~~
Sami_Lehtinen
Why would users need to store all old mail on server? You can auto archive it
or simply delete about 95% of mail which you won't ever need later again.

------
stinos
_what you need: A completely fresh Ubuntu 14.04 machine_

Bummer. I already have a server running and don't plan on paying for an extra
instance just for mail. Has anyone tried this with VirtualBox or some other
virtualization? Should work if the correct ports are forwarded, no?

~~~
joshdata
There's a Vagrantfile in the project. I haven't used it in production this
way, but it should work. [I'm the guy behind the project.]

~~~
stinos
Ah, will try.

------
shocks
What about a backup SMTP server?

I ran my own mail server for a year and found it incredibly stressful.
Switched to runbox.com and I couldn't be much happier atm.

~~~
linuxlizard
Thanks for the runbox.com mention. That looks like just what I need for my
server.

~~~
shocks
No complaints from me! :)

------
pdonis
One thing I particularly like about this: managesieve support. I am only aware
of one major email service that uses sieve as its filter language to begin
with (FastMail), and none that provides a managesieve interface to the filter
rules. Since these are supposed to be the Internet standards for email
filtering, it seems very surprising that practically nobody actually uses
them.

------
treenyc
How does it compare to iRedMail?

[http://www.iredmail.org](http://www.iredmail.org)

Does it support multiple domains?

~~~
69_years_and
To add to the fray: [https://yunohost.org/](https://yunohost.org/) is an
option too for easy install and setup of a mail server - there was a recent HN
item on them a while back. Been using it for a month or two and it's worked
great so far. Needs Debian. Supports multiple domains.

~~~
hrjet
I had good experience with Citadel for an internal mail solution. It's a
little old fashioned, but good enough for our needs. The setup was especially
easy with the default ubuntu packages.

~~~
ausjke
I'm also testing citadel for a small team, the issue is that I can't get
thunderbird/lightning to sync the calendar with citadel, email works fine,
will be checking kolab soon

~~~
hrjet
Just FYI, we are not using the calendaring system from Citadel; so can't give
any report for that.

------
foxhop
This is sort of related. A couple weeks back I wrote some Salt States to
install mailpile. My long term plan was to use mailpile as a web client.

[http://russell.ballestrini.net/mailpile-salt-states-for-
ubun...](http://russell.ballestrini.net/mailpile-salt-states-for-ubuntu-or-
debian/)

~~~
acd
Thanks will look at your code!

------
alexchamberlain
Just checked out the [system architecture diagram][1]... We really need to fix
email. A modern system would never get away with proposing such a design.

[1]:
[https://mailinabox.email/static/architecture.svg](https://mailinabox.email/static/architecture.svg)

~~~
allegory
It's fine. It's a loosely coupled system that uses quite a few components.
It's also a complicated problem to solve.

This is trivial compared to our product for example which is an integration
hub for financial services companies. There are over 300 of those little
boxes.

Going back to the original point though, compare to Exchange 2010:
[http://www.microsoft.com/en-
us/download/details.aspx?id=5764](http://www.microsoft.com/en-
us/download/details.aspx?id=5764)

------
manishsharan
The problem is not setting up an email server; the problem is in ensuring you
email is delivered/visible. I set up an email server vps with my domain and
domain keys etc but my test emails to my family ,who use Yahaoo and Gmail,
would not get delivered. I gave up !

~~~
clarry
I have another problem.. my ISP blocks incoming traffic on smtp. For no good
reason. I'd have to upgrade to a business class connection ($$$). Unfiltered
end to end connectivity would be nice. Preferrably on a symmetric line. I'd
call that Internet access.

~~~
ytjohn
I'm not running a mailserver anymore, but I use smtp-as-a-service for things
that need to send email notifications.

I've been using mandrillapp.com for over 2 years now, completely free. Other
people like mailgun.com. Anytime I need to setup a nas or monitoring system
that needs to send out notifications, I create a new api key then add that
into whatever device needs to send email.

I also for a brief period used the service as a "smarthost" for a shared mail
server (not mine directly). This technically worked fine, but became an issue
as end-users would get viruses and start sending spam. However, mandrill would
notify you of this issue and you'd see high rejection rates. I could even view
the rejected message (privacy concerns aside) to see headers of who was
sending them. So while I wouldn't recommend it for a shared server, it would
be fine for a personal server.

------
foolinaround
I am trying to set up an email server for an Asian non-profit (about 1000
accounts) on a hertzner server. They do not need all the bells and whistles
however?

Is this good enough for that many number of users?

~~~
corv
Why not find a host in Singapore or Hong Kong, rather than Hetzner that is
300-400ms away? (Nothing wrong with Hetzner, just saying)

------
higherpurpose
Does it at least use StartTLS by default?

~~~
joshdata
Yes, it uses STARTTLS, HSTS, modern cipher settings, DNSSEC and many more
security best practices! [I'm the guy behind the project.]

------
wtbob
It's a pretty cool tool, but I wish that things like this were built atop
Debian rather than Ubuntu.

------
owenversteeg
I use roundcube and it (usually) works great. Good choice.

[tangentially related] I love seeing a new TLD in the wild.

------
serf
does ownCloud still throw webdav errors for self-signed certs?

~~~
ausjke
can owncloud do mail at all? its calendar works, but no support for tasks, I
don't even know it does email

~~~
serf
no, but the linked product (mail-in-a-box) uses ownCloud's webDAV/calDAV
implementation rather than providing a separate means.

in my experience if ownCloud is supplied with a self-signed cert, the webDAV
module throw errors but still works correctly. It's really obnoxious and
causes a nag-window at the top of the main settings UI until either you
comment out the nag window or buy a signed cert.

------
chj
there is still one touch problem, how can you make sure your outbound mails
won't be rejected by other servers?

