
How to Run Your Own Mail Server (2017) - j_s
https://www.c0ffee.net/blog/mail-server-guide
======
agentultra
I run my own mail infrastructure. To say the least I wouldn't recommend it
even to my worst enemies. It's horrible.

Actually it's fine until it's not. Then your email doesn't work and you could
be missing out on important communications. And then you're scrambling to
figure out how the spammers managed to exploit your setup this time. And you
have to learn a tonne of crap in order to manage it... and the text files!
Configuration... configuration everywhere. Obscure configuration.
Configuration that has real consequences and causes spooky action at a
distance. Configuration that will soon be exploited in strange ways.

I was so frustrated the last time my mail server went down that I started
writing an SMTP protocol handler in Haskell with the intent of writing a MTA
with the goal of minimizing configuration and being secure and resistant to
attacks by default. So that hopefully more people _can_ run their own
infrastructure without prematurely aging. I dunno how useful it will be to
others but at least it will keep my gray hairs at bay, I hope, when it's ready
for use.

Until then though we need more guides like this for us poor souls who do go
down this route. There are way too many out-dated guides awash in the sea of
information.

~~~
rsync
"And then you're scrambling to figure out how the spammers managed to exploit
your setup this time."

...

" ... writing a MTA with the goal of minimizing configuration and being secure
and resistant to attacks by default. "

As a 20+ year UNIX sysadmin and fellow owner of my own email infrastructure
for 18 of those, I am surprised to read this and am not even sure what you are
talking about.

Can you explain what you mean by attacks and exploits from spammers ?

Other than accidentally running _as a relay_ or actually having a remote
exploit in your server(s), what are the attacks that you have in mind ?

"Configuration that will soon be exploited in strange ways."

Again, am genuinely interested in an explanation ... other than running as a
relay, and maybe handling backscatter (but that's not really config, it's just
a blacklist) what are you referring to ?

~~~
_jal
I'm in the same boat - been running my own mail since the 90s. I could
understand complaints about lots of weird hoops to jump through to get mail
from your server _accepted_ elsewhere - that has become harder over time[1] -
but there's a very short list of things that need to be done to avoid being
hijacked.

Mail server setup for the uninitiated does look a little daunting, especially
if you're more accustomed to "all-in-one"-ish software. If you want to do
this, I recommend starting with making sure you have a clear mental model of
mail server architecture, especially where it touches other things (DNS, DKIM,
spam filters, local delivery, probably IMAP, maybe LDAP, maybe databases,
etc.) Without a clear idea of the dataflow and reasons for different decision-
points, you're going to have a very bad time troubleshooting things.

[1] SBCGlobal.net has been rejecting me for over a decade despite there being
zero spam ever having been emitted by my domain. Eh, my userbase communicates
with exactly one SBC user; ATT can bite me.

~~~
burgerdev
I've been running my mail server for 6 years now. Mail to Microsoft's servers
(live.com, etc.) keeps ending up in the spam folder, even though spf, dkim and
dmarc are set up and my IP has been clean for the entire period. The bright
side is that I only notice this in the rare case of "mail to all contacts",
since noone is on outlook.com these days.

~~~
cpncrunch
Yes, live.com is a problem for us too. It seems they silently blacklist ip
addresses and make it very difficult to get off that blacklist. There's a
thread here about it with some of us trying to figure out how to solve this
problem:

[https://answers.microsoft.com/en-
us/outlook_com/forum/oemail...](https://answers.microsoft.com/en-
us/outlook_com/forum/oemail-osend/emails-blocked-by-smartscreen-microsoft-
wont-help/ff469ac8-e9ab-42b8-b8f1-7c2bf0fa46eb)

But other than that, running my own mail server hasn't been much of an issue.
Set up sendmail, use public blacklists for spam control, and it pretty much
runs without any intervention.

~~~
megous
Outlook.com/Microsoft blacklists entire subnets because there are spammers in
the same IP range. It's ridiculously lazy practice. They should just block IP
addresses that are actually sending SPAM. It's not like that's a problem
technically. You can fit all IPv4 addresses into a 512MB database.

I'm thinking of solving it by blacklisting outlook.com domain, so that senders
at least know that I can't respond to them. I can put a message in the error
response, that will be reliably relayed to the sender by the sending system.

Google's slightly better. Recently I did an experiment and created a few gmail
accounts and sent some riduculously spammy messages full of typical keywords
in between those gmail accounts, and they were all successfully delivered.
Always.

Then I sent e-mail from new gmail account to my email server and simply
responded and it went to spam. It's ridiculous that such a simple heuristic
like someone responding to a message gmail user sends doesn't get the message
through spam filters, even though the system can clearly determine taht the
message is legit based on many variables (References field referencing
message-id of the original message (noone else than the recipient should know
this), reply being from a correct source (DKIM/SPF), message having normal
looking business content, etc.).

There's way too heavy a weight on sending server IP range reputation.

~~~
cpncrunch
With gmail you can at least request that they unblock you, and they will do
that. With live.com and icloud.com you have to spend inordinate amounts of
time bouncing between useless support people before you get anywhere. gmail in
general seems to have the best spam filter (lowest false positives and
negatives).

~~~
clan
In my experience live.com was an easy fix.

But gmail was not. Even as a business user with support.

Gmail rejects me as an ugly spammer at the gate when using IPv6 but not when
using IPv4.

My IP addresses are not listed in any public blacklists.

And the Borg hivemind is not able to tell me why. Gmail support is friendly
but have no knowledge of their filter nor an escalation path.

The amusing part is they reject me as a bulk sender. But when I register into
their bulk mailer program my volume is too low.

This is with strict SPF, DKIM, DMARC and registered with dnswl.org.

~~~
cpncrunch
Did you fill in the delivery problem form?

[https://support.google.com/mail/contact/msgdelivery?vid=0-35...](https://support.google.com/mail/contact/msgdelivery?vid=0-354046174408-1517070954580)

I had a problem with ipv6 myself with gmail, but the problem was that I just
didn't have ipv6 fully set up on my server, so either SPF or reverse DNS
wasn't working or something like that. I think I just configured sendmail to
only use ipv4 and that solved the gmail issue.

~~~
saltybytes
"I think I just configured sendmail to only use ipv4 and that solved the gmail
issue."

This was my experience, too. I took this advice [1] configuring postfix and
Gmail started to accept my emails.

[1] [https://christian.skala.me/blog/gmail-why-are-you-doing-
this...](https://christian.skala.me/blog/gmail-why-are-you-doing-this-to-me/)

~~~
cpncrunch
My issue was that I wasn't very familiar with ipv6, and my ISP (OVH)
apparently gave my server a range of about 256 ipv6 addresses, and I didn't
really know how to properly set up reverse DNS and SPF. After spending a day
or two getting nowhere, I just decided to turn off ipv6 completely for the
server.

------
deadbunny
> Before we dive in, an important caveat: You will become a sysadmin of your
> own mail server.

This for me is the deal breaker. I say this as a sysadmin.

It's all well and good running a single server but if that shits the bed then
you have to deal with it immediately.

So to run something that doesn't require 24/7 support I now have to run a
cluster of servers.

I'll also need something to manage those servers like salt/ansible/puppet

I also need to deal with being my IP blacklisted because of a previous owner,
or just entire domains now delivering my email because they don't like the
fact i'm not using $email provider

Then there is spam filtering and the constant battle that is.

Or I could just pay someone a couple of bucks a month to worry about all that
shit and not worry about it.

~~~
KayEss
I've been running my own mail servers since the mid-90s, and always only a
single server. SMTP keeps retrying, so you can be offline. The transport layer
was designed to deliver mail to servers even if those servers only dialled in
to one of the "internets" once per day, so it's fine to have some downtime.

It's totally up to you how you prioritise getting a server back up again, and
frankly if the message can't handle at least a few hours delay then email
probably isn't the right medium for it.

~~~
heartbreak
> frankly if the message can't handle at least a few hours delay then email
> probably isn't the right medium for it.

This may have been the case in the mid-90s, but it is certainly not the case
today. I frequently receive emails that require immediate attention, whether
from my employer, my bank, or any number of other notifications. Normal email
users expect emails to be delivered in seconds, not hours.

~~~
sigstoat
> Normal email users expect emails to be delivered in seconds, not hours.

their expectations are unreasonable. gmail, etc don't even manage that much of
the time, let alone guarantee it.

~~~
Spivak
Sure, everything is best-effort on the web but <10s delivery is pretty much
the norm now.

------
notinventedhear
Yeesh, there's so much involved.

I've been running my own mail server with
[https://mailinabox.email](https://mailinabox.email) for ~2 years and can
heartily recommend it.

Still, even with that there are gotchas if you want to be able to send
messages from your server to Google et al, eg. reverse-DNS-records, DKIM, SPF.

Not for the pressed-for-time.

~~~
mzaccari
About 2 years ago I had a customer that required their own private mail
server. I set up Mail-in-a-Box on a $5 Digital Ocean droplet, and they've been
happy with it ever since.

The integration with Let's Encrypt and a relatively smooth upgrade process has
made it one of the more enjoyable services I manage. I would highly recommend
it.

------
SwellJoe
I'm surprised by how many people think mail is an impossibly hard problem.
There some things about mail that are stupid; the core protocols are old and
it shows. But, once things are working, you can leave it alone for years
(aside from regular software updates) without trouble. I have. I've never not
run my own mail servers (and often for several other
people/companies/projects, as well) in the past 20 years. I used to consider
myself an expert on the topic, but it's required so little of my time/thought
in the past several years that I've forgotten most of that expertise.

I think what I'm trying to say is that it's not harder than it used to be
(though some problems, like spam and security requirements for safety, have
gotten worse in absolute terms). With modern tools and packaging on modern
Linux distributions, you can be up and running pretty quickly. My company
ships a turn-key solution as part of Virtualmin, but you can build something
similar without that in an afternoon or two if you're reasonably Linux-savvy
and have some notion of how all the pieces fit together (maybe a couple extra
afternoons if you don't know the basics; DKIM and SPF can be tricky, since you
also have to know or learn you some DNS).

It's harder than a web server or DNS server, but not something you should flee
in terror from. Admittedly, it's gotten cheaper in recent years to outsource
it...and with microservice-based architectures, maybe it makes more sense to
have some other API than SMTP (though SMTP is very easy to use from every
language I've ever worked in). But, there are problems and complexities with
outsourcing, as well.

~~~
erikb
I seriously always failed getting over that first hurdle every time I tried. I
didn't try this one yet, but most guides deviate from whatever my setup will
be by a little, and that then increases to a lot of investigation work with
pretty unclear config values and not a lot of debugging tools.

Have I invested enough energy? Apparently not. But I'm over the weekend-sized
amount by a multipler bigger than three.

------
workthrowaway27
I've done this before. It's a pain in the ass. You have to run several
different programs each with hundreds of configuration options, make sure the
different programs can communicate with each other properly, make sure your
email doesn't get flagged as spam, and be your own sysadmin. All for marginal
benefit.

It would be great if someone wrote a program handling all of this that could
be deployed as a single binary with secure defaults and limited
configurability, but I don't see that happening any time soon. Email providers
are good enough for almost everyone and the people who are good enough
programmers to make sense of all the different protocols they'll have to deal
with and get everything to interoperate nicely probably have other things to
work on that people will actually pay for.

Edit: That said, this guide does look like a great resource for someone who is
interested in doing this. It's interesting to learn how email works and if I
had this guide when I started out I'd have saved a ton of time.

~~~
lisper
I started working on this a while back and got as far as writing a collection
of scripts that spins up a mail server from scratch and does all the
configuration. It's not complete (doesn't include spam filtering or search)
and it uses Common Lisp to drive the process, which is the main reason I
haven't published it. I didn't think there would be much interest in something
that obscure. But if there is interest I'd be happy to clean up the code and
put it on github.

------
Yetanfou
I've run my own mail server ever since I got something resembling broadband
internet in 1996. Back then spam was non-existent, Sendmail was the emperor
without clothes about to be dethroned and I hacked _sendmail.cf_ without
needing to look at the the bible [1].

I've never regretted running my own server, nor have I ever contemplated
moving to a hosted solution. Spam is not a problem either, Spamassassin in
combination with a greylist make for a nearly spam-free experience. The whole
setup has been migrated from the original Pentium-66 via an aBit-BP6 (SMP for
the masses [2], retired in 2009) to the current Intel SS-4200 (upgraded to a
dual-core Pentium but still limited to 2GB). In practice a Raspberry Pi would
be enough to run a viable mail server so even this rather anaemic setup does
its job without breaking a sweat.

The whole setup consists of Debian (Sid) running Exim through a smarthost,
feeding through Spamassassin + greylistd into Dovecot. Apart from some auto-
manual intervention to cope with Microsoft/Google/... not coping with the
greylisting and thus needing whitelisting it more or less _just works_. In
other words, just go ahead and run your own server.

[1]
[http://shop.oreilly.com/product/9780596510299.do](http://shop.oreilly.com/product/9780596510299.do)

[2]
[https://en.wikipedia.org/wiki/ABIT_BP6](https://en.wikipedia.org/wiki/ABIT_BP6)

[3]
[http://ss4200.pbworks.com/w/page/5122751/FrontPage](http://ss4200.pbworks.com/w/page/5122751/FrontPage)

~~~
brandon272
What do you estimate has been your total investment of time in running your
own mail server?

~~~
Yetanfou
Initial setup took a few days of experimenting, that was back in the days of
Sendmail. After that is ran fine for a while until spam starting becoming a
problem. I eventually implemented a spam filter with Spamassasim with a
nightly cron job to train it with spam which made it past the filter. After a
few years I added greylisting to the mix which ended up complicating matters a
bit due to some common mail hosts (Google and Microsoft being the biggest
culprits) breaking the concept of greylisting by using different mail hosts
for resend attempts. I made a script to add all SPF-allowed IP ranges for a
domain to the whitelist which solved that problem.

Total time spent on the mail infrastructure over these 22 years is negligible,
probably ~8 hours per year.

------
grinsekatze
This is an interesting write-up, but doing it like this files like way too
much work.

I have been using mailcow[0] for years now and it does all of this for me and
works great. The UI is beautiful and intuitive. And setting up mailcow
literally takes a few of minutes, since the project was ported to docker.
Highly recommend it.

[0] [https://github.com/mailcow/mailcow-
dockerized](https://github.com/mailcow/mailcow-dockerized)

------
linsomniac
How to run your own mail server: Don't.

How to run your own mail server (for experts): Don't.

I say this as someone who has run my own mail server for 20+ years.

Now, if you absolutely have to get off Google, and the other available hosted
options don't work for you, then this article looks like a good start. I'd add
roundcube for web access and letsencrypt for SSL.

One thing you'll never really get, in my experience, is good spam handling.
The big providers just have so much more data to work with to prevent spam.

~~~
catdog
> One thing you'll never really get, in my experience, is good spam handling.

Not in my experience. I'm in general very happy with the results of
SpamAssassin. Occasionally sth. slips through but when I compare it to my
gmail account it's not worse, maybe even better. The only thing I use in
addition is postscreen [1] (pregreet test only) to stop the dumbest category
of spam bots.

[1]
[http://www.postfix.org/POSTSCREEN_README.html](http://www.postfix.org/POSTSCREEN_README.html)

~~~
linsomniac
I used SpamAssassin, greylisting, SPF, a variety of RBLs, and hashcash, but
never got anywhere near what my gmail experience has been. I literally almost
never get spam to my main mailbox in gmail, I would get a dozen or more a day
on my own server.

------
lucb1e
> on FreeBSD using Postfix, Dovecot, Rspamd, and LDAP.

That seems like an awful amount of work / overkill. This is not a good
introduction for a normal geek, and die-hard open source fans will figure it
out without too much trouble anyway.

Postfix is not the best choice for novices, FreeBSD is not the most well-
supported/documented system just because it's not as popular as some others,
and a directory service shouldn't be necessary.

We had to setup Exim, Postfix or Sendmail for school. Sendmail was universally
hated the most, Postfix came in second, and Exim was... well, not exactly
logical or easy, but the best of the three mainstream MTAs.

I'm running hMailServer at home. Windows-only, unfortunately, but until I find
a proper replacement, I'll just keep running it in a VM. Nothing else even
comes close in admin-friendliness. It's just install and run, with either a
local admin interface or a web interface (using PHP, so it runs anywhere).

~~~
yosamino
> Postfix is not the best choice for novices,

I'll give you that in general, mail servers are not for novices, and they have
a huge array of configuration options, but Postfix is by a wide margin the
best piece of software that I've come across the last couple of years, and
I've been using it for a long time because of that.

It's reliable, it works exactly as documented, it's up to date, it's
documentation is excellent, and it's community helpful, if overly precise -
but then that's exactly what makes it so good.

I've literally never come across any problem with it, that turned out to be
problem of postfix.

I can't say that for any other piece of software that I know.

~~~
lucb1e
> mail servers are not for novices

I invite you to look at hMailServer. I set this up when I had a reasonable
clue about SMTP and only a vague understanding of POP3 or IMAP. Let alone how
spam filters worked ("they look at words like viagra" was my understanding) or
what mailing lists are.

It's really a Windows-like utility in the sense of next-next-next-finish. By
now I despise most Windows Server wizards for not being flexible enough and
prefer command line tools on GNU/Linux, but this mail server is one thing I
just cannot find a good replacement for, and the interface provides everything
I need (no need for command line or config file magic).

~~~
sliken
Postfix is popular, secure, flexible, well documented, and likely to be around
in 10 years. The defaults are quite sane and it's battle tested on numerous
large mail servers.

For a simple domain you only have to edit a few lines that numerous tutorials
cover. Combining it with dovecot (similarly well designed, secure, popular,
battle tested etc) makes for a robust setup.

Sure don't make the mistakes the OP made and allow relaying for the the entire
internet. I can't imagine any sane tutorial has relaying enabled by default.

I've never heard of hMailServer, but hard to imagine it would be worth while
and I wouldn't want to bet on it being around in 5-10 years. If editing a few
config files and changing a few lines scares you then don't run a mail server.
Otherwise pick something popular, well tested, and robust. Sure
postfix+dovecot isn't the only solution, but I wouldn't pick something
small/obscure/new either.

------
Torgo
I started running my own email server around 2014. I am using every mitigation
I can find, but I still get an unending torrent of spam that slips through.

If tweaking spam filters and deleting spam is your idea of fun, then run your
own email server.

~~~
twothamendment
I've been running since 2001. There were some rough years in there with spam
and big providers rejecting for no good reason. Now it has been years since
I've had any delivery issues. As for spam, I get 2-3 a week that make it
through, but I don't make any effort to tweak it.

Thanks for bringing up the painful memories of adding new filters each night.
So glad those days are over for me.

~~~
igammarays
Big providers probably rejected you in the early days because you were an
unknown sender back then.

------
codingdave
I've run my own mail for about 15 years. Just recently stopped.There was
nothing wrong with the process, it worked. But I thought about how much time
I've spent on running my own domain and email over the last couple decades,
and added up what it got me over those years... and the value just wasn't
there.

I know the article is concerned with owning your own data, and I appreciate
the point. But finding a mail provider that meets your needs is, IMO, a better
way to spend your time than just saying "Gmail isn't good for me, so I'll do
my own."

------
icelancer
I use iRedMail and set up my own mail server for my small business. I am
beginning to wish I hadn't, even though I've had literally 0 problems outside
of a single reboot to fix an issue.

[https://www.linuxbabe.com/mail-
server/ubuntu-16-04-iredmail-...](https://www.linuxbabe.com/mail-
server/ubuntu-16-04-iredmail-server-installation)

I dunno. I feel like I'm sitting on a timebomb. It's hosted on DigitalOcean
and while it works great with RoundCube and gmail... eh. I dunno why I even
did it in the first place.

~~~
le-mark
Other than the feeling of 'sitting on a timebomb' are there any other
specifics you can cite? Have you looked into contracting someone for a few
hours a month to check/update things? I have considered doing what you have
done, and your feedback has piqured my curiosity.

~~~
icelancer
Not really. Just everyone smart I talk to says the same thing as everyone else
in this thread: Don't do it. I'm not a sysadmin, I'm a developer who runs a
company and doesn't even work in IT in my own company anymore. Bleh. So far so
good, though....

------
ef4
> Getting off GMail is one of the best ways to take back your data in the face
> of dragnet surveillance.

This just isn't true. You can host your own mail server and GMail will
probably still end up hosting a large fraction of the email you read and
write, because _the people you correspond with_ are still using GMail.

(In the same vein, you can refuse to have a Facebook account but Facebook
probably has a dossier on you anyway. Enough people you know have dumped their
contacts into Facebook that they already know your place in the social graph.)

~~~
dade_
That is a very defeatist position.

~~~
KeepFlying
Defeatest of realist?

You can and should work to reduce your footprint if that concerns you, but
there are still systematic issues that make it hard to stay completely outside
of there services. Mainly what OP mentioned with contact uploads.

------
twothamendment
Icing on the cake: Sprinkle a little Let's Encrypt in there to cover SSL. It
doesn't take much to have a cron make a new cert and restart dovecot and
postfix.

My setup is similar, but it uses MySQL instead of LDAP.

I love being able to make aliases and even better - deleting them when I'm
done with them.

~~~
perlgod
Author here - I plan on switching to Let’s Encrypt once they support ECC
certificates.

~~~
zuck9
Why do you need ECC certificates?

~~~
perlgod
I don't need them, I just prefer them. They are arguably more secure and
require much lower CPU usage.

~~~
c0l0
Any reasonably modern x86_64 CPU can do more than 1000 RSA2048 signs (~ TLS
handshakes) a second, per core. Performance considerations really aren't a
good reason to not use RSA for TLS KEX.

------
digitalsin
There's no reason to not at least run mail-in-a-box if you consider yourself a
technical person but have limited time. It's absurdly easy to set up and the
maintainers / contributors do an awesome job.

Running your primary email on these big hosting companies is taking your
privacy and pissing it right down the drain.

It's really not that hard folks.

[https://mailinabox.email/](https://mailinabox.email/)

------
perlgod
Author here - happy to respond to any questions.

~~~
mozumder
How much of this is common to a Mac OS Server mail setup?

~~~
perlgod
I believe OS X uses many of the same components under the hood. I have toyed
with OS X Server.app (mostly just to get the necessary certificates to get
IMAP push notifications working with iOS/Dovecot[1]) and it seems like a
really solid choice.

Not sure how you go about colocating a Mac Mini in a datacenter though.

[1] [https://www.c0ffee.net/blog/dovecot-push-
notifications](https://www.c0ffee.net/blog/dovecot-push-notifications)

~~~
mozumder
You use it with your home ISP on a static-IP address.

~~~
perlgod
Any outgoing mail will almost certainly be spam-blocked if you send from a
residential IP. Also, most ISPs block port 25.

~~~
mozumder
Nope.

When you ask your ISP for a static-IP address, your service goes from
Residential to a more expensive Business account, and they open up outgoing
mail ports. (At least for Verizon FIOS that I'm on, pretty sure Comcast is
same as well.)

Cloud IP addresses are probably more problematic for spam blocklists.

~~~
perlgod
Glad it works for you. My comcast connection is far too unreliable to ever
rely on for email!

Curious though, can you also set your own reverse DNS entry for your static
ip? I’ve found many mail servers will reject your mail if rDNS records don’t
match up.

~~~
zlynx
I'm also running a server on a Comcast business service with a static IP. My
service has been really stable. This must vary on area. Also it seems if
you're on business class, the techs take you more seriously. When I _did_ have
some stability problems the tech they sent out did a few tests, then went to
the entire first floor (5 units) of the condo building with big sticky notes
telling them to schedule a service appointment or have their service blocked.

Getting reverse DNS was easy. Following the directions I found via Google I
went into the Comcast business service forums, read their pinned posts and
sent a PM to the current service guy. He set the reverse DNS for me. It took
about a day.

------
ankitank
Why not use solutions like iRedmail or Mail in a box?

iRedmail - [https://www.iredmail.org/](https://www.iredmail.org/) Mail in a
box - [https://mailinabox.email/](https://mailinabox.email/)

They allow you to setup your own mail server and yet make it easier to get
started.

I have been using iRedmail and it has been working well so far.

------
kazinator
Been running mine for almost 8 years.

Exim MTA, Courier IMAPD on Debian.

Pretty easy setup; nothing complicated.

For remote access I use two things: RoundCube webmail, and K-9 Mail on
Android. For sending mail from K-9, I connect home, via authenticated SMTP
which is on port 587, rather than 25.

I have developed a little web app called Tamarind for generating throw-away
mail aliases.

[http://www.kylheku.com/cgit/tamarind/tree/](http://www.kylheku.com/cgit/tamarind/tree/)

I run some mailing lists which use GNU Mailman. For archiving them, I don't
use that horrible pipermail, but rather a hacked version of Lurker. I patched
Lurker to pass through HTML so that HTML mails end up rendered as HTML in the
archive. The HTML has to be scrubbed, so I wrote a little scrubber for that:

[http://www.kylheku.com/cgit/hc/tree/](http://www.kylheku.com/cgit/hc/tree/)

Lurker patches:

[http://www.kylheku.com/cgit/lurker/](http://www.kylheku.com/cgit/lurker/)

------
akulbe
First, I'd start with "Don't run your own email server unless you _absolutely_
have to."

Second, if you must... I'd recommend Mail-in-a-Box. _MUCH_ easier to setup /
maintain than this one, at least from a cursory read.
[https://mailinabox.email](https://mailinabox.email)

------
CodeWriter23
Running your own personal, non-commercial server may be just fine. But if
you’re business is pumping out volumes of email, no amount of DMARC, DKIM,
SPF, CFL participation and fighting to stay off IP blacklists will prevent you
from eventually succumbing to the user that clicks the Junk button to delete
their emails. This will tank your domain’s reputation and get your emails
routed to Junk (or silently discarded) for all recipients at the big ESPs like
Gmail, etc. SPAM scoring is outsourced to companies like Symantec, CloudMark
and others. They are the mail-zapping, score-keeping monoculture of the email
ecosphere. You basically need a large company who will take your word for it
that you’re not SPAMming and interface with the filtering industry on your
behalf to de-nerf your domain once the Junkie McJunkbuttons of the Internet
screw your reputation over.

~~~
sedachv
What is CFL participation?

~~~
CodeWriter23
Customer Feedback Loop. When Junkie taps the Junk button you get notified by
the ESP to delete them any mailing lists and never email that address again.
They typically track this as a metric against your domain. And some ESPs, like
Comcast won’t even sign you up to participate unless you’re big.

------
jacksnipe
It always makes me happy when a blog serves me less than 40kB to read an
article!

------
interfixus
Yeah, it's learnable, it's doable, it really doesn't need to be all that hard.

And then ... after you've done every damned thing exactly by the book, and
DKIM'ed the dickens out of your headers, killed the spam, policed yourself off
the blacklists, etc. etc. - turns out you might as well not have bothered. The
googles and the microsofts (the microsofts especially!) will one day drop your
outgoing mail without the slightest notification, because the ip range, or
because the full Moon, or just because they can.

I ran that show for nearly fifteen years, but threw in the towel last year,
and handed over to Fastmail. With regret, although their service is first
rate.

Email is _not_ a succesful federated protocol these days. The monoliths
effectively killed it off.

------
Tepix
If you run your own mail server you can save a ton of work and time and get
great defaults and features by using Sovereign from
[https://github.com/sovereign/sovereign](https://github.com/sovereign/sovereign)

------
teekert
Love this, I spend many nights in the past fiddling with email.. and giving
up. But I manged to get it to work one day and I learned a lot! I started with
[0], but eventually found the mail-stack-delivery package in the Ubuntu repos,
it sets up almost everything correctly out of the box and I ran with that.
While Googling that package name I found this: [1], may also be nice.

I also learned that having it in your basement means trouble: Someone pulls
the plug, your IP changes or ends up on a spam list. For some years I ran my
own server on a DO droplet. It is very cost effective when you can make as
much mailboxes as you want for family (+ unlimited aliases, addresses that
deliver to both you and your wife, being able to email 500 mb to familie,
etc). I still don't know down what sinkhole emails to my brother-in-law's
outlook.com address went down. The literal response of MS at the time: We
don't manage our own spam filter, try adding more text, make it look more
real...

But man, the pain, the complexity, the reverse DNS, the startTLS, the SPF
record, the DKIM records. It took me a long time to understand the difference
between mail servers and MTAs and why there are different ports for them.
Also, few providers in the Netherlands even allow you to use port 25, luckily
mine did. Email is truly an old protocol that has been hacked up-to-date (more
or less) and setting up your own mail server will make this very clear to you
:)

I'd recommend it though, you'll learn a lot! But to be honest, I now pay 3
euros a months to a dutch email provider because email is too important and I
didn't want to go through the pain again when 16.04 came out. I might still
have a go at it in the future, there is something beautiful about running your
own email server :)

[0] [https://arstechnica.com/information-
technology/2014/02/how-t...](https://arstechnica.com/information-
technology/2014/02/how-to-run-your-own-e-mail-server-with-your-own-domain-
part-1/)

[1] [https://www.iredmail.org/](https://www.iredmail.org/)

------
jstewartmobile
This is a very good guide.

One nice thing about the programs he chose is that their config options are
fairly stable (can't vouch for Solr). That many moving pieces would be
absolutely unmanageable if the options changed frequently. Been using a
similar setup for years without difficulties.

Adding something like _fail2ban_ into the mix wouldn't hurt.

If you're going to do this, _first_ check that your VPS / ISP allow inbound
traffic to port 25/tcp. AWS allows it upon special request. GCE doesn't. Don't
know about the others. In the US, most _residential_ ISPs block 25/tcp
inbound.

------
osrec
The configuration of mail servers is so unbelievably grueling, it can almost
reduce one to tears! I love having my email and data on my own server, but it
is horrendously time consuming to get it up and running, and if something goes
wrong, you could be looking at a weekend of work (often involving trial and
error with poorly documented config formats). Sometimes I wish email could be
replaced with something simpler but just as ubiquitous. _Sigh_

------
locusm
If youre running your own email services and wonder why outlook.com /
hotmail.com are blocking you you can signup for this.
[https://postmaster.live.com/snds](https://postmaster.live.com/snds)

Its useful as quite often youll get blocked just for being in the same IP
block as a spammy server. My experience to date is that once you notify them
your IP isnt the culprit the block gets removed pretty quick.

~~~
locusm
I think the Gmail equivalent is Postmaster Tools.
[https://postmaster.google.com](https://postmaster.google.com)

------
herbst
Usually you are supposed to add a year to older articles :)

Curious if you looked into other mail server options? I mean Postfix (not
Postgres) easily handles the load of a single user, but it is still rather
hard to configure and modify.

I recently started to work with Haraka and even thought its ment for high
traffic use cases i wont ever look back to Postfix (not Postgres).

~~~
jacobush
Wow. I must have really been abused (likely) by other mail servers to consider
Postfix easy then.

~~~
herbst
Given my first real Postfix experience was a scaleable forwarding service that
is supposed to support a variation of configs without breaking the config
file.

Postfix is super easy, and well documented for normal use cases.

------
marsrover
I ran my own mail server for a few months in 2013. I came to the conclusion
I'd much rather pay Google $5 a month.

~~~
xienze
Fastmail will let you do it for $50 per year if you pay upfront. Just not sure
why anyone would run an email server other than extreme paranoia. It’s hardly
a set it and forget it affair.

~~~
ryanlol
Fastmail is great until their support hands your account over to some random
person that just happened to ask.

~~~
xienze
[https://www.fastmail.com/about/privacy.html](https://www.fastmail.com/about/privacy.html)

They have a very strong privacy policy, they’re not just going to hand your
email over to a “random” person.

~~~
skrause
They already have:
[https://news.ycombinator.com/item?id=15855081](https://news.ycombinator.com/item?id=15855081)

~~~
j_koreth
[https://blog.fastmail.com/2017/12/06/security-account-
recove...](https://blog.fastmail.com/2017/12/06/security-account-recovery/)

------
philrw
Looking at that postfix main.cf gave me flashbacks and not in a good way.
Google can have it. Or ProtonMail. Running my own mail server didn't pay
enough ($0) for the complaints I got from its users (family). I'll focus on
VoIP PBX and home automation until someone gobbles that up too.

------
j45
This is an insightful guide on how email works.

Instead of running each component individually, I would recommend looking at
something like Zimbra or another OSS mail package that handles a lot of this.

I hosted my own email for over 10 years and maintaining the bits are as
painful if you don't have a plan in place.

A decent comparable for do-it-yourself hosting is the kind of luck a product
like MDaemon provides - it decent job on windows of rolling all the features
into a reasonably manageable server, as well as being quite affordable. I
don't work for MDaemon, but tools like this make hosting email relatively
trivial.

[http://www.altn.com/Products/MDaemon-Email-Server-
Windows/](http://www.altn.com/Products/MDaemon-Email-Server-Windows/)

------
TYPE_FASTER
I've hosted my own mail server for a while. I've gone the Postfix/Dovecot
route, I've used qmail, etc. My current setup is WebMin/VirtualMin. It works
really well, and will run on the cheapest DO droplet.

Fighting spam effectively is not trivial.

~~~
sliken
Seems pretty trivial to me.

1) install spamassassin 2) turn on greylisting

During if you want to to from 1-2 spam a day to 1-2 a month you might want to
block the garbage domains like click, link, party, top, webcam, xyz, stream
etc. Probably worth enabling a DNS based block list.

So an apt get or two, 2-3 lines in a config file. Seems trivial to me, most
every mail server HOWTO mentions them, should be just a cut/paste.

Sure 9-12 months from now it won't work as well, thus updating SA
periodically, just like anything else internet facing.

------
andris9
Existing mail server solutions seemed so complicated and just plain wrong that
I went and wrote my own mail server software from scratch
[https://wildduck.email/](https://wildduck.email/)

~~~
nicolaslem
I've been feeling the same for a while. Congratulation for doing it, it looks
great!

------
apple4ever
This isn't bad. I ended up creating an Ansible role to do it for me, and it
works great.

I thought about Fastmail, but its too expensive when you want to do more than
one email address or domain. I run mine on a $5 server from DigitalOcean.

~~~
Mister_Snuggles
Every time a thread about running your own email server comes up I think "Oh
yeah, I was going to set up FastMail for my domain"

The current pricing[0] seems to let you have 100 domains plus 600 aliases[1]
for $5/mo.

I've got this thought that I will create aliases for every different thing I
sign up for and use them to track who's selling my email address to who. I
think that a domain plus aliases will do the trick and I think that what I
want to do will fit in their limits.

[0] [https://www.fastmail.com/pricing/](https://www.fastmail.com/pricing/)

[1]
[https://www.fastmail.com/help/account/limits.html](https://www.fastmail.com/help/account/limits.html)

~~~
floren
So I can't quite parse it out from the page, maybe one of the Fastmail users
can tell me.

I can set up 100 domains and 600 aliases, but if I want my wife to have access
to hername@mydomain.com, does she need her own $5/mo account?

~~~
corobo
> I can set up 100 domains and 600 aliases, but if I want my wife to have
> access to hername@mydomain.com, does she need her own $5/mo account?

You can add her as a user to your account (so she can use your domain) and it
costs an additional $5/mo for the separate user yes

~~~
floren
Makes sense, thanks!

------
foxhop
I run my own outbound mail server for my infra. I couldn't justify paying a
3rd party just to make my mail more deliverable. I understand the cat/mouse
game of spam but that should not prevent the rest of the world from running
thier own email services.

I also accept inbound mx for some of my personal domains, but I don't
currently manage my own mailboxes, the mail gets aliased to my Gmail account.

If at some point I get fed up with this arrangement I can transparently change
where the email ends up.

------
sfilargi
I run my own mail server that I coded myself
([https://github.com/sfilargi/puremail](https://github.com/sfilargi/puremail)).

It's basically a single binary that has an SMTP server and webmail server. It
works absolutely fine for me without much stress. I do hit a couple of bugs
here and there, mainly on the mail parsing, but it's not big deal.

~~~
rafael859
I don't think that you should leave your parse.txt there. Looks like personal
data.

~~~
sfilargi
Thanks

------
JepZ
Regarding web mail: I am much happier with RainLoop [1] than I was with
roundcube (better usability). If you are running a Nextcloud anyway, their
mail app might be enough[2].

[1]: [https://www.rainloop.net](https://www.rainloop.net)

[2]:
[https://apps.nextcloud.com/apps/mail](https://apps.nextcloud.com/apps/mail)

------
vog
I appreciate the write-up! I always wanted to do a similar write-up for my own
setup, but I never got around to it. (My setup uses slightly with different
components: exim+dovecot+spamassassin+openldap.)

However, after reading this, the software developer in me feels like "These
tutorials should not be necessary."

This should be a GitHub repo, trivial to fork and trivial to test out locally
for anyone.

~~~
amdavidson
There are several projects that do just that:

\- [https://mailinabox.email/](https://mailinabox.email/)

\- [https://mailcow.email/](https://mailcow.email/)

\- [https://modoboa.org/en/](https://modoboa.org/en/)

~~~
robotmay
I've been running a mailcow install for the past year and it has worked
remarkably well. Not sure if I'll stick with it when I move my server, but
I've got no complaints.

------
godman_8
Honestly if you're lazy or want the support it might be nice to get the VPS
cPanel license. It sets it up for you with full customization allowed. It also
has spamassassin with RBL support in the interface. I think it's $17~ a month
excluding VPS cost. You'll also get so many other features that can be
disabled.

------
Jaruzel
Slightly tangential, but is there something for RSpamd, where it can be run as
just a blind mail relay?

I.E. like this:

    
    
      Internet Email (SMTP) -> [MTA + Rspamd] -> [Real MTA + Inboxes]
    

I ask because I've got a mail server system I'm happy with, but just want to
bolt a better anti-spam filtering system on _in front_ of it.

Thanks.

~~~
perlgod
I believe it would work fine, configure rspamd as a milter on the first hop
and relayhost everything to "Real MTA".

~~~
Jaruzel
So Rspamd+PostFix ?

------
storsjt
Would a better and easier alternative be to run your mail service through
AWS?[1]

Sure it's _hosted_ in a centralised place but since you're paying for it
Amazon shouldn't have an incentive to harvest your data.

[1]: [https://aws.amazon.com/ses/](https://aws.amazon.com/ses/)

~~~
Tepix
Use a cheap dedicated server. A Raspberry Pi 3 can do it. You can use a cheap
VPS to tunnel a "proper" IP address to your home network.

Or rent a cheap dedicated server like Kimsufi or online.net for a couple of
bucks per month.

~~~
storsjt
> Before we dive in, an important caveat: You will become a sysadmin of your
> own mail server.

I don't want to become a sysadmin of my own mail server, however I'd
appreciate not having my personal data harvested by webmail providers (e.g.
gmail, outlook.com). Using a Pi or dedicated server would make me a sysadmin.

Using AWS email seems like a decent middle ground which isn't too expensive
($0.10 per 1000 sent and $0.10 per 1000 emails received).

------
brlewis
I have an old server that I need to migrate. It uses exim4 and pipes email to
programs for certain addresses, and needs to send out automated email for
forgotten passwords, etc. Is it worth moving to Postfix or something better?
This is the part of the migration I look forward to the least.

------
c17r
Does any else remember Matt Simerson‘s FreeBSD Mail Toaster script? Seems like
he’s still working on it: [https://github.com/msimerson/Mail-
Toaster](https://github.com/msimerson/Mail-Toaster)

------
petre
Is there any modern webmail client that's secure and easy to set up? I know
about Squirrel Mail and there was another one using the Horde framework, but
I'd rather use a uwSGI/PSGI app that preferably doesn't need a mySQL database.

------
mattbillenstein
I run my own email server as well and the problem I see with it is that Google
has all my email anyway -- probably 90% of the people I communicate with use
gmail, so even if I don't, most of my sent mail is already in their system
anyway.

------
phelmig
Thanks for posting this. I'm currently running a similar setup and to me it's
a horrible technical debt. Any ideas how to migrate multiple mailboxes for
multiple domains to a managed solution?

------
goerz
I've been pretty happy paying Fastmail to run my email server for me.

~~~
nicolaslem
I've recently moved to Fastmail and I'm blown away by the service. Everything
feel well thought, well integrated, their web interface is fast, their mobile
app is great, they respect standards... I could continue all day.

From reading their blog[0] you can tell that they are passionate about email.

It is a bit pricey for a personal email with a few accounts, but I'm happy to
give them their well-earned money.

[0] [https://blog.fastmail.com](https://blog.fastmail.com)

------
thro1237
Isn't it possible to make all these changes in a server and make it available
as a docker container or VM (with minimal customization required for end
users?)

~~~
m104
For sure! After years of running a personal mail server with a setup similar
to what's described in the article, I moved to using a pre-built docker setup
and haven't looked back: [https://github.com/tomav/docker-
mailserver](https://github.com/tomav/docker-mailserver)

The easiest way to get this type of VM setup going is to start up the
container on your mail host with all of the fun features (filters mostly)
turned off, verify that the new mail container works as expected, then slowly
start turning on features one by one so that if you happen to break something
with a bad configuration you know how to roll back to a configuration that is
functional.

------
mderazon
> Luckily, running your own mail server is not as daunting as many would have
> you believe

Looks pretty daunting to me

------
leonroy
I run my own mail server. Have done since Evolution mail was in BETA circa
2003 ish (time flies). Started with a Linux Mandrake based Postfix, Procmail,
Dovecot, Fetchmail setup with SpamAssassin then moved onto a proper Debian
setup with Exim, Courier, Procmail, SpamAssassin and then finally after all
that faff I found Zimbra.

If you like email Zimbra's great - it's a fully baked mail server which you
install on your Linux distro of choice and it goes off and installs all of the
above for you. Everything is managed via a GUI and you have a great web
interface and standards based IMAP, CalDAV support.

If you buy the paid version you can even get ActiveSync and Exchange Web
Services for it.

Despite all that though, I would give anything to have all those countless
hours I put into running my own mail server back. It is a colossal time sink.
I can't even stress how much work it is, especially if you have anyone relying
on the box for their primary mail account. It's no fun at all.

You're gonna be debugging Fetchmail for when you or your user's want POP3
accounts downloading mail locally. Procmail for filtering. SpamAssassin (gawd
if ever there was something which consumed my life it's that software and its
myriad libs and helpers), not to mention familiarize yourself with DNS MX
records, SPF, DKIM etc. etc.

All of the above works surprisingly well and is fairly solid - until it isn't.
When Google added DKIM/SPF protection and blacklisted servers which didn't was
a fun weekend that I'd rather have spent with my family. When customer emails
started bouncing because their IPs had hit an over zealous RBL list which
Zimbra was using was a fun afternoon of debugging. When Zimbra decides to
randomly let in 10-20 spam emails a day into my mailbox is another weekend
project which I've yet to get round to. Thank god I'm self employed is all I
can say because no employer would tolerate an employee putting the care and
feeding required to maintain a personal email server!

Unless you want to nurture a career as a mail sysadmin seriously, don't host
your own mail server.

Bottom line I'd recommend to anyone thinking about hosting one to either:

1\. Don't

2\. Use Microsoft Exchange Server

3\. Use Zimbra

4\. Seriously, don't - consider Fastmail, Gmail, O365 or Protonmail instead.

------
bedros
What webmail client people tried with their own setup that they like?

~~~
creeble
Roundcube seems to own it. Not that many Foss clients to choose from, and RC
seems most robust.

The only feature I've ever longed for is a simple way to include a non-reply
email in another email message. There's probably a plugin for it.

------
rootsudo
Also it's alot of work.

~~~
TheOtherHobbes
It took about three days to set up postfix and dovecot for multiple domains
from a cold start, including certs and spam filtering.

Postfix supports a selection of block lists for spam, and I get no spam at all
- although unfortunately my gf sends me email from a Yahoo account, and
certain Y! servers get blocked, so that mail bounces.

She doesn't do it often enough for me to spend more time getting whitelisting
to work. (Currently it doesn't - I don't know why.)

The hard part is getting a working config file for postfix, but there are tuts
and examples online.

Like a lot of older FOSS code, postfix is basically an insane collection of
every possible switch for every possible feature, dumped with no particular
thought or care into a single config file, and written up - ditto - in a
single help file.

You only need about 10% of it, but you won't know which 10% until you try.

The server gets regular hack/relay attacks from all over, but those get killed
by Fail2Ban. I'm not exactly a high profile target, but unlike an old WP site
I used to run - it was hacked in weeks - the servers seem to have survived for
more than five years now.

~~~
sliken
Yahoo servers don't seem very well managed. Obviously they have lost a billion
passwords or so. They also serve malware from their home page often (I've
gotten chrome, opendns, and firefox warnings). The ads shown are often pretty
ghetto (payday loans and the like).

In the interest of security I'd help your gf to a different provider.

------
tzs
One thing I'd like to see covered is sender dependent outgoing mail routing.

For example, suppose I have things set up so all outgoing mail from my home
goes through my SMTP server. If I send an email with a from address of
tzs@mydomain, then the setup in the article is perfect.

Suppose, though, I send an email from home with my from address set to
tzs@employer, where "employer" is my employer's domain? Assume this email is
not to an @employer address [1]. With the setup in the article (and in almost
every other similar setup I've seen covered in similar articles) this might
run into spam filter issues unless I've convinced my employer to add my SMTP
server to their SPF record.

The way I want this to be handled is for my SMTP server to see that the mail
is from an @employer address, and instead of trying to deliver it directly,
relay it through employer's SMTP server.

This is similar to the common "smart host" configuration often used when you
run an SMTP server at home, but want it to send all outgoing mail through your
ISP's SMTP server instead of trying direct delivery. Essentially what I want
is a conditional smart host based on the from address.

Postfix supports this. In fact, it seems to support it in a couple different
ways. I played with it a bit but could not quite get it working.

What I'm doing for now, until I find out how to do it right, is only send work
email outside of work from my desktop Mac. I took tzs@employer off the list of
mail aliases for my mydomain mail account, and created a second account in
Apple Mail for @employer. I set the incoming mail server to POP3 on 127.0.0.1
so that it would fail, and set the outgoing server to smtp.employer. It
complained for a while that it could not contact the POP3 server, but
eventually stopped complaining, and the address in the configuration dialog
changed to 0.0.0.0.

With that setup Apple Mail sends mail from @employer directly to my employer's
SMTP.

Sometime recently, after an OS update, that stopped working. It would no
longer let me enable an account unless it could successfully talk to the
incoming mail server for that account.

I did find an ugly workaround for that. I gave it the correct address for
employer's POP3 server, and the correct password. Once it was happy, I went to
Keychain Access, found the saved password for the POP3 server, and changed it
in Keychain Access to something incorrect. Mail then complains that it cannot
login to the POP3 server, but that does not cause it to disable the account.
Net effect: a send only account in Apple Mail. (It is important to do the
password change in Keychain Access, not in Mail, because Mail won't save the
change until it sees the new password work).

(If that had not worked, I probably would have written a dummy POP3 server
that always reports no mail and used that).

[1] This happens reasonably often for me, because I have my mail server set up
to use fetchmail to fetch my incoming work email and deliver it via procmail.
Same for any other SMTP accounts I have. That way I only have to configure
mail clients to work with mail server and I get access to all my mail from all
of my non-web email accounts.

~~~
sliken
Handling this server side seems weird. Why not just have a profile in your
mail client that lets you send personal email through the personal server and
work email through the work server. You end up with a much more robust setup
that works without extra hops through a 2nd mail server. It also provides
immediate feedback if sending an email fails for some reason.

If Apple mail is broken and keeps dropping things I'd suggest thunderbird.

~~~
tzs
> Handling this server side seems weird. Why not just have a profile in your
> mail client that lets you send personal email through the personal server
> and work email through the work server.

Then I have to have my desktop email client set up for both personal and work
email sending, and my iPhone email client set of for both, and my Surface Pro
4 email client set up for both.

If everything, both sending and receiving, goes through my server, then all my
client devices just have to use that one server.

In general, it just seems cleaner to keep the email clients as simple as
possible and put as much of the decision making as possible on my server.

------
throwawayeo5
Email is always a nightmare. My ex runs a BSD mail server that seems to work
alright (and he has a cloud service that will handle mail in the event of a
server failure). Me? I pay Fastmail like $50/year to do that for me, and
they’re wonderful. I tried to sign up for a trial with my own domain, and when
I got a strange error that didn’t let me log in, I put in a ticket (as a non-
customer) and the issue was rectified quickly.

I swear, I don’t work for Fastmail, but I’d much rather use them (or any email
provider that is halfway decent) than fiddle with my own mail server.

------
Faaak
A docker container would really be useful for that !

~~~
Ronsenshi
Here's the one that I use:
[https://hub.docker.com/r/analogic/poste.io/](https://hub.docker.com/r/analogic/poste.io/)

One of the easiest mailserver setups i've ever had.

If you don't like that it's not super free, there's open source alternative:
[https://mailu.io/](https://mailu.io/)

------
alasdair_
I've done this, more than once, both for ISPs and personally.

I even put together a self-contained single-DVD installer that would install
and set everything up securely and solidly. (I don't think I have a copy any
longer and if I did it's very out of date)

I still don't recommend doing it. Even for the security-concious. It's just
not worth it.

------
peterburkimsher
I'd like to run a mail server on a jailbroken iPhone.

The use case is to transfer arbitrary files over a local hotspot.

I tried installing from the Apple TV tutorial, but it put my iPhone in a boot
loop.

[http://ios-webstack.tk/imap](http://ios-webstack.tk/imap)

Just a chance, but are there any iOS jailbreakers here who could advise?

~~~
JepZ
What do you mean with 'mail server'? Postfix? Dovecot?

Running a Postfix on anything else than a dedicated server with a static IP is
a pretty bad idea (half the internet will reject the emails you send).

And to do all that just to transfer some files is probably like using an
iPhone as a fly swatter.

~~~
peterburkimsher
I don't know why there's so many downvotes and patronising "fly swatter"
remarks. There is a use case for this.

For example, sharing a photo album with many pictures. Or a mixtape. Or some
song lyrics. I can't upload those to the cloud for copyright reasons.

Or if I want to make the transfer while away from Internet e.g. skiing,
hiking, waterfall trip, etc. - there's no access to Internet services, so
iCloud/Dropbox/Google Drive just won't do.

I can use lighttpd to serve the folder, but then the user has to hold down and
"Save to Camera Roll" for each picture separately.

If both phones have Airdrop, then that's fine. But many phones are not
iPhones. We could both install a special app for Bluetooth transfers, but we
don't have Internet access, remember? So no app store.

There's a Mail client on every phone, however locked-down it is. If I can
serve a collection of files over a local network and send those directly, not
one at a time, then that would be very useful to me.

I think a mail server is one solution. If you can propose another flyswatter
that meets my requirements, go ahead. Otherwise I still want to find a way to
code a mail server, and the parent article is helpful for that.

~~~
tedunangst
> We could both install a special app for Bluetooth transfers, but we don't
> have Internet access, remember? So no app store.

Why not install the special Bluetooth app whenever you were planning to
install the smtp server?

