Hacker News new | past | comments | ask | show | jobs | submit login
Life After Gmail: Why I Opted for a Private Email Server (bloomberg.com)
48 points by janvdberg 71 days ago | hide | past | web | favorite | 16 comments

I can see a lot of what we call "cloud services" today being privatized in the future. Owning your data is catching on, and it's never been easier to host your own:

* cloud storage/calendar/contacts sync with the likes of Nextcloud,

* email server and webmail client with the likes of Mailpile,

* group/instant messaging with the likes of Mattermost,


https://privacytools.io is a good place to get started, albeit slightly more paranoid than most of us.

[I noticed this became increasingly off-topic as I wrote it...but I guess I'll post it anyway]

One thing that's a bit unfortunate to me is that domains don't practically seem to have much "resolution" compared to home addresses. Of course there is a whole hierarchy with countries, states, and even cities, but at end of the day many people like me simply have a domain [firstname][lastname].com. But where does that leave all of the other Firstname Lastnames out there? And then when I actually setup email addresses I can throw in all these different users (which I do...e.g. ml@ for mailing lists and todo@ for a todo dump), but they are all pointing at me in the end. Publicly I basically only have one email address that others use even though i could have *@domain.

I'm honestly not even that clear on exactly what the problem here is. It seems that basically the point is that a domain originally was meant to map to an larger organization probably with an administrator, whereas if you want to use it privately you basically need to treat yourself as that one person organization. Something feels a bit off, but I don't know quite what it is...

I always see people say how great gmail search is, as does the author in this article.

This befuddles me.

Gmail search often leaves out results I know are there, and sometimes comes up erroneously empty. I can verify this, because I store my emails offline. They are indexed by notmuch. I find notmuch to be not only faster than gmail search, but far more thorough: notmuch gives me hits that gmail skips.

My guess they got so many performance gains by conceding a bit of data integrity or search accuracy or replication accuracy or something. Not sure whether it was accidental or on purpose but it seems a persistent behaviour.

Running the same very low result count returning search queries in other parts of googles data sprawl sometimes returns different sized outputs. There's more than one reason they stopped telling you how many search results there were, my guess is consistent inconsistencies is another.

The cost of free is becoming too high. In this particular case the cost of free was higher than approximately $500 and $99 per year.

What are fellow self-hosted email folks doing about spam these days? I've found that Spamassassin is letting through more and more these days...

I'm using a custom procmail setup build over the years around Bogofilter [1]. I find it still works well, even though Bogofilter is more or less unmaintained at this point. I'm only aware of one serious bug in the upstream distribution [2], but a patch for that exists.

The running yearly average false negative rate for me is currently 6.5%, which isn't perfect but it's survivable. It's hard to say what false positive rate is, but over the years I can't remember an instance where I would go fishing in the spam folder for a mail I knew I should receive (I do have classification settings very much biased towards false-negative rather than false-positive)

[1] http://bogofilter.sourceforge.net

[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733622

I use a methodology called S25R [1] that involves regex filters in postfix. Super simple, no third party anything for those regex patterns. I reject the spammers and use iptables for the really bad spammer networks. In terms of external third party resources, I also use spamcop and uceprotect in postfix to do RBL checking.

[1] - http://www.gabacho-net.jp/en/anti-spam/anti-spam-system.html

I use dspam. It seems like an abandoned project, but it still works. I looked at rspam, but I'm not a fan of the way the lists cost money as soon as you want to make money. Sure, right now, I'm only hosting personal email, but who knows what could happen in the future?

I use mailcow[1], which uses rspamd and it just let's through like 1 mail every few days.

[1]: https://github.com/mailcow/mailcow-dockerized/

I can thoroughly recommend rspamd - it feels rather more robust than spamassassin and is easier to configure eg if you just want to do Bayesian filtering etc. The analytics and logging you get through the web interface is also very good.

I've been having good luck with SA's heuristic learning engine. False positives are non-existant and it catches ~90% of spam that isn't caught by other rules first.

I just want to say thank you to comments on this thread, this type of discussion is why i browse HN.

Q: I want to manage my own email, what about people’s solutions can ensure that outgoing mail is not shunned by the big players?

Many spam traps penalise recently registered domains. Wait 90+ days after registering a domain before you start using as your primary sending email, and(as others have said) ensure you have SPF and DKIM set up and working.

Also ensure your sending IP addresses are not in known 'residential' blocks (ie you'll need a VPS at least to use the IP address) and not blacklisted by previous owners.

I've been running mine for years. I have my spf and opendkim records setup. That seems to have been enough. There are a couple places that I've had issues with, but most seem to work just fine.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact