Nov 4, 2023

Hosting Email IS Hard - Part 1

linuxselfhosted

1072 Words /||\ Reading Time: 4 Minutes, 52 Seconds

2023-11-04 17:07 -0400

The Self Hoster’s Biggest Challenge - Email

This is Part 1 of a two part series on setting up my own self hosted email. In this article, we’ll discuss how far I’ve gotten. In the next article, we’ll send our first email and give our thoughts on the entire ordeal.

Anyone who’s been in the world of self hosting will have, at one point, had the thought. What is this thought?

I can self host my own services, why am I still using someone else for email?

You will then run into the inevitable Blog Posts and Hacker News Threads lamenting the current state of hosting email. And this is normally enough to dissuade regular people. However, there’s a certain breed of stubborn self hosters. Ones who get told they can’t do something and refuse to accept the “why” given.

You have to at least try for crying out loud.

So that’s where I got to where I am today. For the last week straight, I’ve been trying to set up my own email server to learn how each component of the stack operates. Before I drafted this post, I had written up my gameplan and diagrammed it out with flowcharts and everything. Then after painstakingly setting up the beginning of an ansible playbook, I realized that most of what I was doing was going to be near impossible to test without knowing what a complete setup looks like.

The First Hurdle - What Software To Run

Before I go into the major roadblocks, I should probably start with why I chose Mail in a Box over other popular options like Mailcow. Or the more barebones route of setting up Postfix and Dovecot myself manually.

I decided to test out Mail In A Box since it’s basically what I was trying to build. I would advise anyone who’s considering learning how to set up email to check this project out. After you run the script it gives you detailed instructions on how to do things such as enable DNSSEC, set up reverse dns, and other concepts which may be new to you if you’re just learning about email.

A Side Note On Spam

Why Is Spam So Bad?

I’m not a lawyer, this isn’t advice, just cursory knowledge I have. It should go without saying you shouldn’t send spam emails.

Spam email marketing is not illegal inherently. To clarify what I mean by that is, the act of sending out unsolicited email marketing itself isn’t illegal. However, the offers and schemes behind the spam is immoral at best, and illegal at worst. Let’s analyze one of the most common scams you’ll encounter on the internet: The Miracle Diet Pill.

  1. Sending out spam saying “You’re going to lose 20 pounds with this diet pill” is not inherently against any laws while it definitely is against multiple terms of services
    1. If the “Diet Pill” will never work then it IS illegal.
      1. This goes without saying - it never works.
      2. So in reality it likely is almost always illegal.
  2. Sending out spam saying “Lose 20 pounds in 1 week” is definitely illegal and against multiple terms of services
    1. You’ve gone from an ambiguous time frame of the 20 pounds lost to a specific one that is unrealistic.
  3. Sending out spam saying “Foo publication and Bar university endorse this diet pill” is bringing up multiple legal issues such as
    1. Defamation
    2. Copyright Infringement
    3. Etc.

What does this have to do with us, the self hosters?

Why am I getting into all of this here? Because I want to give you an idea of the playing field. This cat and mouse game of email spammers has cost consumers billions, if not trillions, in damages.

Due to the extreme risk of potential lawsuits nobody wants to be the one hosting the email spammers servers. This should be obvious - enabling cyber criminals is generally something a company would like to avoid. And more power to them, I understand that after 2 to 3 decades of dealing with bullshit, you have to clamp down eventually.

This does put us into a situation where everyone in the email delivery stack - from your VPS to Google - assume the worst from you by default. For every person like us who wants to host their own inbox, they probably had to deal with 1000 hacked servers before you. By sending emails outside of normal channels, you’ve chosen to associate with the scum of the internet. Whether you wanted to or not!

The Second Hurdle - No Port 25?

Now we get into our first major roadblock. If you’re like me, you went ahead and bought a cheap VPS instance to test the installation process of Mail in a Box. Then you’ll have discovered the System tab that checks your installation’s DNS records, among other things. You may have even attempted to send an email like me, and noticed that nobody is receiving your email. I’m not talking about emails showing up in spam, I’m talking about emails to test servers flat out never being received.

Under that System tab there’s one message that I couldn’t seem to get to go away no matter what I did on my own - and it’s this.

You may be wondering what :25 is for. If you guessed “Sending out emails” you would be correct! Most, if not all, reputable VPS providers block port 25 by default for all new servers. You might be wondering “Why? I’m not doing anything wrong, why would you limit what I can do on my server I’m paying for?” and the answer should be obvious - SPAM!

Where I’m At Now

At the time of writing I’m waiting for my VPS to unblock port 25 so I can actually send an email. Until that happens I have no other input. So far my experiences with hosting email have been… “bad”. Ha ha. I assumed that this federated protocol that’s been in use for ages would be more open. It turns out it’s the exact opposite.

I was going to wait to publish this post, but I decided to put it out early for two reasons. One of them being I haven’t published anything in days now. The other reason being I am now holding myself publicly accountable to actually seeing this through to the end.

Tune in next working week for the thrilling conclusion on my self hosting email story.