Running a Personal Mailerserver in 2019
I’ve been running a personal mail server for years. I’m a big fan of self-hosting as a hobby, but more recently, privacy has become a big concern of mine.
I’ve put together what I hope is a simple setup for running a personal mail server, if you’d like to do likewise.
If you’d like to jump straight to the stack and its documentation, it’s here:
https://git.sd.ai/simon/simple-selfhosted-mail/
Motivation
Email is my primary communication mechanism despite the societal push towards social networks, but I value my privacy. I want to have a solution that’s as free from surveillance and data mining as possible. I want to own my data, on my hardware.
Free services for email are available, but the tradeoff for doing this means giving up your personal data to large corporations. Their business models involve knowing as much about you as possible. Usually, this information is used to sell you targeted advertising, but having that data can lead to other privacy concerns.
Ultimately, if you are getting your email services for free, then the value to the company comes from you as a commodity. I prefer to pay a reasonable fee for the services that I use and remain in control of my data.
Richard Stallman has a useful page on why you shouldn’t use Google if you’d like to read more.
Alternatives
Self-hosting your email is going to be well within the realm of the computing hobbyist. If you are looking for a more straightforward solution, you might find that Protonmail works for you. The service provides a privacy-focused, encrypted email account at a reasonable price. There is also a free plan that provides limited use so that you can try it out.
Setting up a mail server
Still with me? Cool. The main things we need for a mail server are:
- A domain name, and somewhere to host the DNS for it.
- A server or VM, for which you can set the reverse DNS.
- An
SMTP
service, which is the protocol used for transferring messages around the internet between servers. - An
IMAP
service, which is the protocol used for delivering messages from a mail server to a client. - A spam filter, to stop spam filling up your inbox.
- A set of technologies called
DKIM
,SPF
andDMARC
that work to ensure that your outgoing mail is trusted so that other servers don’t see it as spam.
I’ve put together a stack based on Docker that ties all of these services together. I’ve been running my email with this for about 6 months, and I’m happy with it. You can find it here:
https://git.sd.ai/simon/simple-selfhosted-mail/
The README.md
file contains a guide to setting it up and using it, and there
is no point in reproducing that here, but here are the headlines:
The stack
The stack is a docker-compose
-based environment for setting up a personal
mailserver as quickly and simply as possible. Included are a collection of
components, bundled together via a compose file, which provide a simple but
fully-functional mail stack.
It supports:
- Multiple users
- Multiple domains
- Webmail
- Antispam
- DKIM/SPF/DMARC to ensure reliable outgoing delivery
- SSL
- Server-side mail filtering
The framework is built from the following components:
- Haraka message transfer agent (SMTP)
- Dovecot mail delivery agent (IMAP) and filtering (Sieve)
- Rainloop moden web-mail interface
- Rspamd spam filtering system
- MariaDB database for simple user management
- ClamAV anti-virus
- Nginx reverse proxy for Rainloop
- Redis backend for Rspamd
The default configuration is minimal but is enough to get started straight out of the box, but can be tweaked by modifying the config files in the repository.
Requirements
The stack requires a Linux server running Docker, and docker-compose
. It also
requires a domain (as mentioned above) with which you can use
Certbot to generate
Let’s Encrypt certificates.
Everything else can be set up via the docker-compose
requirement, although you
should also have somewhere to back up your data. I haven’t included that in the
getting-started guide, as that would require more advance-knowledge of your
environment than I have.
Next steps
In my next couple of posts, I will be talking through some of the stack in more detail, and explain some of the intricacies in using it beyond basic setup. If you’re interested, stay tuned.