And what do you actually use? I know the answer is probably self-hosting but maybe there are other solutions for a decent privacy.

  • Chobbes@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    No you’re right, I shouldn’t discourage, just wanted to warn it’s not the same as most other self hosting projects, where often you just need to spin up a docker container.

    Yeah, this is very fair! I just wanted to also provide the other perspective. Self hosting e-mail is very doable, and I think there are some things like mailcow / mail-in-a-box that make setting up the software on the server a lot easier (I haven’t used these, but I’ve heard good things)… But you’re probably still going to have to double check your rDNS and make sure to add the appropriate DNS entries… And you might not even realize that you have to do that, and then you’re like “why the hell can’t I send e-mail to anybody”, and it’s not the easiest thing to debug (especially if you haven’t set up DMARC entries for getting reports from other mail servers). Plus… If you get the DNS entries wrong it can be a pain to wait for the TTL to expire to make changes. The setup definitely isn’t without its headaches and hassles, but it’s not impossible and once it’s good to go you probably won’t have to change anything.

    FWIW hasn’t DNSSEC/DANE been added to the prerequisites these days or is that still optional?

    This is currently optional afaik. I believe you can use this to establish that your e-mail server accepts TLS so other mail servers can know not to downgrade to an unencrypted connection. Admittedly, I’m not super up to date on this, and I’m slightly confused about the differences between MTA-STS and DANE. Also fwiw, I think both of these solutions mainly impact receiving mail, and shouldn’t make much of a difference if any for you sending mail to the big providers.