Slashdot Mirror
Ask Slashdot: Self-Hosted Gmail Alternatives?
linkedlinked writes "I'm tired of building my sandcastles on Google's beachfront. I've moved off Docs, Plus, and Analytics, so now it's time to host my own email servers. What are the best self-host open-source email solutions available? I'm looking for 'the full stack' — including a Gmail-competitive web GUI — and don't mind getting my hands dirty to set it up. I leverage most of Gmail's features, including multi-domain support, and fetching from remote POP/IMAP servers. Bonus points: Since I'm a hobbyist, not a sysadmin, and I normally outsource my mail servers, what new security considerations do I need to make in managing these services?"
http://squirrelmail.org/download.php
Interface takes a bit of getting used to, but its allright. It doesn't look as pretty or as polished as gmail but it'll work. Obviously you could/should use an email client and just access them through POP or whatever.
Well, for starters, you want a damn good spam filter.
i use it since three year more polish then squirrelmail and really fast
As subject says, I've been using hastymail for a while, it's a no-hassle, simple webmail client.
No bells & whistles, yet my users seem to like it - http://www.hastymail.org/
Especially with email, I like the fact that I'm not going to accidentally break something, miss an email and lose my job.
I also like that I'm not updating everything all the time with security updates. Google does all that for me.
I also like the integration between all the services.
I also like the two-factor authentication. (Good luck getting that set up on a self-hosted system, I suppose you could use X.509 on a USB drive or something).
Don't fix what ain't broke.
Grab yourself a Zimbra appliance from http://www.turnkeylinux.org/email - up and running in a few minutes, and it should give you most of what you'd expect coming from Gmail.
SquirrelMail is awesome for being simple, fast, and non-JavaScript.
If you want something more JavaScripty, there's Roundcube.
It's not gmail, but the point is your data's yours.
Postfix/Dovecot setup tutorials
I'm not a lawyer, but I play one on the Internet. Blog
I can recommend http://www.iredmail.org/.
It has a WebMailer, GUI to add new domains and stuff, Spam/Virus checks.
And some more great features.
It's easy to setup, too
Is there a reason you are trying to pave your own road?
Zimbra Collaboration Server (http://www.zimbra.com/)
You need postfix, fetchmail, procmail, dovecot and squirrelmail.
You do know that whatever email solution you choose, unless you use full encryption in all your email messages, outbound and inbound (good luck with that) it's still pretty much in the open, and anyone who knows what they're doing in the intermittant path, especially your internet provider, can intercept and read (parts of) those emails?
At least google has proven their worth with standing up to the US gov't in stead of just bending over and giving them all plus some extra as some others have.
Manuals are your last resort only
Roundcube looks/feels a lot better than SquirrelMail
My company uses Zimbra. It works pretty well for us.
The best webmail UI I've used other than Gmail is Roundcube. It's simple, clean, and works quite well.
I used to get high on life, but I developed a tolerance. Now I need something stronger.
http://www.scalix.com
It's more along the lines of Exchange in terms of features/look, but there's a free version and it's open source. The free, "Community," version only allows 10 accounts the ability to use an email client though (Outlook, Thunderbird, etc.) - beyond that you have to upgrade to the paid version. I connect to my server with Outlook, Thunderbird, my iPod and my Android.
I've recently been looking at Zarafa. Has nice web front end. Can push sync your contacts to mobile devices etc. You can use multiple backends like a DB or LDAP store (LDAP is required for contact syncing apparently). I haven't completed my test setup yet so can't say anything about it other than it looked promising and easier to setup than the alternatives I'd seen like Kolab and friends. I use postfix+barracuda RBLS+greylisting+dspam for spam filtering and I have yet to find anything that even comes close in terms of reducing the amount of spam into my inbox.
Thats a bit of a jump
Just get your self a cute 4.99 a month webhost, they will give you a billion accounts on your domain, webmail (maybe even a roundcube front end which is nice n purdy n smooth) Spam assassin (which works pretty well) and 50 gigs worth of backup space I mean website space
As a guy who ran email servers for a small organization, let me say enjoy it while you can, because email admin is a never-ending pain in the butt. The spam management, the 24x7x365 server monitoring for security issues, the blacklisting and DNS issues, and that people get really bitchy when their email service is disturbed in any way.
That being said, I hear nice things about Zimbra.
Why on earth did you move on to plus if you were planning to dump Google at the altar?
Wanting to get away from google isn't much of a good reason. Properly running a mail server is not a small task. You need to keep it secure, up to date, you need to monitor it to make sure your IP or network does not get on black lists or all of the sudden you will find your mail in people spam folders.
There is a lot to running a mail server properly. Sure you can get a basic one setup on a VPS in a few hours, but do you care if your mail gets delivered?
Running a mail server is not for the inexperienced person period. Running mail servers can be a huge PIA for those of us that have been doing it for 15 years.
A true gmail competitive interface really barely exists today, there are some corporate solutions that come somewhat close, but be ready to hand over thousands of dollars in fees for the software. The open source web mail interfaces are not even close to what gmail does.
I maintain a mail server, manage dozens of domains, and have managed email for thousands of people, I have a pretty good idea what I'm doing at this point. I still use gmail for a lot of stuff myself.
There are reasons to setup your own mail server instead of using gmail, but they mailing come into play for things like running mailing list servers, discussions groups or server side software programs that need to be able to deliver larger amounts of mail than you can pipe through google.
Jamie
I'll probably get lynched for this, but we've had great success with SmarterMail. Yes, Windoze, BUT:
-- Given your needs, you don't need anything other than the free version
-- Web interface is VERY mature
-- Includes calendar, contacts, tasks, notes
-- Has Lookout (Outlook) sync capabilities
-- Handles traffic well
-- Spam filtering and virus scanning, out of the box, does a pretty good job
-- Support has been great. A plus since you mention you're not a sysadmin
-- Supports much more - check the product details
If you know how to properly harden and protect a Windows server, you could install this and be up and running in VERY short order! Just another alternative...
Let the flaming begin, of course. it wouldn't be /. without it, for someone like me... LOL
In my opinion, nowadays, running your own server is rarely worth the effort. Inevitably, you'll wind up on one or more back hole lists, or one more major e-mail providers will either not accept mail from your server or will flag it as spam. Have fun trying to work through those problems. Because you represent the interests of only a handful of users, no RBL or sysadmin is going to give you the time of day. Also, keep in mind that 80-90% of every connection made to your server will be from a spammer and some percentage of those connection attempts will be for the express purpose of exploiting a security hole and infecting your machine. I think you're in for some serious heartaches and frustration no matter how wonderful a job you do choosing which software to use.
For a mail server I very much prefer Courier Imap. There's also Cyrus, which some people favor, but I like the simplicity of Courier.
If you want full blown calendering and groupware, you might look at something else, but that's not what you're asking.
For a mta, most people prefer Postfix, allthough Exim is allright as well.
For configuring your services... At my job we use a VPS from a hosting provider, complete with cPanel. It's a really easy way to get started with it, and add domains and mail addresses.
Well, don't worry about that. We can get you back before you leave. (Dr. Who)
roundcube is great for email only... but as a replacement for a lot of the gmail services it falls short
i felt the same way as you, and started using zimbra. after a few weeks i decided to buy a subscription which gets me 'active-sync' for mobile devices (email/contacts/calendar)
Several years ago I'd have said sendmail, but five years ago I tried postfix and was suitably impressed. We used dovecot and spamassassin and it was a very reliable setup. I moved on from that particular Company and it was still running 6 months later with nobody looking after it! There's some tip-top tutorials online and the usual O'Reilly books are also worthwhile as a reference.
... and I can safely write that there is no way you will ever achieve anything comparable to gmail.
You can try:
- squirrelmail, ugly and so last century
- openwebmail, old-fashioned Perl webmail, not maintained any longer
- zimbra mail, lots of functionalities and fancy features
- roundcube, decent but nowhere near what you're hoping for
Spam control on the server side is going to be an issue. You will have to use a combination of solutions (e.g. custom sendmail configs, RBL/XBL blacklists, spamassassin, greylisting, procmail rules, smf-spf, j-chkmail) and it will take quite some time and effort to get everything fine-tuned.
For anti-virus, clamav works well
For IMAP I found that dovecot does a decent job. If you want to fetch from remote servers into your own server then fetchmail can do the job.
Usual security considerations apply - patch early, patch often.
You will spend long hours maintaining this, highly recommend using a log colorizer to help watching logs e.g. ccze
In the end you will feel you got a half-baked solution that doesn't even come close to comparing to gmail in terms of functionality, ease of user interface, security and spam control. But hey, it'll be your own stuff.
I've run Zimbra for 3 years now, back to 5.0.9, which I installed for my then employer. The architectural people there have taken, right along, an attitude that I can characterize only as "RFCs? Who cares about those?"
It doesn't handle fixed-pitch well; its editor won't re-wrap (though they might have finally fixed that in 7), it doesn't uknow from RFC 2369 -- in fact, it handles mailing lists poorly in general; notably, you can't change the Reply-To in any way when replying, if you generally want HTML off (as I do), the only way to turn it on is to dive into the Preferences and switch it, then reload; same turning off...
Check for bugs filed on their bugzilla by jra@baylink.com if you want a full list of the ignominy. But in general, I would say: evaluate it pretty thoroughly to see if you can deal with its crap before deploying.
It's *very* pretty. I just don't know if it's worth the trouble.
> Since I'm a hobbyist, not a sysadmin, and I normally outsource my mail servers, what new security considerations do I need to make in managing these services?"
Yeah so you are better off not going this route. You pretty much HAVE to be a 24/7 Linux sysadmin for running your own email.
Also there is the problem of being a little guy. You can do spf, dkim, and look 100% legit but then some larger email systems will sometimes delay your mail or put you as spam because their mail systems will say 'who is this one odd IP that is unknown?'.
And spam - it is such a problem that you can outsource the filtering to mailroute.info but you are going to learn quite a lot about spam, RBLs, filtering.
And you also must learn either exim, postfix, sendmail, etc and know how to configure it securely. A lot of dictionary attacks these days come from attempting pop/imap logins over and over for brute forcing. So you'll want to set up some kind of rate limiting either in Postfix config or with fail2ban.
And running a php web server for webmail - prepared for constant 24/7 scanning, probing, and other attacks trying to poke at your server. :)
Good times,
A mailserver in an environment where the webserver is the more important of the two can be a liability. I've had postfix cause out of memory errors and bring down mysql/apache on a vps. Spamassassin also uses a fair amount of memory. I'm not a seasoned linux admin, but I will say that I'm much better off after pulling mail services from the webserver and forwarding mail via an MX record to a $25 p/year paid service. Just another option to consider...
For over 15 years, I spent my time doing my own servers. Figured out that I was spending too much time doing server admin and not enough building sand castles. Now, I am on Google.
I prefer the "u" in honour as it seems to be missing these days.
... + squirrelmail + apache + spamassassin (later switched to dspam)
I used this guide: http://www.gentoo.org/doc/en/virt-mail-howto.xml
It was great when it started out. It handles multiple domains. Handled spam well. Ran on a low end PC. Handled email for my family and a couple of friends.
Then it became a fucking pain in the ass to maintain. Mainly the spam filtering started failing, and it was a resource drain. Switched from spamassassin to dspam which improved the situation. But dspam was a fucking chore to train the filter.
Eventually I gave up. It took too much of my precious time to manage all the shit on my own and I moved my domains to Google Apps and can't be happier.
Sorry I forgot to login before I posted this. The above post is mine.
If you want to run your own mail server you will have a problem, you will need a reverse ip resolution for your domain. Without this, your outgoing mail will be marked as spam, many big companies do so, for example Google. Without this your mail will go directly to spam folder.
Good luck with your ISP.
The whole beauty of gmail isn't that you get a lot of neat features. It's the fact that your email almost always gets from point a to point b. This is because you have the luxury of being on a "big" mail server. Smaller mail servers, like one that you or I would set up do not get special treatment. The whole system right now is stacked against small mail servers. The minute you hit operation, you'll find that you might already be on spam lists, and that you have to fight to get yourself off of them. The minute you find that you're off the lists, you'll probably end up back on them because someone three ip addresses away has been sending welcome emails from his web site, and someone forgot that they asked for one.
If none of that scares you, the following list will get you close to what gmail can do.
So here is what you need first and foremost:
1. A dedicated server just for Zimbra with Domain Keys installed
2. A block of 24-32 ip numbers. (49 ip numbers would be ideal, but it's harder to buy odd blocks like that.) Put your mail server as close to the middle of that range as possible. It sounds like a lot, but most collocation facilities can hook you up with this for 300-500 usd a month.
3. Proactive attention to getting your ip block removed from all spam lists (especially Barracuda, their list is the most annoying for the high number of false positives) before the fact. Just let them know you exist.
4. Pray that all of the hundreds of moving pieces you've just put in place don't break, that bad hackers don't brute force their way into your server. Strong passwords don't really help as much as people tell you they do either. That's now something you have to worry about too.
So there you go.
It doesn't make sense to me that you would try to do this for something that only you would use.
The expense is too high, and the benefit just isn't there.
Over the last few years, I've been offloading my email to the social networks and blogs. Facebook, Linked In, personal Drupal installations, Twitter, etc.
They don't have a lot of the core problems that email has, and pretty much everyone I communicate with will use one or multiples of those.
For everything else, I use Gmail for domains because, even if I end up upgrading and paying per account... it's still less of a headache than the Dante inspired hell that is managing my own email server.
I hate running fucking email servers.
Hate them.
Hate.
Hate.
Hate.
There. I feel better now.
This signature has Super Cow Powers
The previous "why" poster has it right. It's like you're complaining about success. You are never going to do it 50 percent as well as Google. -- don't try. Rolling your own is an academic exercise. Zimbra is ok-- if you can live in the 90s. Google is it. Just backup your data.
Zimbra works really well.
I think they just do email, and we pay them, so the hope is they are
interested in keeping us happy. IMAP from firefox works, and the web
front end is functional. Now if I could just get everyone to use https:
To my knowledge there is no gmail clone running around on the interwebs. However, most of Gmail's feature's are just redressed versions of things that already exist. Labels = Folders, Star = Important/Color, etc.... you should really should say what is important to you. (For me, it would be the hot keys which I find extremely handy)
Once you settle on which features are important then it is time to go looking for a package. Many seasoned and solid projects have already been named. Left from the list seems to be Open Xchange and Horde/IMP. Imp is going to be the vanilla webmail/calendar client while Xchange attempts to be an exchange replacement. Setup is not for the faint of heart, but it does offer an outlook connector once the deed is done.
Zimbra looks awesome btw, but I haven't had any experience with it. In the end, I always tend to dig around freshmeat and sourceforge to see what new projects have come about.
As far as building a home server and what to look out for... assume the internet is your enemy and go from there.
I know this isn't what your question is, and I respect your reasons (even though I don't understand them), but I think you'll find that most admins are going in the other direction. Email is something that should just work. When you host it yourself, you have to worry about a ton of factors... spam, incoming, outgoing, forwarding, being sure your mail isn't getting filtered by recipients' services (which requires a surprising amount of work from the default installations of most self-host services, though the spf entry in your dns is recommended regardless of what you use). I've moved all of my sites to google apps email. It's so so so much easier. Plus you get the awesome gmail interface, and you don't have to worry about your configuration.
@mail is a commercial product. Has calendars, mobile sync, etc.
I too am trying to host my own services locally rather than in the cloud. I'm using www.tonido.com for file/photo sharing and music streaming and plan to use atmail for mail. atmail.org has the free version. atmail.com is the commercial version.
...these guys:
http://fastmail.fm/
I think their staff frequent /., at least they have in the past. I'm not using them yet, but I keep the link handy for the day when I get kicked off my current server.
It is dangerous to be right when the government is wrong.
You have at least two good choices:
1. You rent a Linux host, point a domain name to it, and set up your own email accounts on that domain by means of installing the relevant email software stack like IMAP/POP3 service etc. You host - your rules - you can set up your own spam filters, rules, actually you can do so much my rambling cannot even cover half of it. You certainly can install some form of web interface to access your mail on it.
2. You do the same as above, but instead of renting, you just set up a box in wherever you live, make sure it stays always-on, make sure it's reachable to the world and use a public dynamic DNS service to make sure the domain name points to it so that you can set up the software as with point 1. The benefits are that it's for total control freaks, and it includes many benefits of point 1. The cons are well... it's your hardware, so you maintain and run it!
There are many hosting companies that will give you a nice virtual CentOS Linux with plenty of computing power for a fraction of average monthly income. If you think it costs too much, imagine that later on your box can be your face to the world - install a Diaspora POD on it (if it ships hehe), web server for you and your family, friends, projects, compute stuff, rent it out if it stays idle enough...
Kerio Connect is based on a lot of open-source technologies, and they do contribute back - but it is in itself a commercial product. For a small number of users, though, it's still a good value for those looking to DIY.
(disclaimer: Though I'm a user of it, I'm also a fairly large reseller by Kerio standards and my business gets a lot of our revenue from it)
The minus of Kerio is that it's commercial software and therefore not roll-your-own in nature. Limited tinkering is available. And to get updates after year 1, there's a subscription charge. The webmail is good but a little dated compared to some of the latest stuff out there.
The pluses, though, are these (in my non-biased opinion):
- Good antispam tech (blacklists, SpamAssassin, Bayes filtering). Not state-of-the-art, but traps most of it.
- Uses built-in Sophos engine and/or your own AV for filtering
- Easy to administer with web GUI, plus it's extensible with an API.
- Mail and config files are stored in plain text and can be accessed and edited by hand if needed.
- Supports native client for pretty much everything (Outlook, Mac apps, Sunbird and Thunderbird, etc.). Supports IMAP, CalDAV, and CardDAV.
- Integrates with AD or OD if needed
- Supports ActiveSync and if you have a Windows server it can support Blackberries (you have to run BES to do that, and BES is Windows-only)
- Easy to manage SSL, and it'll automatically use SSL for SMTP transfers if the target server supports it as well (so you get encrypted transmission)
- Runs on Mac, Windows, or Linux. Plus it comes as a pre-packaged VM for VMware or Parallels for appliance use. That's kind of handy.
- Scales well. It'll go from 5 to 1000 users pretty well on good-enough hardware. My largest client on it has an Xserve with an SSD boot drive and a RAID 1 mirror to support 1000 users.
They'll give you a 30-day trial if you want for free. And if you try it and like it, feel free to buy it from someone other than me - I don't get referral fees or anything for that but I'm not pimping it on my own behalf here.
-- Josh Turiel
"2. Do not eat iPod Shuffle."
Training spamassasin is not that big of a deal really. Just automate a process for feeding it new bits of spam to train the filters. You can do this by just designating a standard place for it to look for new examples.
It's Unix. If there are any "chores" then you probably failed to automate something and the solution is probably not that hard.
A Pirate and a Puritan look the same on a balance sheet.
The open source web mail interfaces are not even close to what gmail does.
On this point I have to disagree. gmaill is highly capable and all, but I actually prefer roundcube's interface over gmail's.
I also disagree that maintaining a mail server competently is that hard for a single domain with maybe a half-dozen users. If you stick to packages provided by a linux distribution, distribution updates will handle most security updates. Many ISPs have blessed relays for your use that alleviates the blacklist problem significantly.
That said, I have co confess current state of gmail makes it hard to find reason to do it yourself. The only reason I could think of is fear for what google could do in the future given the fact they really can hold your email address hostage. If you pay for your own domain (using any subdomain like offered by dyndns or co.cc is begging for them to hold your domain hostage down the road (as dyndns already has done to its users), landing you in the same place. Since so many free offerings from other companies have either evaporated or 'altered' in unacceptable ways, it's not unreasonable to be wary of Google's take on the perceived business value of free email with ads. If data suggests the cost is higher than the revenue sometime later, say goodbye to your email.
XML is like violence. If it doesn't solve the problem, use more.
Office365 On Premise, Off Premise, Hybrid #emp
Self hosting your e-mail is going to be a nightmare; primarily due to the spam and security issues noted above. If you do continue to peruse this effort, you will run into the following: 1. Problems filtering incoming spam 2. Problems with outgoing e-mail not being delivered (incorrectly blocked because "they" don't know/care about you) 3. Problems with ensuring proper security (not rocket science, but much more difficult than just setting a good password) ... and you haven't even touched your webmail UI yet.
Personally, if it's the "sandcastle on google's beachfront" problem that you're worried about, simply make sure you have a good backup of your gmail, and an account with a second major email provider that you can fall back on, and you're good to go.
We used to run Kolab at the office until we switched to Google Apps. It wasn't bad.
Why is it so hot? Where am I going? What am I doing in this handbasket?
Kerio Connect. Can be free if you become a partner and have less than 5 users or $540 which is still a great deal IMO due to the ease of administration and being able to set it up in mere minutes with very little effort. You very well could spend many times this in effort trying to do it yourself with a free product.
100% configurable via intuitive web GUI
Multi-platform (Windows, Linux, Mac, VMWare)
Very good multiple anti-spam features
Full featured webmail, very near parity with MS Outlook.
ActiveSync support for Andorid, WinMo, iOS (Push mail, contacts, calendar) Optional Blackberry connector.
Multi-domain support
Near instant phone support with actual engineers (if licensed)
Very active development with easy to apply updates
Tons of other features.
Download the fully functional free trial and give it a spin.
I don't mean to sound like an advertisement but I have been using this product for 5 years and it has been the easiest mail server I have ever managed.
There are basically 2 ways: Install an 'appliance' mailserver like zimbra/roundcube Or roll your own. I've been running a personal, small business server for years. It's great being able to give free email addresses to friends and family I would recommend (on debian server): -Postfix smtp with mysql backend and postfixadmin -Dovecot imap -Amavis/spamassassin/clamav for virus/spam filtering Then you can throw on any web based client I like horde but squirrelmail is good too. Horde has good groupware features and the new interface supports some nice ui features. Also consider serverside filtering, horde has a sieve plugin which integrates with Dovecot in a cleaner way than squirrelmail. Setting up a server is non trivial and you'll need to get your head around NAT, firewalls (iptables) and making sure you're not an open relay. However, once it's running it's actually pretty maintenance free (unless you want corporate level security). Good luck! There are some excellent howtos out there. If the above sounds daunting, try an appliance first but there's a lot to be said for rolling your own.
On this point I have to disagree. gmaill is highly capable and all, but I actually prefer roundcube's interface over gmail's.
I also disagree that maintaining a mail server competently is that hard for a single domain with maybe a half-dozen users. If you stick to packages provided by a linux distribution, distribution updates will handle most security updates. Many ISPs have blessed relays for your use that alleviates the blacklist problem significantly.
That said, I have co confess current state of gmail makes it hard to find reason to do it yourself. The only reason I could think of is fear for what google could do in the future given the fact they really can hold your email address hostage. If you pay for your own domain (using any subdomain like offered by dyndns or co.cc is begging for them to hold your domain hostage down the road (as dyndns already has done to its users), landing you in the same place. Since so many free offerings from other companies have either evaporated or 'altered' in unacceptable ways, it's not unreasonable to be wary of Google's take on the perceived business value of free email with ads. If data suggests the cost is higher than the revenue sometime later, say goodbye to your email.
I got fairly disgusted with roundcube for a ongoing bug that would cause it to loop and use %100 of the processor power on a box. That was earlier this year, so it may have been fixed but it had been an ongoing bug report for quite a while. I suppose a lot of it depends on the level your running a box at and how much Interaction there is with other networks and why. Running forums that can send out many thousands of notices a day can be a big deal to manage, as you can get filtered fairy easily ever for doing seemingly nothing wrong (e.g. you didn't throttle down your send rate low enough for one network). Your point about gmail taking away an address is very valid and a concern I have pondered. Using your own domain via gmail and backing up your mail solves much of this. As I mentioned though, there are things like forums, mailing lists, and discussion groups, who's volume of mail is not permissible to run through google and you have little choice but to either pay a 3rd party server for their out bound mail service which often has it's own limitations or to run your own server.
Is that Klingon for "stick with Gmail"?
Why are you doing this?
I guarantee you that any self-hosted system will have more downtime, and more overall management time than just sticking with Google or another provider.
I wouldn't put the e-mail server and the Web/database server on the same machine. In fact, if you're going to do this right, you probably want a mail server in a datacenter that does nothing but receive the incoming mail and hold it back in case your local e-mail server is down. And once you've done that, you might as well be using a "cloud" e-mail provider.
That said, I have used Zimbra, and it works. I will also support the recommendation of Roundcube.
have you considered Exchange ?
Depends on what you mean self-hosted, as in, you pay for the host? Managed Hosting with cPanel. Use Horde or CubeMail or SquirrelMail and has SpamAssassin, DomainKeys etc. If your host isn't pathetic it works well for families or small businesses so it's trivial to 'setup' and use.... I wonder how many sysadmins I just made cringe with this post :)
...because in one breath, story submitter says he/she is ready to host his/her own email server, then the very next breath he/she is talking about hosted solutions.
My recommendation? If you can't figure out what it means to "host my own email servers" as opposed to "outsource my mail servers," you should probably just stick with Gmail or another hosted provider.
That said, I'll play: I've been hosting my own e-mail servers for 15 years now. That's 15 years of SpamAssassin tweaking, 15 years of qmail vs. postfix vs. exim, 15 years of weathering DDOS and joejob attacks. I'm currently running an exim server on my DMZ that simply accepts inbound/outbound e-mail, and I use ODMR and fetchmail to get my mail on intervals from behind my firewall.
Running an e-mail server is not for the faint of heart (especially for self-proclaimed "hobbyists"). If I were starting at this new without benefit of hindsight, I'd definitely consider a hosted e-mail solution.
+1 parent. I've been using RoundCube for some time (3 - 4 years?), it's used both my myself (as a technical person) and many non-technical people, it both "gets on with the job" and provides a glossy UI for doing it (by glossy, I mean it's pretty and it shows similarity to popular desktop environments, like Windows, Gnome, KDE and OSX - drag/drop, buttons, scrolly bits, HTML previews, WYSIWYG editors, etc). It's only a web UI for IMAP though, so you're still going to need something powerful on the back-end for spam etc. For an MTA (email server), I use Courier-MTA. The whole lot can be installed on Debian (£30 a month dedicated server, or less for a virtual/home hosted option) in a day, there after I can honestly say you rarely have to touch it. Happy to provide help if you want it ... http://matt.matzi.org.uk/
I think therefore I am... a Linux geek.
SME Server (formerly e-smith) can be found at http://wiki.contribs.org/SME_Server:Download It has everything - web hosting, email, antivirus, anti-SPAM, FTP, etc. Sets up in 10 minutes on almost any old PC you have lying around. You will want a static ip address from your isp.
...I just came for the free beer.
I've been running my own "full stack" for over a decade, and currently use Fedora (linux) and the following services:
postfix - smtp, very good security record, and I setup most processes chrooted
dovecot - very stable imap, also good security record, I recommend maildir format for storage, and setup the sieve plugin for filtering rules
roundcube - very good ajax webmail, hosted on apache, also has managesieve plugin for config of filters
squirrelmail - another webmail, I keep in on there too for when a mobile browser doesn't like roundcube
spamd - spamassassin daemon, pretty easy to add as a content filter to postfix (then use sieve rules to direct tagged mail)
Get a cheap ssl cert, and make sure to use https for roundcube, and use smtps and imaps for clients. Make sure you have iptables setup correctly (deny by default), setup a good backup (I use rsync to removable storage with hard links between multiple aged versions).
Only allow remote login over ssh, I recommend only allowing an odd named account to ssh in, and then use su to admin stuff.
You should keep the system updated, 'yum update' makes that easy on Fedora -- probably the only really manual admin that needs to be done, you can automate it, but I prefer to keep tabs on what's changing and why...
Initial setup and config can take awhile (esp if you want to setup chroot for most stuff), but once it's up and running, it's pretty solid. If you want you can add things like SPF entries to DNS.
I went an extra step and setup a box with intel's vpro on the motherboard so I have encrypted full graphical console even if the kernel crashes or system won't boot (hasn't been a problem yet :). I also setup a hardware raid, so even the boot device is raided.
There's a lot more that you can do too regarding monitoring (tripwire, smartd, rkhunter) and extra services (dnssec, ipv6 etc) and there's tons of configuration tweaking that can keep you busy for weeks if you go deep, but that's not strictly necessary...
Good luck, and have fun!
How interesting!
Comment removed based on user account deletion
I currently support SquirrelMail for about 250 users. i wouldn't wish it on my worst enemy. worst webmail system EVER. i researched open source alternatives extensively in a effort to get off of it. basically it comes down to 2 if you want free/cheap. Zimbra or Atmail. Everything else price wise compares to google apps and exchange hosted prices. about 25-50 per user. Atmail is what i was leaning towards until i finally convinced them to buy exchange instead.
Note: for a modern GOOD webmail you need to have good administrative options, reliable dynamic interface, and syncing capability. (among other things) this means systems like HORDE etc are not webmail systems you can implement in the 21st century.
Zimbra is good and has a free edition(as well as a pay edition), but it is a yahoo company. Meaning updates are going to be iffy as they want you to use yahoo mail, not some open source off shoot they sponsored years ago.
Atmail does things like syncs to phones and has allot of administrative options. on top of that it is cheap and has support.
if i wasn't able to pull off a 11th hour exchange server i would have gone with atmail.
1) Install Linux
2) Put all the software on it
3) Be happy with yourself for mail actually working
4) Get blocked by your friends email hosts because they have no idea who the hell your server is
5) Learn about reverse dns, all the fucking host entries that you have to add so that you don't get automagically blocked by half the populated world
6) Some asshole user sends email with no subject and an executable attachment, it comes back to them bounced and they scream at you.
7) Same asshole user bitches and moans 3 times a day about how much spam they get and what a piece of shit your server is
This ends up with the following consequences:
1) Give up your life as an actual person. You're now a mail server admin
2) You stop giving a shit about said asshole user.
3) You start to second guess your decision to run your own mail server after somebody exploits something (weak password from asshole customer?) and sends half a million spam messages, and 2/3 of them bounce back at you.
4) You start growing pale and have hideous dark bags under your eyes
5) You're "that guy" in your apartment complex ("he never leaves!")
6) Eventually you miss your life, the outside world, and what is left of your sanity.
7) You start prioritizing your life and you finally give up and.....go back to Gmail.
Nobodies Prefect
Tidbits for Techs Technology Blog
It's ironic for me that you should post this on the day after I just abandoned my last home-maintained mail server in favour of Google.
For the past 15 years I've been a mail administrator in some capacity for a variety of mail systems ranging from my own personal colo to a vast multi-national corporation. Solving the technical problems of building and maintaining a functional and reliable system was fun for a number of years, especially when email was dominated by geeks. But nowadays, running your own server is a perpetual nightmare.
First, there's the problem of where to host it. It has to be accessible wherever you are, and it has to be able to send mail out. If you're planning on hosting it at home, on the end of a cable/DSL/fios connection, bear in mind that your IP address will almost certainly be blackhole listed. Also, your ISP may well be blocking outgoing mail to prevent spam. You will probably have to configure your system to route all out going mail via your ISP's SMTP server. Why are you hosting an SMTP server again?
If you're hosting it in a nice VM or in a colo, you're better off, but paying. Google costs you nothing.
Next, storage. Obviously that's no problem because you have a mirrored RAID eleventy-five array you built yourself. If that's in the colo then you can forget about it - except when a drive goes bad or it crashes unexpectedly. But then it's fine because you're paying for support aren't you. And backups. You are backing it up aren't you?
Next the server software. Personally I've had a lot of success with Sendmail/Cyrus IMAP/IMSP/Squirrelmail and friends, despite enduring jeers from other sysadmins who think they have a better combination. In the end, it doesn't matter. They all suck. They all need patching regularly. They all break. They all need tweaking on a regular basis.
Then the final turd in the swimming-pool: spam. It costs you so, so much; bandwidth, around 95% of all of the inbound traffic is spam; time, configuring and maintaining spamassassin and various blackhole lists that occasionally start rejecting mail indescriminately; pride, the only time your clients contact you will be to ask why the mail is so slow and why there's so much spam. "But my gmail doesn't get this much spam - can't you filter it" they say, while you bite chunks out of your tongue. Spam to a mail administrator is like the gopher in Caddyshack: it will keep you awake and turn you into a monster. And the day will come where you, spam-slayer and junk-mail terminator, get put on a blackhole list for being a spammer. That's really fucking harsh the first time.
I could go on. but we're already in the TL;DR territory.
Most people do not host their own mail server. They live longer and healthier lives as a result. Follow their example and let Google worry about all of that for you - and in return you just have to pay them...nothing.
Self-hosting is fun if you want to learn about setting and managing an email server. For production, I would rather surrender that to the likes of GMail or one of the other providers for several reasons: (1) Managing spam, (2) Uptime, (3) Redundancy. The main downfall to self-hosting, if you elect to do it out of your own home, is the sometime flakiness of consumer broadband and your own power. At least by having a company do it for you, they have redundancy built in. If your self-hosted mail server goes down, you go down hard period! You have to make certain that you have an upstream queue so that if your mail server bites the dust, you don't lose incoming mail.
Try these guys, their expertise and support is terrific: http://25mail.st
Not sure if anyone has mentioned this, - a quick search did not flag it.
I used the older version of Qmail Rocks installation instructions on Fedora up to 12. Then decided it was too much trouble to keep up with the updates in Fedora, and at which time all internet references to Qmail Rocks for Fedora disappeared - the version I was using was really old anyway, and I had updated various components myself.
However, I then found this link: http://qmailrocks.thibs.com/
Which is an updated version (last update Feb 2011) for Debian. I actually installed it on Ubuntu Desktop 32 bit (64 bit fails).
The installation following the instructions was comparatively quick and easy and it uses RoundCube which to my mind is a less clunky looking Web interface than Squirrelmail which was used on the Fedora version.
Currently have a Dell Server set up and ready to switch over. Looks clean and stable.
Good luck.
If at first you don't succeed, so much for skydiving.
Mod parent off-topic, please!
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Professional email admin here. Word of advice: Save yourself. Get out while you still can. If someone's email is not working, then there's absolutely no way for anyone else in the outside world to contact them. That out the way, here's my 0.02 USD (0.0140 Euro).
With your current setup, use mxtoolbox.com to poke around it. Think about how you'll need to cover all those bases. It's doable; just that's the scope of work.
For the DIY suggestion:
Hosted stuff: You didn't say how mail mail accounts. I'm going to infer less than 50 ? Talk to your ISP. Assuming you are happy with them, I would think you could use their mail servers which you may already be paying for. Technically, it'd be a matter of editing the MX records for your domains to point to there's once everybody is on the same page.
Alternately, a personal webhost may very well suit your needs. The top five (according to lifehacker) are:
Read the TOS of each carefully. Let me stop for now because this is getting to close to work. Any rate - HTH!
"It's one thing to talk about the poetry of machines. Quite another to listen to it for yourself."
lkjdsafj;dklas
An excellent example of a self-hosted mail server with encodings issues.
Have you thought about buying a Technet Plus subscription and installing Exchange 2010 plus Forefront Protection for Exchange?
My Sysadmin Blog
Not usable yet, but the Freedombox should have everything running under your own roof.
See http://freedomboxfoundation.org/
Webmail's useful if you want to keep all your mail on somebody else's server and not need to install client software on your PC, which is to say that it's really convenient for service providers. But if you're running your own server anyway, how often are you connecting from machines you don't control? You could be using a POP/IMAP client instead, and get a better user interface.
Of course, I'm still using Eudora, because my fingers know all the shortcuts and I don't want to figure out if Thunderbird has matured enough to be as good, but at some point I'll need a client from this millennium. :-) I'm also using ssh to run mutt and Mail on some systems I use, because it's really easier for what I do there, and an Android IMAP client on my phone, and Outlook at work because I have to, but Eudora's really been the best mail client I've had for a while.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
www.courier-mta.org
nuff said
(Yeah, and roundcube and squirrelmail as all users/situations/client computers are not created equal)
ISPConfig is a web front end to a linux server with a full stack. Might be a little over kill. Check out the howtoforge article on setting it up, complete from installing linux, or download a premade vm. Here's a link to the ubuntu version, but they have similar article for different flavors of linux: http://www.howtoforge.com/perfect-server-ubuntu-10.04-lucid-lynx-ispconfig-3
I've been trying to figure this out for years, and what I've failed to find a solution for is fast, full-text search of my mail archives. I have several gigabytes of mail, so an indexed search is needed. I'd appreciate recommendations for potential solutions to this.
If you're running the SMTP server on your machine, and set it up to accept encrypted SMTP, most SMTP MTAs systems will encrypt mail to you and your ISP won't have access to it. The real issue is getting other people to accept SMTP from you, as opposed to deciding that any home internet connection that tries to send mail is a spam botnet zombie.
And gmail may not be proactively handing the Feds everything they want on a whim, but if the Feds hand them a subpoena and a "don't tell the customer" order, they'll hand over your mail, IP records, and anything else in the subpoena, and won't tell you, because they don't have a choice.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I've got the same setup and it is indeed a pain. I find myself having to constantly tweak my blacklists. Part of the problem is that we absolutely can't ever have any false positives, so I subtract points for DKIM and SPF. This would have been a great idea if companies like Yahoo! actually scanned their outbound mail before marking it as valid and hosting providers took faster action against spammers. Hurricane Electric and Rackspace seem to mostly just forward the abuse emails on to their customers, who do nothing because they are the ones responsible for spamming.
Every one filters their world. You should look up what a world view is. I for one would rather have a person who has a Christian world view in office than someone who's world view is kept secret just so he can get votes.
"For I desired mercy, and not sacrifice" -- God
Very possibly the most insightful post for this article, and I'm without mod points this week. If you value your time at all, and don't want to make your server one of your personal hobbies, it's always better to pay for email service - even it it means just getting a domain and buying an apps account (if you are scared of free).
Is it just my observation, or are there way too many stupid people in the world?
Some NAS devices support a complete email server, even if it's not always installed or active by default (usually it's not). We have a Synology NAS, and use its email server to combine local email (for our dyndns "domain") and accounts on a number of external hosts. Since it's on the NAS, useful features such as automated backup to external disk include the email with little extra configuration.
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
I have been doing it for years and it is not that big a deal once it is configured.
If you want to get fancy then it can be a problem.
We run courier (I wanted sendmail but lost ) using imap to our local net.
it runs on a local virtual machine and is pretty much maintenance free.
It can not be accessed from outside (the "fancy" part) and it has no spam filtering.
The jewel in this is the alias file. Untrustworthy sites (most) get a specific alias.
If I get spam with that I delete the alias.
I use postfix as mta, procmail for local delivery to maildir. Then read it via imap. It's dead simple, scriptable, standards. Choose ur favorite imap client. Webmail is just a backup for when i dont have my laptop or phone with me. Eg internet cafes, or i am behind a thirdparty company firewall that wont let imap thru.
I've got my own domain and hosting. I use that to manage all my email addresses and then forward them to Gmail. When I send an email in Gmail, it authenticates and sends it via the email address of my choice. This means that I get the benefit of google's interface, labels, spam filter etc without my email address belonging to them. Effectively, I can get the good stuff now and should they pick up the ball and go home I still have what I really need (access to the addresses people are using).
The above might not be sufficiently independent for you, however running your own solution is going to be a major headache...
Comment removed based on user account deletion
X linked from reddit thread http://en.wikipedia.org/wiki/List_of_free_software_for_Web_2.0_services
In fact for me (my mail is at my old ISP's) it's all about contacts.
Does anyone know of a good self-hosted contacts management system ? And I'm only talking about low-volume cell-phone contact lists, namely mine and family, that I need to sync from / to my phone... Can Round Cube / Zimbra / Kerio do that ?
SurgeMail (from NetWinSite dot com) is fantastic, with an AJAX'y web UI, comprehensive antispam.
I've ran it for years with zero issues -- and their DMail package for a decade before that.
I'm not a sysadmin either. This isn't plug-and-play but it isn't too hard either.
http://workaround.org/ispmail/squeeze Luck is something that eventually happens to mail admins that work hard enough. Which granted, can be hard and unrewarding, but if you want it you get it.
If you really have a need to host your own email (Content is sensitive enough that you can't have your email provider or hosting provider copy off your email or server to any cops or companies that think you're a threat).
1) Read up on OpenBSD's spamd
1a) Read up on which email systems completely fail in the face of greylisting and whitelist them.
2) You probably don't want to dink with web mail. If you *REALLY* think you want to... look through the archives for roundcube and squirrelmail for security issues... now go look through the PHP mailing lists for the same. Make sure your users can handle setting up outlook or evolution or whatever bargain bin smartphone they have with IMAPS and submission.
3) Start seeding for spamtrapping. Seed the net with email addresses that should never receive email. If someone attempts to send to them... blacklist the sending host for 24 hours (*BSD's spamd already does this). USENET remains a surprisingly convenient place for this kind of seeding.
I have a commercial web hosting account with a company and they use Horde. And I like it. Very full featured.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
Zimbra is an MS-Exchange replacement plus lots more.
Just be prepared that you won't be installing it with "apt-get" and forgetting it. All upgrades will be manual. You'll probably skip a few because they can be painful. Also, Zimbra doesn't like it if there's less than 1GB of RAM. We use 1.7GB to eliminate swapping inside a VM. It is snappy.
After it is all done, I don't think I could ever go back to plain postfix + dovecot. I don't really care about the Zimbra web GUI, but it is pretty good. My users use it.
For enterprise calendaring, there is nothing like it. This is the reason we deployed Zimbra. Thunderbird + Lightning is extremely impressive. Seeing other people's calendar availability, setting up aliases or distribution lists, managing virtual domains on a single box .. .all using the free community edition.
Server-side tagging and other rules rock. Basically, the server does all the work organizing email. No more dealing with different views based on different clients or manually moving messages around. Use tags to build virtual folders.
I've looked at lots of other solutions and even ran a few others like SquirrelMail or the hurd. Zimbra may be overkill for some environments, but it is the center of our infrastructure at our small company.
If you want to connect Outlook calendars or some cell phones to Zimbra, you'll need the paid version, but IMAP and SMTP and XMPP (or is it XMMP? - you know, jabber) all work regardless of client. You can export all your messages, contacts, documents, wiki entries and LDAP data in LDIF if you like. Your data is always YOUR DATA.
There's simple todo list tracking - lists ... er ... everything can be shared across accounts. Contacts, email folders, documents, . I have a Family Calendar were we keep all the events for the kids and family. Calendar views can be merged, if you like, or not. All this is controlled per user in the web GUI.
If I seem happy, it is because, I am. I performed a v5.0.20 to 7.1.1 upgrade about a month ago. Took less than an hour. I was flying by the seat of my pants thanks to an unrelated ISP issue. Had to migrate the LDAP across major version changes. The Zimbra forums and wiki talked me through it. When the new system came up, it all worked. Zero data loss. Calendar events were correct. Messages were where they needed to be with correct tags, contacts were fine. No issues.
The fact you care about a competitive webmail GUI tells me you should not be running your own server.
Don't get me wrong, webmail is fine and inportant, but it has nothing to do with the email server. Webmail is a client. A whole different shebang.
Based on you comments, I would say focus on the webmail client right now, and use it (imap/smtp) with google servers. Later on, you can move out of google at will, even rolling out your own smtp server (which is not for the faint of heart).
Get a VPS (from e.g. Linode) and:
1). Install postfix (fantastically efficient, excellent documentation, mailing lists and security track record). Postfix will handle any mail setup you care to dream up.
2). Install dovecot (this is now the reference daemon for modern IMAP and POP on linux)
3). Install Spam Assassin and ClamAV for spam and anti-virus (they will do a good job but not as good as what you are used to with gmail)
4). Install Roundcube for webmail (currently the best looking floss web frontend for mail)
5). Install open dkim and get it to sign all your outgoing mail (make sure to add the relevant DKIM TXT records to your domains)
6). Add SPF records to all your domains
7). Make sure your server's IP has reverse dns setup.
8). DO NOT run your mail server off your home DSL line as the IP (even if static) will be in all sorts of block lists. Hence the suggestion to get yourself a VPS.
Once you have everything setup, the system will need very little maintenance apart from Spam Assassin and ClamAV.
Finally, you can get away with not having a secondary mx as the senders MTA will re-try periodically if your primary is down. However, if you want a secondary, you can outsource this to a number of third parties for not a lot of cost.
Enjoy, running your own mta can actually be quite fun
Even before opening this article I knew it would be overflowing with cries to drop this self-dependency stupidity and just surrender to the corporate gods.
What the fuck?
What is the purpose of free software if you are not supposed to use your freedom? You can build your system using open standards, install an open source OS with an open source mail server. But you will get blocked because you are not a business? More over, what is the purpose of freedom when you are not supposed to exercise it? It really has come to the point where "freedom" means "freedom to work for the system".
It should not be like this, it doesn't have to be like this. There's plenty of solutions, something like WoT can be build to prevent spam much better than a simple "block everything not from gmail yahoo or hotmail" that's just business whoring.
But... the future refused to change.
You say you're tired of Gmail and want to run your own mail server, that you don't mind getting your hands dirty and you call yourself a hobbyist. But, at the same time you maintain that you're not a sysadmin and normally prefer to outsource your mail servers. I hope you know how conflicted that sounds. After all, do you want to run your own mail server, or not?
I would recommend running Debian stable with a mail server based on Exim4 daemon heavy, along with SpamAssassin, Clam anti-virus, Razor and Pyzor to cut down on the spam. Actually, on my system over 90% of the spam -- the really obvious stuff -- gets identified and rejected by a bunch of custom filters (regular expressions) that I whipped up: points are awarded for things like a bad HELO, a bad sender domain or a bad reverse lookup... three strikes and you're out! Anything remotely non-obvious ends up in a spambox in the user's home directory. I've run it in this configuration since October 2010 and it has proved to be a very reliable and low-maintenance system that so far nobody has had any reason to complain about.
As for the mail clients, the remote ones are supported by dovecot servers for IMAP and POP3 (both SSL-only). I also support Horde, which is a web application framework that includes stuff like a calendar, a note pad, an address book and, of course, an email client. In my experience Horde has often been the most difficult piece of this puzzle to support, not because it's difficult to install or maintain, but because it's sometimes difficult to upgrade (part of that may be due to my preference for using PostgreSQL instead of MySQL; I've written my own migration scripts on several occasions). For those who persist and succeed, however, the payoff is that you can build up years worth of addresses, notes and calendar information that you can access from anywhere without having to rely on a third party to support the application.
Finally, all of these systems run on servers that are protected by stateful IPv4 and IPv6 firewalls and that are backed up automatically every night. The most important data, including the Horde database, is also backup up to remote systems. Oh, and all this is naturally built on systems with properly configured DNS stuff, interfaces, Internet connections and reverse lookups.
If this all sounds like too much system administration for you, I'm sorry, but to make it any less complicated would be to sacrifice functionality, security and/or reliability. Why don't more people run systems like this? Too complicated, I guess.
One of the key ways you can simplify running your own server is accept your own incoming mail, but relay outgoing email through someone else (ex: your ISP or a commercial email provider). Then you don't have to worry about the continuing hassle of having your IPs blocked as being SPAM because they're dynamic/etc.
I'll join the minority in saying that if you're a competent sysadmin then running your own SMTP/IMAP server isn't really a lot of maintenance. I've been doing it relatively spam-free for years with Postfix, Spamassassin, and Cyrus.
I like how he says "I've moved off Docs, Plus", including G+ as if he's been tied to it so much that it's dragging him down. He's used it for what...a whole month maybe? I'm sure G+ is his problem.
I've been running a personal server for quite a few years now. It is not that hard.
I started with Linux but I'm now running OSX server (Mac minis are so cute).
You need a ISP connection that doesn't filter smtp and I would recommend
using an DNS service (I use EasyDNS) that also provide email forwarding
and a backup server. Forwarding will avoid the black hole issues and
a backup server will cover short outages on your end. Put your server
on a UPS and you will easily ride through most outages. Also plan to
enable ssh or vpn so that you can administer the system remotely.
Honest, it is not that hard. I still have a day job and a life.
You will learn a bit about systems administration and networking
and that is good.
There are also several teams trying to find security issues with Google so that they can exploit them. How many teams of for-profit hackers will be targeting your personal server?
what new security considerations do I need to make in managing these services?
All of them! :D
(Good luck with that)
Comment removed based on user account deletion
Unless you're doing this because of business or educational reasons, there's really no point. Well, unless you're paranoid. But then you'd be better off with meds and counseling than with the extra work running your own server stack will take.
That is all.
I use iRedMail+SOGo+Funambol... iRedMail is a CentOS based email server that supports domain keys, multiple domains, spam assassin, sieve filtering, mailbox quotas, email aliases, mailing lists and an LDAP/MySQL hybrid backend (and many more features). SOGo is a very nice groupware suite with a calendar and can be hooked up to Thunderbird with Lightening for a desktop UI, SOGo can also pull from POP/IMAP accounts on other servers. You can also link SOGo to iRedMail's sieve server to make email filtering rules from the web UI, SOGo also supports multiple identities for one user and multiple domains. Funambol connects to SOGo and syncs everything to your iOS/Android/Windows Mobile devices, including email, contacts and calendar (you can also save photos and other media/stuff to Funambol, but I haven't used it). All of these services are easy to wrap up in SSL when using Apache as a proxy (SOGo and Funambol are their own HTTP servers, but are limiting if you want to run everything on one domain with SSL). This setup also works great on a VPS.
My only complaint is that iRedMail's use of LDAP isn't great and it can be a pain to configure other services like Samba, NFS/NIS and OpenVPN to use it's LDAP, but it's doable. iRedMail also has a nice web UI for basic operations like adding a domain and users, and there is a more advance admin UI available ($200/year), but if you can use phpLDAPadmin and Google, you don't need it.
As for security concerns, iRedMail is already setup to be secure as far as not being an open relay. As for securing the web UI, modify your Apache config and only let certain services use https (public), and set the admin stuff to use http (or https if you have 2 NICs) via only the local network.
The last step would be to get a cheap little VPS somewhere and set it up to be a backup MX.
Geeks don't grock information, they grep it.
The only actual response seems to be Zimbra. I have no experience with that and I make my living (partly) as an Exchange Admin. Exchange 2010 OWA has a fairly usable interface, but licensing is not cheap, and I know how much people hate MS products here. It is actually quite stable as an email platform, however, and DAGs have radically changed email clustering in a good way.
We also use Exim for email paired with Horde for a webmail interface. The older Horde interface is okay, and we have been working on deploying an AJAX-based interface of Horde that actually looks pretty slick. Spam management is a 24 hour issue no matter what you use.
Squirrelmail still looks "old" in comparison as a web interface, and I used that a while back as well. Think of the webmail interface as separate from the email, as you can have Exim or Sendmail paired with whatever open source interface you want.
Just some ideas.
you just set up a box in wherever you live
Residential and small business IP blocks tend to be on blacklists because there are far more machines compromised by spam zombies than machines with a clueful administrator. In order to send mail from this machine, you'll need to pay for the services of a "smarthost", or an SMTP forwarder that provides the service of not being on blacklists.
Rather than run your own server, find a non-gmail provider that will host for you, either under their domain or using a domain-name you've set up on your own.
I use and recommend luxsci.com. Superb service, and the pricing is good.
Until now I'ved used Horde (with postfix as MTA and courier for imap/pop3), roundcube, squirrelmail, Zimbra and Axigen. Zimbra and Axigen are very userfriendly but they can be a little bitchy for an admin. Back in the day I also used Hula Project (NetMail). Until Novell dumped it
I miss a nice and clean web interface for a mail server.
.
The free version works well, can be hosted virtually (or buy their appliance). If you want more bells and whistles (like being able to restore accounts to any arbitrary second, or BES) they're available for $.
It's virtually impossible to replicate the functionality and ease-of-use of gmail. However, I've recently looked into this, and here are my comments (note: I haven't yet implemented any of this, so take this with a large boulder of salt):
* For obvious reasons, you need an IMAP server. Dovecot is among the most compliant and best (my ISP happens to use it :-). Should you want to choose something else, make sure you check out the IMAP server compliancy page.
* For push email on the iPhone, z-push seems to work, and people have gotten it to work with dovecot (note: this is a bit old, and so these instructions might need some tweaking).
* You do, of course need an MTA like postfix or exim, but choosing one may be a matter of personal preference.
* You're unlikely to find a spam filtering solution as good as gmail's (it's crowd-sourced, after all).
* Finding a replacement for gmail filtering rules is a big problem. You'll probably have to go with procmail.
(However, as a programmer, I happen to prefer something with a bit more power and flexibilty, and so I'd probably port over the ancient-but-likely-still-usable "deliver" mail handling program. Deliver takes mail received from postfix, exim, or sendmail and feeds it to a program that you write (a shell script, ruby script, C++ program, or whatever you like). Your program then tells deliver what to do with the message (deliver it normally, refile it, delete it, etc., etc.). Also, since it's a program, you can do behind-the-scenes stuff like saving of attachments, vacation autoreplies, mail archiving, etc., etc.. It's the ultimate in power in flexibility, if you can program.)
However, this still doesn't address the issues of contacts and calendars. Unfortunately, there's no good solution for these:
* You might want to check out Zarafa. The free community version seems decent, as long as you're happy with access via the web or iPhone. Mail filtering capabilities are limited, and you'll have to use Outlook if you want to use a desktop client for contacts or calendars (the free version limits you to three Outlook users). However, Thunderbird might be usable via CalDAV for calendars and z-sync for contacts.
* As others have mentioned, Zimbra is a possibility. However, if you need iPhone support, it appears to be horribly expensive for home use -- as in multiple hundreds of dollars expensive. From that I understand, the Zimbra network edition, starter version is the cheapest iPhone-supporting deal, at ~$400/year or $840 for a perpetual license.
I had email through a hosting company, and I'm not sure what happened, but the hosting company's IP address got marked as a spammer's address by all the big name servers. Once every couple of months I had to request that it get removed from the lists. And considering my domain was a .ws domain, their spam filters were already giving me the stink eye. In the end, it was too much of a pain not knowing if my emails were going to go through or not.
The biggest problem with hosting your own, is the greater chance that you'll be black flagged by the big mail carriers. And God help you if your email server gets hacked by a spammer and uses it. If they see any sign that your domain/IP address could be a spammer, they'll block you without warning. That's their response. It's easier to blackball the entire IP, than to figure out if it's actually a spammer or not, or work on getting things repaired.
I've since set up my domain to use Google Apps email servers with my domain. It's easier, filters out spam, and it uses Google's email server IP addresses which won't get banned.
I've been roughly following the instructions in this article: http://flurdy.com/docs/postfix/
The only problem I ran into was that these instructions use Courier IMAP and I found out the hard way that Courier has a hardcoded IMAP namespace and that the stock email client in Android 2.2-2.3 does not correctly handle namespaces. This was entirely Androids fault and Courier was correct, but my personal requirement was to work with the stock Android email client. So this project got swapped out temporarily and I'll restart by substituting Dovecot for Courier. I just haven't gotten around to figuring out how to do the database based client authentication with it yet the way the original article did with Courier. BTW, that bug will probably be fixed by the time Ice Cream Sandwich comes out.
Or pick an easier way, like only listening to obscure music.
I suppose I shouldn't be surprised by the number of people questioning the desire to be self-hosted, but I am. To hear the tone of this discussion, you'd think that Google invented email and anybody who didn't want to use their offering was somehow a freak who was asking for all sorts of trouble. I've been self-hosted for mail, web, etc, for over a decade, and I can say that it's been almost completely enjoyable. It's interesting and educational, and you've got all sorts of visibility into stuff that Google doesn't expose to you. It's really not very difficult or time-consuming, and as long as your hosting provider is reputable you won't have any issues with blacklisting or reliability. No, it's probably not a great idea to host what should be a stable email server on the end of a residential cable modem connection, but that shouldn't surprise anybody.
For what it's worth, my mail server setup uses Debian's exim4-daemon-heavy package with spamassassin and greylistd. Filtering is accomplished via procmail, and mailboxes are stored in mbox format. At some point I'll likely install an IMAP server, since mobile access via k9 mail is more convenient than running mutt via an ssh client on my phone. I don't run a web mail interface, but it sounds like roundcube is worth a look should I ever care.
exim, dovecot, roundcube for webmail, spamassassin for spam, all from freebsd ports.
Works like a charm.
I recently set up a Courier+Postfix+MySQL email server for myself on a cheap VPS. It wasn't too painful to get working - there are some decent tutorials on it. The most helpful was this one, pretty straightforward. Be aware that, as others have mentioned in passing, you need a reverse DNS entry. Setting that up varies from host to host, but with the cheap VPS host I use (note: you get what you pay for, it's a shared-CPU VPS, not guaranteed resources, but works fine for my small webserver and private email), it just took a support ticket with the requested PTR entries and an hour's wait.
I use Postfix and Dovecot on a Linode VPS. On top of that, I run Horde Groupware Webmail Edition 4. Been working for 3+ years, no glitches. Recently activated Linode's backup system, been able to restore from backup with no issues during my test scenario.
I run postgrey and SpamAssassin, and use several blacklists. Postgrey alone gets rid of 80% of your UCE, Postfix rules (such as RFC Compliance and others) get rid of a huge chunk too, and the you have to deal with SA rules and tweaking. But hey, I agree. Better than Google. Good call.
What you need except the server:
Do NOT try to run a mail server without those above, you will end on SORBS or Spamhaus.
If you want the Gmail experience without relying on Google's servers then get yourself some hosting (personally I use United Hosting) and point the mailserver at a gmail account. Everything is run from your server, so you can use squirrel or whatever to run it entirely free of Google as and when you wish, but you can still use the Gmail interface if it suits you. You're basically using Google's interfave as a proxy while leaving yourself with a working system if Google goes down 100%, forever. The alternative is to code your own Gmail variant into the server, but remember Gmail is good in part because of a ridiculous number of man-hours.
Please consider this account deleted, I just can't be bothered with the spam anymore.
Check them out.
Setting up everything yourself is a pain in the butt. IMHO, it's not worth your time. I'd look into a turn-key solution instead. Zimbra has already been mentioned, but it is _very_ heavy on the resources and more or less requires a dedicated Linux box (or VPS). I would suggest you take a look at Atmail. They're a new comer, but it is rather promising. It is using all 'the usual suspects' but without you having to configure them all by hand. That said, setting up your own email server is great way to learn about your system and email in general, but you should be ready to spend some serious time on configuring everything.
This is a pretty healthy conversation but I can still add my $0.02
I hosted my own email server (webserver etc.) from 1995 to 2005. It was very enlightening but eventually grew to be a big pain in the ass. The last straw was a power surge that fried the motherboard. (raid and backups can't help with that) and looking at the the time and effort of getting a new hardware (and getting more redundant hardware) I decided to go with a hosting service. Eventually I pointed my domains to gmail.
Every geek friend I know has at one time hosted his own email. I'd be hard pressed to find a techno-nerd worth his cred who hasn't tried this. I also don't know anyone who has continued to host their email after a number of years of feeding and caring for the server beast.
I think the big issue is figuring out where to separate you hobby from your job. If you have a classic car in your garage that you like to tinker with is fine. If you decide to do you daily 20 mile commute in your classic car you're signing yourself up for some headaches as there will be days that you will need to bumb a ride, take a bus or taxi, etc. Hosting your own email is like commuting to work in a car that only you are able to fix in an environment where there are no buses, taxis or other cars. You have to be prepared to drop everything at a moments notice to fix your email server.
You can have someone else host your hardware but then ask yourself, why not have someone else configure and maintain the software as well?
DIY is great but realize what your signing up for if you want to DIY a critical system.
I've been using FreeShell.org for the last couple of years - they're not bad. They have SquirellMail as a front end for their webmail and yes - it sucks, but it's a full featured shell account with email and www for a lifetime.
I use GeekISP.com to run my mail servers. It's basically one guy who knows BSD running a shared server business. It's an awesome set of services - I get linux shell access, postgres and mysql, can run python, php or ruby apps, serve anon and multi-user login ftp, and he gives great mail services. His spam filtering system (using grey lists) eliminates virtually all spam.
The squirrel mail UI for web access is not great though, and that's where you're going to need to roll your own. He can handle the SMTP services to/from your account reliably and give you great spam protection, but the UI layer you'll have to solve elsewhere. Personally, I just forward from GeekISP to gmail (and fork a copy to my local thunderbird account so I don't rely on gmail to have the only copy of all my email). But since you're bailing on large company, web-based email services, some other posters have given good suggestions as to what UI to install. But for my two cents, geekisp hasn't let me down in the 5+ years I've been using them, and I'd recommend simplifying your problems by using a reliable third party like geekisp to manage your core email services.
I'm surprised at how many Slashdotters here hate running their own e-mail server. Heck, from reading this thread, you'd think it was impossible.
I have Postfix running with SpamAssassin at home, and it's been stable for years now. Want to solve the problem of outbound mail not being accepted? Just use your ISP's mail server as a smarthost for outbound mail. Worried about security? Honestly, you shouldn't be; just run your distribution's stable build of whatever mail server and you should be fine. Run a quick abuse.net open relay test, and you've taken all the precautions I have. (Well, I've moved my SSH port off the default and installed fail2ban, but that should be automatic for any Linux-based server.)
Running everything on Gmail has its advantages for ease of use, but local mail has its advantages, too. I have a copy of every e-mail I've ever received. That gives me a good feeling. I can browse and search it very fast - sure, the internet is fast these days, too, but there's a small advantage.
And you can set a backup MX record with a lower priority pointing to say, gmail, so if you have problems with your connection at home, the mail will still go somewhere.
Yes, it's not really necessary (gmail is fine) and can be a hassle for some, but is not as difficult as the posts in this thread would have you believe, and it's fun!
You can always run Lion Server on a Mac Mini Server. It would also be a very fast NAS especially if you add a Thunderbolt disk array. Might not be the cheapest option, but it gives you your own disgustingly easy to configure web/wiki/email/calendar/vpn/dhcp/radius/file server (with push support for email/calendar). If you can also get a static IP address at home from your ISP you're all set. This last part might actually be the most difficult one in the States, but in other countries it's either free (upon request) or for 1-2 Euros.
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever ones.
Why don't you just use Google apps and set your MX to googles servers
Then you still host all but the mail, and you don't have to forward your mails to Gmail
Qmail, dovecot, round cube, davical, asps.
I've been doing my own email for 15 years now, and it's really not that hard to maintain. Sure, if your flavor of GNU/Linux changed significantly every time there's a new version, it's a pain to keep up to date, but I've been using similar configuration files, updated a little now and then, with the same software installed across many servers for ages (sendmail, procmail, milted greylist, imap-uw, cyrus-sasl, Squirrelmail for OCCASIONAL webmail only, et cetera).
Some people like to tinker too much to maintain a constantly running server. For them, self hosting is NOT a good idea. Some people like to run GNU/Linux distros which are too difficult to maintain, and again, self hosting isn't an answer. A simple GNU/Linux distro or some flavor of BSD can be much easier to keep up to date and therefore more secure.
There are two primary reasons why I will NEVER move to an outside email provider. The most important one is that in this day and age your email can be subpoenaed without you ever even knowing and employees of any given service can't always be trusted to not do bad things. I want full, 100% control of my email. And in spite of what other people have written in comments about the fact that email isn't secure end-to-end, the archives are always in my possession. But add TLS and at least you've made it MUCH harder for people to see stuff traveling over the Internet.
The second reason is that almost EVERY service is non-deterministic (if I'm wrong, please tell me). I am tired of people wondering where email is only to find out that some cheesy content-based filter silently dropped their email or something else happened and the likelihood that Google or Yahoo will EVER look in their logs to tell you is practically nil. My filtering is based on servers being legitimate, not based on some arbitrarily determined rules. If something is rejected, there's always a known reason and it is ALWAYS logged.
Again, please correct me if I'm wrong, but this has been my experience to date.
Hey OP,
Read through most of the thread, including your response above to the guy whose response ultimately boiled down to "Why not surrender to the corporate gods? because he doesn't have to, that's what he's asking, so deal with it".
First off, it was a bit unclear in your initial question whether you were looking for just an e-mail server and ONLY an e-mail server, or if you were looking for as much of the Google ecosystem as could be self-hosted. If you're looking for the former, there were several good suggestions on the thread. The Turnkey Linux flavor of Zimbra is a great idea, and I saw recommendations for Smartermail and AtMail listed on the thread as well. I have no experience with either one, but both of them appear to have shiny screenshots, so I do intend to look closer at them soon.
If you're looking for the latter, I'm going to diverge from the Slashdot logic that M$ iS tEh eViL and say that Windows Live is actually a pretty nice platform. Live Mail is actually a LOT more spam free than Hotmail was in the 90's (and you can get a Live.com e-mail address so you don't have the Hotmail stigma), you get Office Web Apps and 25GB of Skydrive for free. If you're on Windows, the SDExplorer essentially mounts your Skydrive like any other network storage area, so you could store whatever you wanted in password protected 7zip archive spans if you wanted. If you're a Linux guy, you'll likely appreciate the fact that the majority of these services use CSS and HTML5, so Opera and Firefox will work well with them (they actually demo the video using Firefox and Chrome). This is one area where Microsoft's size and business model benefits the users: the ad department is so far away from the hosted apps department that the majority of ads they run are for first party products or generic ad providers anyway. I know it's not generally accepted to like MS products, but as far as their competition to Google Apps and Gmail, it's actually worth a look.
If both Google and Microsoft are not to be trusted, then what about a third party vendor? Hostgator's "hatchling" web hosting plan costs $7.16 a month (less if you pay for a year or three of service in advance), and gives you a domain name, webmail, and "unlimited" disk space and bandwidth...plus obviously a place to host a website if you want. Alternatively, Rackspace offers e-mail hosting for $3 a month (generic webmail), and $10 a month for an Exchange mailbox that includes a starter Sharepoint workspace. Since Rackspace and Hostgator are both selling their services to you directly, they both have a vested interest in keeping you happy since you're the customer (instead of the product in the case of Google and Microsoft in the Live Mail scenario). While I'm sure both would ultimately succumb to a subpoena, I'd wager that they're more likely to ask to see the paperwork instead of trusting Uncle Sam's "Pretty Please". Since the hardware upkeep, software licensing and configuration, disaster planning, spam filtering, and intrusion prevention are bundled into your monthly bill, it's one less thing to worry about. The classic argument to this is "but they don't care about my data like I do", and you're absolutely right. However, in both cases, you're likely sharing server space with a few to a few hundred other people. If the server gets hacked, that's hundreds of paying customers whose information got hacked, and THAT kind of data breach is much less for them to brush off. Also, in this scenario, at the very least you don't have to worry about your data being scrubbed for demographic information from the people providing you the service, since you're paying for it instead of an advertising agency.
Reader's Digest version:
-If your issue is with Google specifically and you want the full Gmail/Google Apps ecosystem, Microsoft's Live service is a really solid alternative if you consider them the lesser evil.
-If your issue is with the principle of "free personal e-mail" in general, a web hosting company like Hostgator/Justhost/1&1 may fit
1) Your own domain. (look for prices around $10/year)
2) 2 name servers to point to your domain. Possibly can get them from your domain registrar, from your ISP, or from some external provider (prices vary depending on your needs - can also be free under certain conditions) The name servers must be capable of specifying an MX record (usually the case)
3) a static IP address (for your mail server) possibly can try dyndns, but would not recommend it (static IP from your ISP should be approx +$5/month)
4) a firewall, possibly a firewall router - hardware is better than software - consider NAT or DMZ - only open the ports you need
5) a mail server box - could be a Windows PC, a Linux PC or even a high end NAS such as QNAP or Synology
This box will be always ON so it should ideally be low powered, robust and reasonably well ventilated/cooled.
6) an IMAP capable mail server app, such as hMailServer on Windows or XDove on Linux
7) a WebMail front end client, such as RoundCube
8)You may also want to consider an SSL Certificate (self-signed is OK) if you want external (internet) access to your mail server from external/mobile devices
You will want your mail server to be always ON with no more than 48 hrs of downtime (or other mail services may blacklist you)
Consider
A) a UPS with a significant amount of battery time (don't forget batteries will also need replacing over time)
B) In any case, if the power is out long enough, make sure your server (and services) will restart automatically
C) a backup server in case the main one croaks
D) having available a service center capable of same-day service (if you choose not to have a backup server).
Note that I am still glossing over quite a bit of detail, which you should research for yourself, but the above describes the main steps.
Enjoy your adventure.
Everything you want: CG Pro from Stalker software. Free for max. 5 accounts. Scales to millions of users easily. See stalker dot com.
What the op describes sounds like the opposite of fredom: he's creating a thankless and tedious full-time job for himself that nobody pays him for. I can't afford too much of that kind of freedom.
While I mostly agree with the legions of upmodded posters telling you it ain't worth your time or your sanity, in typical Slashdot fashion they are all simply questioning your question rather than answering it. I'd suggest the Dovecot stack + Roundcube + Postfixadmin for administrative tasks.
Yeah, I run a similar setup on Debian / Linux Mint / Ubuntu. I think using this how-to: http://blog.edseek.com/~jasonb/articles/exim4_courier/index.html (it was a long time ago, but it was relatively painless... just install a bunch of packages via aptitude and tweak a few config files if any)
spamassassin has been working all right. It files a bunch of stuff into SPAMprobable and SPAMcertain, and then I have a plain SPAM folder that fill with anything that still gets through. Occasionally I'd feed that folder to sa-learn. A handful of procmail rules sorts incoming mail into folders for lists and work and family and priority stuff, so that happens just once.
I like having everything in imap folders, since I can have my mailbox open in multiple MUAs simultaneously, and just sync occasionally to see what's up. So I would have thunderbird on the desktop, and squirrelmail via the web, but mostly I'd read mail using screen + mutt + sidebar extension.
The other screen windows would have sirc and centericq running in them, and also aptitude, so one sweep through those screen sessions would pretty much keep me up to date.
I set up my gmail account to forward everything to my box, and I used to use fetchyahoo to suck in all of the yahoo mail in as well, but that became a pain to keep updated... especially since my yahoo email was mostly for commercial spamful interaction.
I seem to be affected by that yahoo mail problem where it bounces half my mail back to the sender like it was an invalid account, which is a real pain with all of them asking me to reverify my email address. Probably time to drop that and migrate all that crap to some random gmail account :-/
Anyway, I haven't found any imaps clients for Android that I really like using yet, so I tend to just check my email using the gmail app on my phone, and only occasionally check my homegrown box :-P But it's nice to know that everything's there on my box (and occasionally encrypted and backed up via rsync to a friend's server).
I would suggest running an Ubuntu server on Amazon ec2 with postfix and roundcube as mention many times above.
It does mean you have to keep the server updated yourself, which is easy with apt-get. And you need to tie down via ssh keys, SASL authentication, TLS encryption, ip ranges etc. And every Ubuntu LTS release it is probably a good idea to create a new server and migrate the data instead of upgrading but not a requirement.
I wrote a howto on how to install postfix++ on ubuntu: http://flurdy.com/docs/postfix/
And some ec2 tips as well: http://flurdy.com/docs/ec2/
Some continuous sysadmin will be needed, but it is manageable.
That said, while I do run my own mail servers for me and friends & family, my main mail accounts are on Google Apps.....
(routed via my servers so at least I have some recovery options)
My other Sig is very funny.
Horde Webmail
Use google for outbound and inbound, forward mails from gmail to your server (zimbra, exchange whatever) for every user if you don't like google's UI. It is trivial to use google for outbound emails as well.
Security through obscurity is not security.
Man who leaps off cliff jumps to conclusion.
Stop listening to others complaining that they aren't good enough admins to do a correct setup, and have a look to this URL: http://obm.org/doku.php
I've been using MDaemon happily for many, many years. The administration is simple, I've not had any problems with my address being blocked, the spam problem is taken care of by MDaemon's options and all together I'm a happy camper. I used to use their calendar app too but it doesn't play well with Android, so I switched to Google. There's a free version that you can try. I no longer remember what the restriction was that led me to use the paid version.
Thus, while your goal is admirable, and desirable -- to have a mail system which, unlike Google's, isn't fed straight into the NSA -- your approach is flawed because it aims too low. You can build a very effective system that's greatly superior to Google's garbage by using an appropriate OS (which means: BSD or Linux), an appropriate MTA (which means: sendmail, postfix, exim or courier; qmail is only used by morons who don't know any better), and the requisite anti-abuse controls, starting with your firewall, including the generous use of blacklists, and strict enforcement of RFC requirements, including matching forward and reverse DNS, resolving HELO/EHLO, and so on.
This is a straightforward task which any competent mail system adminstrator should be able to accomplish in an afternoon. This is not to say that they should have it fully tuned and tweaked; it is to say that they should have it operational. Tuning and tweaking takes time, and is obviously a customized task whose requirements are based on the environment in which the mail server operates -- and it begins the moment the server is operational.
But please, do not set your sights so low as to emulate Google.
I have hosted several web and mail sites on Bluehost with very little problem. They take care of the servers, we take care of the backups. They have some sort of agreement with a spam filter site that is ridiculously cheap. One of my clients gets email forwarded to their Exchange server (the router only allows email from the Bluehost boxes to have access), others just use IMAP and POP3. I don't have to add users or tweak mail servers. And all for about $7 a month.
I have run email servers for County agencies, local munisipalities, international corporations, school districts, and ISPs. So far the Bluehost solution has been the easiest by far.
No one ever had to evacuate a city because the solar panels broke!
Whatever solution you choose, make it a VM. Regularly export the VM somewhere and you will eliminate 99% of any drive failure headache.
Postfix 2.8.x for the MTA (2.8 has the new postscreen feature which is great to help with SPAM control)
Dovecot for IMAP POP3 as well as for SASL AUTH
Roudcube or Squirrlmail (take your pick) for webmail
PostgreSQL or MySQL for database backend
Spamassassin to catch what SPAM is missed by postscreen.
ClamAV to scan for viruses
Amavisd-new to interface psotfix to spamassassin and clamav
PostfixAdmin for managing your domains and accounts from the web.
Use virtual domains with postfix "virtual" for the delivery agent, use maildir format for your mailboxes (mailbox path needs to end in "/"). Make sure and use the submission port (587) for your outbound emails, not the SMTP port (25) which should only be for inbound emails. Don't use SMTPS (which works over port 465) unless you have to support a really old email client that doesn't support STARTTLS (which works over the submission and smtp ports). Stitch all the pieces together and if done right you'll have a great email system like all the pros use.
If you need help come into #postfix on freenode IRC network.
Windows is a bonfire, Linux is the sun. Linux only looks smaller if you lack perspective.
As others have mentioned managing your own mail server on a private connection would be a nightmare.
I'd recommend you look into a fully managed VPS solution so you still have full control over everything if you want but your provider can still fix things for you when they break etc. I'd also look into a host that provides the @mail webmail interface which is similar to gmail (possibly better). This shouldn't set you back too much per month and should give you everything you need without all the headaches.
The absolutely easiest way is Citadel and if you want it to look nicer, add either the Blue Citadel theme or Roundcube. Setting up Citadel takes about 20 minutes using the Easy install script. I've been running it for about 15 years with no trouble. I upgrade the machine one a year or two around Christmas and a typical server box runs about 5 to 7 years, before it fails.
Step 1) Ubuntu server
Step 2) Follow http://flurdy.com/docs/postfix/ and setup roundcube for your front end.
Step 3) Go outside
As plenty of others here have mentioned, if you're willing to dive in and maintain it, the tools are available. However, it's probably not going to be worth it to you if you want to avoid the sysadmin side of things. That said, I'd take a look at putting Zarafa (www.zarafa.com) (Groupware, like Zimbra, but native linux code with some cool features like free Exchange Activesync support) on top of a postfix + spamassassin setup to get a really robust set of open-source services going. Add in Maia Mailguard (http://www.maiamailguard.com/) to add automation & central administration to your spam filtering, and you'll likely be pretty happy with your setup (if you're willing to spend the time to put it all together.
Time is money. Bandwidth is money. You'll not have any when you host your own email.
The last email server I ran before I was laid off and the company I worked for was closed was at 95% spam and 5% valid email. (Thanks Obama, shuttering auto dealers and the resulting huge pyramid of supporting business was of great benefit to all.) That is a lot of junk YOU are paying for in bandwidth and processing. Add in all the admin tasks already mentioned and it becomes a full time job with little payoff. And don't forget that if there is any litigation or chance of litigation you'll have to keep a permanent backup of all email that goes through your server.
The best suggestion anybody can do for you is to have you host your own domain on a web hosting provider. Some can be had for about $5-$10 a month for unlimited email. All you have to do is admin the accounts just like on gmail. You'll have an occasional call for support if their server goes down but you will not spend a week reconstructing what you can from damaged backups.
Nobody is kidding here. It is a full time job to run your own mail server.
It really is too bad that you're interested in hobby mail now. Teleport yourself back to the BBS days and you'd have all sorts of people wanting to help you get up on Fidonet, Usenet, and the rest. The more the merrier back then. The Internet really screwed those communities up.
One thing that immediately comes to mind is that IMAP doesn't natively support "labels" or "conversations" in the same way -- labels in particular, a message has one folder and that's it. Neither does mbox or maildir. Also, maybe it's my setup, but I seem to have issues with large folders or operations on large numbers of messages, something GMail doesn't seem to have a problem with.
That may be a feature you wouldn't care about, but if OP asked specifically for a Gmail clone, and claims to actually be using all of Gmail's features, that suggests this is one thing which needs to work well.
And if you're going to need a custom application accessing custom storage, it seems like you could either have a custom protocol and a custom client, or a web client, and I don't see much advantage for native here.
Don't thank God, thank a doctor!
My experience doesn't seem quite as bad as all the horror stories I am seeing here. Most people seem to be talking about constant work, and although my mail server required a lot of front-loaded effort in configuration and whatnot, the thing I think was the real key element was having a clean block of IPs from a clean colocation provider.
If your software is setup perfectly and you have done everything within your power, you can be screwed by a bad reputation attached to your provider or your IP address(es). You don't necessarily need colocation service either, as some ISPs will offer clean static IPs, often as part of a business service package. In some cases you will also need to request control of reverse DNS as some mail endpoints block hostnames that they feel are indicative of dynamic service for home users. Things like "adsl" "cable" "dynamic" and "pool" are keywords which may prevent mail delivery if they are present in your hostname.
I have been running my own email server for 5 years. I use a relatively simple one called XMail
Very rarely needs any sort of maintainence. You need a static IP + PTR record and possibly also a SRV record for your domain. Now I have made life easy for myself and don't have any webmail set up although I did have this before. StartSSL offer free certs you can use on your email server, you have to update them every year but its fairly easy.
I don't understand why people complain that running an email server is so bad because in my experience it takes the same or less work maintaining than my web server and XMPP server. I don't like google, I don't like their invasion of privacy and how they are trying to make everything Web 2.0 so they can push more ads on you. Alright if you are running a mail server for thousands of people who constantly need their accounts modified/created/deleted and manage tons of domains I can see it will be fairly time consuming but if you're only hosting for a few people its really easy
Try Communigate Pro if you can swallow the price.
Iris for a set of free software.
Use Roundcube for webmail.
Everyone is suggesting to move to Google apps/mail. Aren't there any other alternatives that are remotely equivalent? ...
To not do evil may be their corporate motto, but not sure I can completely trust any corporate entity. So, there is a need to find the least evil of them all
Do you know the real reason behind the Gmail's existence?
Because E-mail is the application you keep open all the time. If your e-mail client is in the same browser session than your other web tasks, all the google.com cookies are shared, and so Google can clearly associate your navigation habits (through their Google Analytics probes) to your e-mail account and so to your name.
This is the same for Google+.
So Gmail is a support tool for Google to send you better targeted ads (which by the way they are also sending in the Gmail session). This is also why they can offer you such a great service for free: you are giving them so much information that give them a competitive advantage that that's worth it for them.
Note that the same reasons are behind other cross-domain web services such as Disqus, FaceBook Connect, Twitter authentication...
try to use Mdeamon Viet Biz Dream Jobs
" including a Gmail-competitive web GUI " are you kidding me ? there isn't one, let alone for *free*
If you're too keen, pay up and go Microsoft i.e. Exchange + Office + other ripoffs
All the best !
Way to ruin a perfectly funny private joke among those that have seen the film :( THose that are unaware could always have googled it!
Try Rackspace Email hosting. You will find that they have a few options. Try the one you like best and with the least amount of maintenance. I like both web based and robust (!important) offline mail access.
I'm really surprised with the amount of people with these horror stories. I have been running postfix/dovecot/roundcube on a VPS for a few years, and apart from the initial setup, the administration has taken very little time. Of course managing a VPS always takes some time (which I do anyway, as e-mail wasn't the original reason to rent it), but mostly it's just monitoring and applying updates, which is pretty light.
It just haven't been that difficult. Annoying users? just me. Spam? my main address is at iki.fi (a organization providing long term emai addresses), which does quite good spam filtering so I don't need any on the server. The server has never been blacklisted, even mail lists for few people work nicely.
Maybe I have been lucky. It probably helps that I have some work experience as a system administrator (I wouldn't recomend setting up a email service to someone new in system administration), but still, I just don't think that setting up an private email server is that much of a hassle. Maybe not the cheapest and simplest way of doing it, it's a hobby, but not a deathtrap. Managing a email server for hunreds of (stupid) users which rely on it to do their work off course might be.
I pay for it, in both cash and some of my time, but I own my data, and know (more) how it works.
I ran my own mail server for 10 years. It was fun at first, but it turned into a job I didn't like very quickly. I spent a lot of time keeping the server up and running:
- network issues
- hardware issues
- dealing with all the bounces you get when someone uses one of your domains to spam with
- updating spamfilters
- updating software
- being blacklisted
The worst part was actually dealing with all my irritated/angry friends and family when things were not working as expected.
I eventually migrated to Google and have not had a single complaint since then.
Personally I kept using my internet provider email account, but I use fetchmail to pull the email down from it via imap every 5 mins or so. That way I get the benefit of their spam blocking, don't have to change my email address, etc. Fetchmail pulls down to my cyrus ipapd + postfix mail server, and I also have squirrelmail AND roundcoube as my front ends. I use roundcube when I'm on a full browser and squirrelmail in a pinch when I am on my phone. That way I know I have everything backed up and local. Google makes me feel like they're looking over my shoulder all the time and that creeps me out. I even stopped using Google Reader for RSS when I found out they knew details about you down to HOW LONG you spent in each feed. Creepy.
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
Falling off a log easy to set up, we love Zentyal (formerly eBox)
Basically, it's what happens when your easy-peasy home router and a fully fledged business server had a baby.
http://trac.zentyal.org/wiki/Features
Personally, I use it as a windows file sharing server, VPN, DNS, DHCP and gateway.
At work we use it to build routers and VPN servers.
Regards,
J1M.
Interesting, there have been 2 types of replies ( at least at level 3 and above ).
1. "This is how you do it...."
2. "Dude! *Why* would you want to do this. I did it/I run an email server for work, it is a PITA and Google is free.
Well, the "Why" is that people want more privacy and control of their information.
# 2 is a good illustration of a trash island in the pacific ocean of open source thinking. "If you don't like it, roll your own". Well, many people who have rolled their own have written in to say that such an endeavor, instead of serving your needs make you serve it.
That is cool is you are an enthusiast, but if you just want a job done that sucks.
Since "how can FOSS make money" is a perennial and interesting question I would suggest that the FOSS community makes a certification board for "safe" ( private, they don't read or use your email/information) email.
Such an organization can charge a fee for conducting an investigation that leads to a certification and periodic re-certifications.
Other FOSS types can make money by setting up alternative web based email/PIM/cloud app systems.
I came to the exact same problem!!! I hated it! So what I have done is gotten myself a VPS. Installed a CentOS/cPanel/WHM combo. Then installed roundcube on a subdomain. Then you can use plugins that you write to interface with cpanel's built-in filter features and password changing feature. It has made my life much easier!!
I just moved all of our email to rackspace. 2 dollars a month per account. They seem to be pretty good. It sure beats the hell out of the pain in the ass that running a mail server is.
I'll probably get flamed into oblivion for recommending a MSFT product on slashdot, oh well...
Exchange is actually pretty straightforward to install and administer. It has built-in webmail, calendaring, shared folders, etc. It also has out of the box mobile synchronization via ActiveSync which works with iPhone / Android, etc. I think Blackberry may even support ActiveSync now via BIS.
Active Directory is also very nice for centralized permissions, etc (assuming you're using Windows clients). I hear HomeGroup in Win7 goes a long way to improve this, but have not personally used it.
Exchange is especially good if you have multiple folks at home and you want to use calendaring, etc to organize your life. All of your PCs and mobile devices can stay synced pretty effortlessly which is a big win in my book.
Downside is obviously that you have the cost of buying Windows, Exchange and Outlook, plus an SSL cert and a static IP, and probably some sort of spam filtering solution such as Postini, however there are various ways to get MS software cheap and/or free (i.e. academic programs, action pack, etc).
I don't do this because I am put off by the cost of running a server at home (power, etc), the additional cost for a static IP, and the reliability issues that come with running a server off of a consumer grade Internet connection. However, if I had a colo or VPS that I was already paying for, I'd be inclined to set up a VM running Exchange there.
One solution seldom mentioned and yet entirely useful for the hobbyist - nearly all the advantages and none of the problems of a full blown mail server is a "half a server" solution. Perfectly enough for someone looking to keep his family happy and in email.
Getmail or Fetchmail to clean out your various accounts
Procmail or Maildrop to sort it
Dovecot (or another IMAP server) for serving it
and, if you must, a webmail layer.
SMTP via whatever willing ISP provider one has.
I do run this on several servers now for years, it gives me the flexibility I am looking for, allows me to tinker to my hearts delight and is generally perfectly harmless.
I am of course no IT professional, but simply a tinkerer who loves owning his own boxes.
I do have postfix running on some boxes and have set it up to send out local mail, but not accept remote + use this for server health messages etc, but would loathe being responsible for some spam throwing monster - so it is never really exposed.
Funny, I've been thinking the same thing lately. And I've been dependent on Google and Android for a while now.
Why. Google plus was the last subtle thing to set it off.
I've used Google Apps for all of my email on my domain since it came out. Works great. I've had my domain for 15 years, and it's me. I depend on Android and my Google interconnects. I use Chrome on all my boxes. Everything works well.
Plus doesn't like Google Apps for your Domain. You've got to create a new gmail account for that. Something that's not me. Something that nobody knows me as. And Chrome/Google account switching will force that to be the default account.
Multiple account switching has also changed around, and it makes this gmail account your primary account, and I've got to keep using my password to get to my regular Google Apps email in Chrome. Now, the email I've depended on for 10 years multiple times a day requires me to keep switching back to my (now) non-default domain account, if I check Google plus also.
It sound petty, but it's made me stand back and say, "Wow, I'm _really_ dependent on Google, and this can get ugly". Being an open-source kind-of-guy, that makes me nervous.
--Lance
Funny, I've been thinking the same thing lately. And I've been dependent on Google and Android for a while now.
Why. Google plus was the last subtle thing to set it off.
I've used Google Apps for all of my email on my domain since it came out. Works great. I've had my domain for 15 years, and it's me. I depend on Android and my Google interconnects. I use Chrome on all my boxes. Everything works well.
Plus doesn't like Google Apps for your Domain. You've got to create a new gmail account for that. Something that's not me. Something that nobody knows me as. And Chrome/Google account switching will force that to be the default account.
Multiple account switching has also changed around, and it makes this gmail account your primary account, and I've got to keep using my password to get to my regular Google Apps email in Chrome. Now, the email I've depended on for 10 years multiple times a day requires me to keep switching back to my (now) non-default domain account, if I check Google plus also.
It sound petty, but it's made me stand back and say, "Wow, I'm _really_ dependent on Google, and this can get ugly". Being an open-source kind-of-guy, that makes me nervous.
--Lance
If you have to ask, then you're going to be in a world of hurt.
Without getting into too many details... I agree with many of you and on the other hand, I disagree with others.
I've been running a few websites with email accounts off Dreamhost for a few years now, and I highly recommend that over rolling your own. Sure, you might be losing some of the flexibility of a complete from scratch solution, but you're also handing off a lot of the administrative hassles to professionals. Plus since it's a paid solution I'm not as concerned about my data being fodder for google's growing empire.
The whole thing is running off a virtualized server that I pay $15 a month for. No blacklist issues (so far in like 3 years) since it's a known IP block with a known hosting provider. Spam is a minor issue, they're running spamassassin which on it's own seems to do an all right job. It gets the worst of the worst and thunderbird picks up a fair amount of it as well. The webclient uses roundmail, which is somewhat dated, but has a decent ajax interface. I think they have some other choices for webclients but to be honest I don't use them that often.
The Answer
I dislike the idea of running a server. Either it is
I dislike Google more and more. Since a few years I am wishing there would be some initiative by privacy aware people, who offer something similar like Google's docs, cal, mail, picasa, +, etc. but on a commercial, or semi-commercial (non-profit) base. I would be willing to shell out a 120€/year for a liberal concept, that even has an API.
Hello?? Fred?! Is this you?
I'm sure a lot of people in London would agree with that plan.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Would you say the same for someone who is openly Jewish? How about a Hindu?
Candidates shouldn't have to keep their religion, or lack of one, a secret.
The system is broken if you have people who vote largely based on whether the candidate talks to the same invisible man as them.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Stick up with your gmail account or set up an own mailsever + ssh + mutt = best email solution!
I have used Zarafa about 3 years and this whole webmail is a real bad thing:
- It's very slow - compared with a ssh connection to the mailserver and my mutt client running on the mailserver,
- the options for filtering, sorting, etc is very poor
- I don't know any webmail client which includes GnuPG (encryption, decryption)
- the movement is slow and painfull: if the webmail doesn't use ajax, each operation is related with a new HTTP-GET request and respons