Slashdot Mirror
Ask Slashdot: Self-Hosted Gmail Alternatives?
linkedlinked writes "I'm tired of building my sandcastles on Google's beachfront. I've moved off Docs, Plus, and Analytics, so now it's time to host my own email servers. What are the best self-host open-source email solutions available? I'm looking for 'the full stack' — including a Gmail-competitive web GUI — and don't mind getting my hands dirty to set it up. I leverage most of Gmail's features, including multi-domain support, and fetching from remote POP/IMAP servers. Bonus points: Since I'm a hobbyist, not a sysadmin, and I normally outsource my mail servers, what new security considerations do I need to make in managing these services?"
Grab yourself a Zimbra appliance from http://www.turnkeylinux.org/email - up and running in a few minutes, and it should give you most of what you'd expect coming from Gmail.
The best webmail UI I've used other than Gmail is Roundcube. It's simple, clean, and works quite well.
I used to get high on life, but I developed a tolerance. Now I need something stronger.
You have to be blind if you consider Squirrelmail anywhere close to comparable to a modern interface like Gmail. It pretty much embodies the visual style of '90s Perl scripts, and that's certainly not a good thing.
I used to get high on life, but I developed a tolerance. Now I need something stronger.
I've run Zimbra for 3 years now, back to 5.0.9, which I installed for my then employer. The architectural people there have taken, right along, an attitude that I can characterize only as "RFCs? Who cares about those?"
It doesn't handle fixed-pitch well; its editor won't re-wrap (though they might have finally fixed that in 7), it doesn't uknow from RFC 2369 -- in fact, it handles mailing lists poorly in general; notably, you can't change the Reply-To in any way when replying, if you generally want HTML off (as I do), the only way to turn it on is to dive into the Preferences and switch it, then reload; same turning off...
Check for bugs filed on their bugzilla by jra@baylink.com if you want a full list of the ignominy. But in general, I would say: evaluate it pretty thoroughly to see if you can deal with its crap before deploying.
It's *very* pretty. I just don't know if it's worth the trouble.
For over 15 years, I spent my time doing my own servers. Figured out that I was spending too much time doing server admin and not enough building sand castles. Now, I am on Google.
I prefer the "u" in honour as it seems to be missing these days.
The problem with CRM114 is that it let's anything past if you just put 'POE' in the title.
I've been a sysadmin for about 15 years now. I used to host all my own e-mail, my own website, all that stuff. I had a webmail interface (Squirrelmail), spam filtering, IMAP, blah, blah blah. Then about 6 years ago I got deployed to Iraq. I couldn't use SSH from the DoD network, so updates became a big issue, spam became an issue as I couldn't maintain my filters easily. After a couple of months I went hosted on my domain. Web based admin tools meant I could maintain stuff without SSH, they had a much less "hands on" backup procedure (at the time mine involved CDs), the service was down less often than my DSL used to be... Honestly at this point I can't see the value in maintaining all this stuff for myself. I pay less for hosting than I would have to pay for a "business class" DSL or cable line for the static IP, they handle most of the hard work, and what they don't handle, I manage from a web based dashboard.
There are tradeoffs and disadvantages, but for 80-90% of personal uses cases I can't see why you'd want to personally maintain a server these days. If you simply enjoy doing it, that's one thing. If you have a business of any size, again, there's a good argument for self hosting. For most people though, just pay someone to take care of the grunt work for you. You'll have less downtime, and spend a lot less of your free time fiddling with it.
I don't need a million points of light, just two points of multi-mode fiber and a 10 Gig-E router.
1) Install Linux
2) Put all the software on it
3) Be happy with yourself for mail actually working
4) Get blocked by your friends email hosts because they have no idea who the hell your server is
5) Learn about reverse dns, all the fucking host entries that you have to add so that you don't get automagically blocked by half the populated world
6) Some asshole user sends email with no subject and an executable attachment, it comes back to them bounced and they scream at you.
7) Same asshole user bitches and moans 3 times a day about how much spam they get and what a piece of shit your server is
This ends up with the following consequences:
1) Give up your life as an actual person. You're now a mail server admin
2) You stop giving a shit about said asshole user.
3) You start to second guess your decision to run your own mail server after somebody exploits something (weak password from asshole customer?) and sends half a million spam messages, and 2/3 of them bounce back at you.
4) You start growing pale and have hideous dark bags under your eyes
5) You're "that guy" in your apartment complex ("he never leaves!")
6) Eventually you miss your life, the outside world, and what is left of your sanity.
7) You start prioritizing your life and you finally give up and.....go back to Gmail.
Nobodies Prefect
Tidbits for Techs Technology Blog
It's ironic for me that you should post this on the day after I just abandoned my last home-maintained mail server in favour of Google.
For the past 15 years I've been a mail administrator in some capacity for a variety of mail systems ranging from my own personal colo to a vast multi-national corporation. Solving the technical problems of building and maintaining a functional and reliable system was fun for a number of years, especially when email was dominated by geeks. But nowadays, running your own server is a perpetual nightmare.
First, there's the problem of where to host it. It has to be accessible wherever you are, and it has to be able to send mail out. If you're planning on hosting it at home, on the end of a cable/DSL/fios connection, bear in mind that your IP address will almost certainly be blackhole listed. Also, your ISP may well be blocking outgoing mail to prevent spam. You will probably have to configure your system to route all out going mail via your ISP's SMTP server. Why are you hosting an SMTP server again?
If you're hosting it in a nice VM or in a colo, you're better off, but paying. Google costs you nothing.
Next, storage. Obviously that's no problem because you have a mirrored RAID eleventy-five array you built yourself. If that's in the colo then you can forget about it - except when a drive goes bad or it crashes unexpectedly. But then it's fine because you're paying for support aren't you. And backups. You are backing it up aren't you?
Next the server software. Personally I've had a lot of success with Sendmail/Cyrus IMAP/IMSP/Squirrelmail and friends, despite enduring jeers from other sysadmins who think they have a better combination. In the end, it doesn't matter. They all suck. They all need patching regularly. They all break. They all need tweaking on a regular basis.
Then the final turd in the swimming-pool: spam. It costs you so, so much; bandwidth, around 95% of all of the inbound traffic is spam; time, configuring and maintaining spamassassin and various blackhole lists that occasionally start rejecting mail indescriminately; pride, the only time your clients contact you will be to ask why the mail is so slow and why there's so much spam. "But my gmail doesn't get this much spam - can't you filter it" they say, while you bite chunks out of your tongue. Spam to a mail administrator is like the gopher in Caddyshack: it will keep you awake and turn you into a monster. And the day will come where you, spam-slayer and junk-mail terminator, get put on a blackhole list for being a spammer. That's really fucking harsh the first time.
I could go on. but we're already in the TL;DR territory.
Most people do not host their own mail server. They live longer and healthier lives as a result. Follow their example and let Google worry about all of that for you - and in return you just have to pay them...nothing.
I think the whole exercise is short sighted. I've been there, done that. The amount of effort to keep everything running, updated, configured, etc is a PITA. Setting up a solid spam filter is a huge undertaking because it's a multi layered approach. SA or equiv, various milters, and more and you still won't come close to GMail. When I finally gave in and decided to switch to Google Apps I was floored by the improvement in Spam filtering. Are there quirks with Google' stuff. Sure. But they are improving it. I finally today got most of my stuff tied to my personal count migrated to my Apps account. The family enjoy using their apps accounts too compared to what we used to have. We've used IMP, Squirrel Mail, ROundcube, and others. Roundcube is the best in that group interface wise, but is still very buggy. Was Horde fun to play with way back before Google's services existed? Yup - because they were something not easily done elsewhere. But now? So good luck - it certainly can be done, but to be done right requires a lot of effort that's only worth it if you have nothign better to do or are a internet services admin at work and like to tinker at home. And even then... I can spend all that time spent screwing with my internet 'stack' and apply it to better things now that Google just handles the day to day stuff. Am I concerned about them 'owning' me - maybe a little. But so far, they've not done evil to me. Plus even if I wanted to migrate all my stuff back to a personal server again, Google Voice is the deal breaker for me. Can't live without it.
Top Most Bizarre/Disturbing Error Messages
The guy is "a hobbyist, not a sysadmin" and is looking for a self-hosted alternative webmail. The thing is, unlike a lot of other parts of life, mail hosting is basically a sewer of pain. Potholes and pitfalls are absolutely everywhere. To make a bad analogy, the guy basically posted "I'd like to be more independent. So I've decided to learn to fix my car, start growing some vegetables in my backyard. And, oh yes, have a baby. Are babies hard?" All of those are valid goals, that people everywhere should aspire to. But, as the germans say, he needs to be aware of the commitment and Kindersheisse of maintaining a mail server.
And I've been on both sides of the "black-hole everyone's mail" problem. If a server is sending out spam, a single server can easily be sending out hundreds of pieces of spam to each and every one of your users per day. Chances are, that "server" is a hacked Windows XP box someone in their IP block left online (there really aren't anything other than hacked Windows XP boxes online these days). Or a server with inadequate protections that is being maliciously harnessed. Or someone put the address into a blacklist wrong. Either way, without these blacklists e-mail service as we know it would be over. And, unfortunately, there are people profiting from spam, fighting every bit as hard as the legitimate users to get off of the blacklists.
And that's without taking into account the basic technological issues, like needing redundancy and response significantly higher than take-it-or-leave-it services. If your docs server is down, you have to wait a bit to access your documentation. If your mail server is down for long enough, you lose all of those messages. Also, all of your clients get messages that your system is down, but you don't. You get hit constantly by volumes of spam, leading to waves of DDOSing. People don't back any mail up, but require it to be available forever. And, this may just be personal perception, but I swear that all mail servers are coded to be suicidal.
So yes, the effort put out to host one's own mail server is disproportional to the payoff in terms of personal information security. Because it's not building a server. It's committing to hosting an ongoing part of the mail ecosystem.
The ______ Agenda