New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
https://mail.duc5e.net/signup.php - My Webmail
Wholly agree here. postfix,dovecot,spamassassin,rdns,tls here running for 8 years or so on a 128MB OpenVZ VPS with no issues with deliverability. 8/10 scored on that test due to missing DKIM and SPF.
Why let some nut read all your mail?
We've all got way better things to do than extract your dick pics.
A VPS with mail-in-a-box has been a very easy introduction to self hosted email for me. Once the DNS is set up, which was pretty easy, delivery of emails hasn't been an issue.
They can read all my emails if they like... The time it would take to find something interesting wouldn't be worth whatever they find. Plus who does anything that actually needs to stay confidential over email any more?
I'm not saying it should be insecure but if your biggest worry is the guy that's keeping it all up is reading your emails then they've done a good job and maybe you're the nut.
You're telling me. Took about 6 hours. I had to take off work that day. I know what you did last summer.
What about hackers who break into your system, tar+gz all the shit and put it on torrents? Surely it's not like something similar has ever happened before, and certainly there isn't even a Wiki pedia style of website publishing this kind of leaks.
Everything you sign up for that has a concept of a user account? Usually keys to the kingdom are just one password recovery mail away. Sites implementing 2FA are extremely few and far between. I wouldn't want to just sit around and talk to @jarland knowing he can easily obtain full access to everything I do online.
I chuckled thinking of Hillary.
As @rm_ mentioned, password resets. But, there's also quite a few sites (but more banks) that implement 2FA over email.
Globally, a growing number of banks also opt to send statements over email instead of snail mail. Often, these are protected with some stupid "Please enter the first $x digits of your SSN or passport number".
When the bank or another company requires some documentation, it's common to send these files out over email (unless you're going to take a drive out to wherever the place is). Some of this documentation is bound to have your SSN or some juicy identity number. This makes the previously mentioned statement protection worthless.
Heck, I'm confident that most of us regularly email all necessary documentation to our tax consultants, accountants and attorneys.
I'm not against using email providers.
My point is simply that we need to realize the true volume and value of the confidential data that we transmit over a crappy insecure medium like email.
With a better understanding of this, along with some thought about what you feel your threat matrix would look like, you can make a better choice as to whether you want to self-host or go with a provider.
Of course, if you're not confident that you can assure yourself some level of security on your own mail server, then rather use a provider. If you're willing to torture yourself with managing yet another system or service, then self-host.
Each has its own pros and cons, but the important thing is to think before you jump.
Oh right, forgot that can't happen to your own server. Single tenent servers never get hacked
Heh. You sure do think highly of yourself, sweetheart.
I mean that's good though. If you don't trust the integrity of your mail host, you shouldn't be with them. I know where to draw professional lines, I don't shit where I eat.
When there are millions of them, and each needs to be targeted separately (not to mention running its own unique set of software and implemented security measures), chances that specifically yours will get hacked get way lower. Whereas a centralized mail service is a big fat juicy target with high return on investment for a successful hack.
I disagree. It sounds nice and all, I just disagree. Most compromises are the result of automated attacks against known vulnerabilities. I don't think tenancy increases the volume of attacks to any degree that would be visible on a pie chart. At least not where MX records are the only shared, repeat DNS record. A records maybe.
Yea why not? I use Mailcow and it's been working great for months.
Our XSmall plan can handle 1 MM mails/mo. at just $59 delivering 100% emails. Mailchannels' pricing is way too high and its not dedicated!
That's quite a claim. I'll bite, let's run some tests
I have my own Mail server it is great it scores 10/10 with mail-tester.com and all that but i also have an Mxroute account from @jarland
i have used my emailserver for personal email and stuff
But when it comes to work or IMP stuff i tend to stick to Mxroute
While we're at the subject of mail-tester.com: Tried the other day to get the rating of my domains hosted with MXRoute up.
But the highest value I was able to get was 7/10, as I seem to fail in setting up the DKIM correctly...
Not sure if this broke lately, as I was pretty sure I did it the right way while setting up already.
And on some tests I even get a lower rating, because the IP of the MailChannels relay that got (randomly) used is blacklisted. So we can see, not even they are save from getting blacklisted from time to time. :P
DKIM is just 1 point out of 10, must have been something else as well, for the 2 more.
You're sure?
Haha, so it's worse if you bothered with DKIM but didn't get it right. As for me I just ignored it entirely, and that only dings me -1 point.
Oh my... Well, think I'm going to talk to @jarland about this some time.
In the meantime: Sorry for the quick derail, back to topic! :P
Its easy to setup DKIM
if you need help just give me bump i will help you fix it
here's the DKIM setup guide I used
https://digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy
I've been hosted my own email uses Citadel + Spamassassin, ClamAV for years. Seldom have issue to receive emails. And installation is really easy using deb files.
I can add and delete as many domain names as I want.
To me, host my own email, save me lots time to configure at other provider' service, which will involve registration, payment, renew, etc. That's just waste of time.
Some of MailChannel's IPs are blacklisted but you'll note that the only reason you saw that is because the email was accepted. No one filters to spam folder based on blacklisting, they just reject the email (or they don't). If an email is rejected due to blacklisting, it is delivered from a different IP and not bounced back to you. This is a great way to ensure that you never get a bounced email due to blacklist, and also that IPs are not wasted since no mail service uses every blacklist.
Please don't hesitate to ask me about such things
Yeah, it's true and weird. Honestly DKIM is useless when most providers don't reject email for DKIM failure. I don't know how it's survived as a supported feature anywhere for this long.
I mean, gmail shows you if it passes DKIM but you have to trust your recipients to check.
Cause NSA anyway.
We've tried Zoho Mail, which performs well - and is free up to 25 users unlike G Suite :-)
Yeah sure if you trust your data with a Indian company.
I don't particularly like DKIM for those types of reasons. I set it up for my server because it was easy. I just recently started moving mail to spam folders on failures of DKIM, but that's mostly because I was bored and wanted to tinker. I've found most failures are a result of sender misconfiguration and not a result of actual spam.