paritybit.ca

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit 16f783e8e6d91f53cd5851893bc58e535cd3452e
parent f041dabd46dd751d7978f63c3cc49872c593653c
Author: Jake Bauer <jbauer@paritybit.ca>
Date:   Thu,  2 Jul 2020 20:48:24 -0400

Blog post draft

Diffstat:
Apages/blog/a-month-and-a-half-of-self-hosted-email.md | 82+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 82 insertions(+), 0 deletions(-)

diff --git a/pages/blog/a-month-and-a-half-of-self-hosted-email.md b/pages/blog/a-month-and-a-half-of-self-hosted-email.md @@ -0,0 +1,82 @@ +## A Month-and-a-Half of Self-Hosted Email + +[//]: # "META_TEXT" + +[//]: # "main.min.css" + +[//]: # + +<div class="byline"> +<b>Written By:</b> Jake Bauer | + <b>Posted:</b> [DATE] | + <b>Last Updated:</b> [DATE] +</div> + +There's been a lot of talk in my Internet neighbourhood lately about the state +of email and whether it's broken or not. I previously posted about how I think +[email is the best discussion +platform](https://www.paritybit.ca/blog/self-hosted-mail-now-live) so you can +probably infer my position but I want to add the perspective of someone +self-hosting email to the discussion since the two major points people are +talking about are spam and privacy. + +I went live with my self-hosted email server on 2020-05-19; almost a month and a +half ago. Since then, I've been using it daily for all of my email-based +communications through IMAP (there is no web interface). As I discussed in my +[blog posts about setting up +email](https://www.paritybit.ca/blog/preparing-to-self-host-email), I am using +OpenBSD with OpenSMTPD, Dovecot, and Rspamd which is holding up well as a solid, +reliable software stack. I have had no issues sending email to any domain, I +haven't had to do any maintenance on the server except for needing to ssh in a +couple of times to run `doas sysupgrade` when a patch for the base system was +released. I've signed up to the OpenBSD mailing list which notifies me when +these updates are released, so it's a simple matter of logging on, running the +update, and rebooting the server which takes all of 5 minutes to do. In fact, I +just ran `uptime` and the server says it's been `up 27 days, 23:16`. +Additionally, I have package updates run as a daily cron job and I force TLS +certificate renewal in a monthly cron job. I get daily and monthly emails about +the output of both of those commands so I can quickly make sure that everything +is running as it should. + +Regarding spam, the number one complaint I hear across the internet when +self-hosting email is that spam is unmanageable for someone self-hosting their +own email. I am someone who readily posts +[mailto:jbauer@paritybit.ca](mailto:jbauer@paritybit.ca) links on my site and in +a handful of blog posts, I have my Rspamd configuration set up to conservatively +junk emails instead of outright blocking them (unless they come from a dynamic +IP address, then they're outright blocked), and I haven't received *a single* +piece of spam email directed at me. The only actual spam that has landed in my +junk folder is the very occasional message that slipped past a mailing list's +filter. I can count on one hand the number of those messages that I have +received. + +I'm not sure what it is, but somehow after leaving a big mail provider (in my +case it was ProtonMail), I now receive less spam despite using the exact same +email address and publicly advertising my email. My experience matches that of +the creator of OpenSMTPD: + +> I take absolutely no precaution hiding my e-mail address, gilles@poolp.org, +> and I sometimes get one or two spam e-mails per day in the junk folder. Not +> only is that not a daily nightmare, but it’s less than what I actually receive +> on my own Big Mailer Corps account [...] ([source for the +> quote](https://poolp.org/posts/2019-08-30/you-should-not-run-your-mail-server-because-mail-is-hard/)) + +As far as privacy is concerned, I don't have to worry about a company analyzing +my every inbound and outbound email to gather data on me because I am my own +provider. Many of my emails still grace Google's and Microsoft's servers with +their presence, but I recognize that any email not end-to-end encrypted is not +truly private (though they are still encrypted in transit). If I'm sending +sensitive data, I would encrypt my message with GPG or use a different medium +such as Matrix. + +If you're running your own mailserver, privacy really becomes a non-issue. I'm +not going to be discussing intimate details or credit card information with +someone via email because I recognize the limitations of the medium and I don't +need to worry about my provider datamining my emails, because my provider is me. + +Really, email was built to be a collaboration tool. Back in + +_This is my fifty-eighth post for the +[#100DaysToOffload](https://social.paritybit.ca/tags/100DaysToOffload) +challenge. You can learn more about this challenge over at +[https://100daystooffload.com](https://100daystooffload.com)._