Good host outside 5/9/14 Eyes countries?


#21

Why do you think self-hosting is practically impossible?

Many ISP’s here deny access to port 25 to prevent spam.


#22

@murgero just posted with the most specific reason … there is also the issue of getting a dedicated IP address. However, I never said that self-hosting is practically impossible. What I said is was impossible for many/most of MiaB’s target audience. Remember, one of the initial purposes of MiaB was to “make setting up an email server easy” i.e. for people with less technical ability, which for anyone who has followed the forums for years would recognize is indeed a good portion of MiaB’s audience.


#23

I recently moved my self-hosted mailinabox from a virtual machine on my home-based server to a VPN, and have been concerned with the privacy of my data since.

Reasons that I had to move:

  1. ISP stopped providing a static IP.
  2. ISP would not provide a reverse DNS entry. Without a reverse DNS entry, my miab could not deliver to Yahoo and some other domains that were important to me.

I’m mostly happy with the VPN-based miab. It’s easier to use Roundcube to access mail from outside my home network. My home server syncs a copy of /home/user-data/ every night in case my VPN provider ever disappears. I have to hope that my VPN provider will never be interested in looking at my email.


#24

Although I have been vocally against secure off premise hosting, I am aware of issues with self hosting. As a requirement for self hosting MiaB I would suggest the following being in place.

Internet connection:
The option to have one or more static IP addresses
A minimum bandwidth of a 5mb uplink and a 10mb downlink ideally 10mb up and 20mb down
The ISP should not block ports 25 or any other port needed by MiaB

Technical ability:
Ability to install Ubuntu server edition and keep it up to date.
Basic knowledge of TCP/IP routing and ability to configure a router.
Capability to set a static IP in Ubuntu.

Hardware:
Router capable of handling multiple IP addresses, creating a DMZ and or port forwarding.
A basic PC or server with a minimum of 2 cores and 2GB of RAM.


#25

Thanks for the suggestions, @paradoxbound. I understand that the connectivity requirements of self-hosting may pose a real problem for most in MIAB’s target audience as described by @alento above? Other than that, your specs look reasonable and affordable enough.

You left out the steel doors, though… And I am only half-kidding. I would argue that, without physical security and probably a whole array of additional measures or components to harden the setup, it doesn’t compare favorably to an Icelandic or Swiss virtual server. Am I wrong?


#26

Hi all,

I think it’s worth pointing out that defending against hypothetical passive government surveillance, the methods of which are essentially unknown to any of us, is probably not the most important security consideration for most people. Unless you’re hosting mail for a political target, I can’t really think of a reason why government surveillance would be a serious concern — there are lots of other issues to worry about.

If you are hosting mail for a political target, then you should be concerned about active government surveillance as well. And in that case, there are other factors. When a government comes knocking with a warrant, your biggest concern is paying for legal help and in that case the Googles of the world are in a much better position to defend your legal rights than you are. They will also have better monitoring and generally more effective security practices than you would with a Mail-in-a-Box.

So IMO you are probably best defended by using a large ISP in your own country where your legal interests will be best aligned with the interests of your ISP and they will be in a position to help.


#27

It’s why I’m running on a VPS in the cloud… I used to run my own mail from my house, but it became impossible for a poor boy like me (a business line would have solved it, but who has money for that at home)?


#28

Fact is, that if your ISP does allow port 25 and you recognize a $ as a Linux prompt MIAB is a viable solution to getting your email back under your own control completely.

I run MIAB since January 2017 on a very small, dedicated PCEngines APU2 box at my own premises, over a 100/10 ADSL line, with hardly any problems. I am really very content with it.

I remarked on this before. I personally have difficulty to see the advantage of getting trough the trouble of setting up and running my own MIAB server if that server resides somewhere in the cloud. If the objective is to get control over my email from top to bottom a server under my own roof beats any cloud server. It needs the same TLC, is much cheaper, at least as secure and less susceptible to problems beyond my control.

I understand that this might not be for everybody and support-wise it might be a nightmare if we all ran MIAB on a server under the stairs but it would be fair to at least acknowledge that it is possible to run your own MIAB server at home instead of answering that question with a solid ‘No’. Again, my experience is very positive.

Paul


#29

I don’t know about others here, but I am using a VPS as opposed to “in-house” hosting for my email:

  1. The biggest is my ISP does not allow port 25 inbound. That said, the following would be the same even if they did:
  2. Although in-house is cheaper in the short term, I avoid power outages and hence, avoid mail server down time. For some who use MIAB for business will know that down time = lost $$$.
  3. Hardware costs - I avoid hardware costs both for the server MIAB is on (Or other hardware) and also hardware maintenance. Such as cleaning of the device, making sure the network it’s on is working well and is secure, etc.
  4. Network downtime. As you know, some ISP’s are more reliable than others. Where I am hosting, I have redundant networking enabled - Almost 0% network related down time.
  5. Updating. Updating is faster for me because I have a 1Gbps downlink on my VPS.

Those are just some big reasons, but still valid. Also, I don’t think anyone was answering with a “Solid No.”. As my original response maybe comments above here states “Many ISP’s here deny access to port 25 to prevent spam.”.

That all said, if I had the time to host at home, and I knew I could keep a ~99% uptime, I would probably do it. But for now, I put my trust in my current host.


#30

The solid ‘No’ I was referring to is the answer to the first question in the Pre-flight checklist in the MIAB setup guide :slight_smile:

When you use MIAB to sell email services to 3rd parties you have a point. But for SOHO usage a server at home works well. If I look at the downtimes we have (Netherlands) for both power and network, they are short, few, and far between. I and my business can live with that; email was designed to use a network in which servers are not available 24/7.

Hardware costs for a simple mail server are low. The system I use was under €190,- including a 120Gb SSD and 4Gb ram and uses less than 5 watts of power on average.

I was not out to get a discussion going on whether the one is better than the other. Everyone’s miles vary. All I really wanted to point out is that, although not advertised as such, MIAB is a viable solution for a home based mail server if it happens to fit in your environment.

Paul


#31

I like that answer - Thanks bud for sharing! <3