Self hosting mail server frowned upon


#1

Why is self hosting mail server frowned upon such as this topic I found on Reddit: https://old.reddit.com/r/sysadmin/comments/9ejw5x/mail_server_setup_for_500_users/

They rather recommend using services such as Google and O365.

Security, maintenance and costs considered. Which is more preferable to use?


#2

I was wondering the same question for a while too. I have a couple of business-friends/mentors, and if you couldn’t care less about privacy or control and find the price of a paid solution to fit your needs, then you go for a paid solution.

To anyone else outside of that bubble (the good kind of people, in my opinion) will want to self-host or self-administrate (sort-of, hosting on places like Digital Ocean are just as good). I personally think $5/user/mo is WAY to expensive. $5/user/mo could get me a whole server PER USER!

Anyway, I spoke with a guy who owns a medium size business, as well as the president at A-Team Systems, and my impression is the physical maintenance, redundancy and upkeep of mail servers. My impression is that if you do it right (which Mail In A Box configures your box right, right out of the box, from my understanding), you don’t need to administrate your box–that’s not the big issue.

So if you self-host the physical server, you have a whole lot of crap you have to deal with. What happens if your hard drive fails? Those will need to be replaced. If you forgot to create a RAID setup, you’re screwed. If the whole server fails at once, you’re also screwed. If the power goes out, well, I guess everyone in the office will do nothing until the server it back up. If the Internet (external) goes down, all those emails will either be delayed by a whole day (if you’re lucky and the other person has their mail server configured correctly), or will be totally gone. If these are business-critical emails from customers, this is not a good idea.

However, if you get something like a VPS or rent someone else’s dedicated server, it’s not your problem to swap out the hard drives or keep the network active. All you have to do is not screw up as an administrator, which if you actually set things up correctly, shouldn’t be a problem. If the network goes down, you will have someone ELSE running around, scrambling to find the solution NOT you. However, that is less likely to happen, as a VPS/dedicated server farm will be in a location for edge-provider Internet (much much faster, reliable Internet connections), redundancy beyond reasonable measures–power and network redundancy, and physical security beyond what the average Joe can afford.

I feel like a lot of what’s online is a misconception people believe because it is what big email provider companies want people to believe, because that means more bottom line. To be honest, I think it is a bunch of crap to go from saying “don’t physically host your own mail on your own physical device at your own physical location” to “just don’t host anything that is not from a big company like Google or Microsoft”.

I am in no way an expert, but it’s what I could gather from bits and pieces here and there from experts. I think a lot of people, from like 10 years ago, physically hosted their own mailboxes. When it became a problem they didn’t feel like going through the hassle of moving it to a VPS/dedicated, because if they were going to move, they wanted Google and Microsoft to magically answer their problems. Also, Google and Microsoft give a lot more features than mail, so they were able to reap the benefits from switching to the Big Companies.


#3

Why is self-hosting frowned upon? Lots of legacy reasons, some well intended, but many outdated, just like their 5mb file attachment limit policy. Or not unlike your grandmother used to cook a huge ham but her recipe called for cutting in half before baking, but your mom still does it that way, not knowing because grandma’s oven was too short for the whole ham to fit in, and still does the same - cutting it in two before baking.

People are also just “determined to be right” which probably influences their ability to communicate. :wink:

Long ago, it used to be that running an email server “properly” would often mean not letting it become a spam relay, not getting hacked through Sendmail (or OS), which meant hardening everything to sufficient levels in both the OS and Sendmail/postfix/exim etc. And along with that meant DNS had to be setup in a way that worked with the Email server, didn’t open up more security holes in terms of DNS tunnels, spoof attacks, and empower anyone to exploit holes in DNS binaries themselves.

Couple this with a lack of… good tooling, strong security features, good support, human-readable documentation, experience on the beginner and/or knowledge from even the more experienced IT guys on how to set up and make it all work, made the whole challenge quite difficult.

Also the attitude of many companies towards their IT guys, kinda sucked in many organisations, particularly towards Email & likewise choose often for some piss poor products. Early generations of Exchange - which was most common in most orgs still today - couldn’t scale well, had horrible UI’s for administration, and were always on the short end of the security stick in terms of features.

Toss in that the Email protocol itself sucks too.

And all these problems still exist today, along with the attitudes everyone has. But the tools have matured and gotten better. Two examples are Postfix and Sendmail. Unix Sendmail was crazy powerful…if you were good in writing in ‘m4’. But a badly setup Sendmail server was a service / security nightmare, and often mail admins would ignore it, or not be aware till major problems were no longer ignorable. Postfix was the answer to Sendmail & did everything so much better. But there were lots of corporates who stuck with Sendmail because Sendmail was what was “supported by the vendor” and swapping out Postfix was not supported. The situation was even worse tho with Microsoft shops based on Exchange - I used to beg so many customers to even drop in a “postfix gateway” for security reasons in front of their Exchange servers, but the vendor of their “supported solution” wouldn’t have it, unless crazy fees on his side were paid, if it was an option at all.

All of this created some very negative attitudes / stereotypes about people / companies that self host email. Marketing teams at cloud hosting companies (including Microsoft, Google, etc) still leverage these attitudes today towards their own interests.

But also what’s changed is the core technology, and a lot of people I think have noticed these changes, but aren’t fully paying attention to what they mean. Cloud providers are using legalise to claim rights to read, even own, cloud hosted email solutions. GDPR and the upcoming Article 13 will force more of that into the hands of the cloud providers responsibility to do so in the name of artists rights. Which means theoretically at least, less privacy.

On a different note, but related to core technology changes - the miniaturisation of PC’s, Servers and Infrastructure marches forward. The first signs of this could be seen most publicly by the companies and hosting providers who switching to running Mac Mini’s in the corporate / data centres as servers.

SOHO server installs are happening more and more on NUC like computers too. I’m running my mailinabox on such an installation with dual (DSL/Cable) uplinks to it. And it’s running 7 VM’s concurrently @ 10% cpu average load overall. No fans, only 11 watts and just a few hundred Euros to buy.

Mailinabox is one of those products, like Postfix, that back in the early days, solved a lot of problems, but still not a lot of people have experience with it (yet). A brilliant tool that does pretty well on solving a lot of the common gripes most still have about running their own Email server & DNS.

In fact, as someone who’s done crazy amount of installs & repairs (of others mistakes) on Sendmail, Postfix, Exchange, Lotus Notes, CC:Mail & yeap…UUCP… Mailinabox is a pretty damn fine project. I’ve only been using it for a few months now, but I remain stunned how well it works & impressed by the work the contributors and founders all have achieved.

I know GSM Operators and ISP’s who still don’t have their DNSes running properly or their Email servers configured correctly after decades of running them, a few I know have been running DNSSEC projects for 4+ years now, and still don’t have it realised (but that’s related to some past rollout choices, sometimes “worst practices” have been realized, in their own DNS that complicates it all. Because now it’s hard to change their legacy apps around a re-rollout of DNS). Honestly, we think because Email goes to Google or Microsoft, they some how have “magic skills” and “magic budgets” and “magical email wizards”. Nope, their people just like us. With similar time and budget constraints we often find ourselves in. And it’ll get worse for them too.

Here’s why.

As I mentioned above, the products required to run your own infra are becoming cheaper and cheaper, basically becoming commodity products. Sure, if you want to have a server with 198 Cores, it’s going to be a large 19 inch rack you’re going to need, and those are expensive. And then you’ll have to purchase backups for redundancy and availability.

But a 1-50 person company won’t need an Email server with so many cores. They could probably dedicate that to a 2, 4 or 8 core box. One that’s Celeron based and that runs postfix under a VM along with a few other VM’s. Running emailinabox or some other turn-key variant solves a lot of the former problems associated with running one’s own Email server. And if all one needs is a couple of NUC like servers running a VM host, Virtualized DMZeds in which to run Emailinabox - Electrical costs would be in the neighbourhood of a RaspberryPi or 4 on your network for such a server. It all lowers the bar which cloud hosting can compete with. Less profit margins, less the Google / Microsoft / [insert cloud hosting name here] have to spend on administrating customer’s Email.

Further, these cloud companies never tell you if someone’s trying to hack your account, brute force your password, reveal statistics from Network Intrusion Detection, and Application Intrusion Detection. They’ll only tell you something happened, when it’s so public they can’t avoid it and/or legally required to do so. They’ll leave you in the complete dark - security speaking - until that point, pretty much. The security astute company will want visibility on this, where as the one that is not very security aware, will be cool with “making that someone else problems” and paying a small fee for that convenience (read: ignorance).

For some companies making the decision to host on premises vs cloud hosting of email solutions, in some cases it might always make sense to cloud host. It’s a business decision based on financial numbers, really. But there is a fad-like trend to move everything to the cloud, despite the fact many cloud providers are single points of failure, despite the fact that Office365 Professional is the single most attacked cloud service on the Internet today, despite the fact that security breaches in the cloud are a lot more common place than the original marketers promised us they would be. And people will make these decisions assuming their chosen vendor’s mail administration team has a good team culture, always hits their performance targets, etc. Like bad team / company cultures and bad politics never ever happen among the Homo Businessapian species. :wink:

To the company / admins who actually have noticed Article 13 and the GDPR and thought “this could affect our customer privacy” in relation to cloud hosting, it may always make sense to host on premises. I know one German International company who’s very strict about always having “total control” of their critical business assets, including Email. Like those who will always choose for the cloud, these types will always choose their way.

Myself (and fuller disclosure) I’ve run my own Email and DNS (plus contact / cal / web / other) servers since 1996. And since 2000 that has been running across some sort of fixed-IP xDSL connection just fine. And I’ve had Emailinabox running since August of this year, and it’s the first all-in best practices turn-key solution I’ve ever built & I was amazed at how well it has performed until now.

And I also laugh when I hear comments like you say, myself (just last week, btw) when a fellow security colleague said to me “oh dear, I’d never run my own Email server, that’s dangerous. To easy to get the config wrong, so I’ve always been too scared to run one myself” Of course, he didn’t know about Mailinabox at all either. But since he’s not called me back or updated me about his progress after telling him about it (and there was a WTF is this moment in that call…an expression of amazement on his end) I’m figuring he’s still playing with it, checking it out. :slight_smile:

For myself, I’ll continue to run my own Email server on premises because financially it doesn’t make sense for me to host in a cloud. The size box I’d want for this and my other VM’s doesn’t compete financially compared to hosting on some inexpensive NUCs. I don’t have it on a raid config, just yet, but have space for two SSD’s if I want them. Live whole disk image backups and snapshots make Disaster Recovery (from SSD failure or box failure) a breeze, and for my own purposes, if it was down for a few hours even, I shouldn’t drop a single Email. Since I started off on a 100GB SSD and later migrated my VM host to a 500GB SSD (because NextCloud is gonna get some use too now), that upgrade took only 30 minutes, and I used those DA disk images to spin it all backup again.


#4

If you don’t care that your email is handled (received, filtered, stored, examined) by companies that potentially use the contents of that mail to their advantage, you don’t mind spending a (no doubt slowly increasing) couple of dollars per mail address every month until eternity and you are the kind or person who calls roadside assistance to change a flat tire, I would go for Google or O365 or, why not, the mail service of your friendly local ISP.

OTOH, if you want your mail fully under your own control and residing on your own premises, your ISP lets you run a mail server and you don’t mind investing a basic amount of TLC, MIAB is a very nice solution to realize just that. Frowned upon? IMO it makes more sense to frown upon people who, without a second thought, blindly trust their entire correspondence to virtual companies on continents far far away that promise the world but are completely beyond their control when they fail to deliver.

I run MIAB for 2 years now, on a dedicated, €190,- PCEngines APU2 server with an SSD, connected to the same VDSL line that serves my data, tv and telephone. The server is on 24/7 and takes 5 watts when active. Maintenance took me maybe 16 hours in that period, mostly spent in figuring out why my Lets Encrypt certificates one day were no longer updated. Which turned out to be an IPV4/IPV6 thingy at their side. Downtime was once, for 6 hours, due to a failed DSL connection. A DSLAM was replaced and no mail was lost, only delayed.

As I said before, all our mileage vary, but I am really content with this MIAB solution :sunglasses:


#5

BTW, just have to add this … if cloud service providers can’t secure their own online services they built from the ground up, what makes us think they can better secure basic Internet services they didn’t develop themselves, like Email?

“If people would just move all their data to a centralised single point of failure service in the cloud, all of these security problems would just go away. Oh wait…don’t look there, we’re shutting that down.” – Mad Men @ Google


#6

@Woody : re: " the mail service of your friendly local ISP." Yes, this. Having worked for Cloud providers, GSM Operators and ISPs in the past, I’d bet my money on hosting at a locally owned and operated ISP. The chances are better that one will find passionate people who care for technology and their customers & who will go the distance for servicing local customers, over a large cloud provider who just see’s “Subscribers as a pure numbers game”.


#7

For me I see both upsides and downsides to hosting my own email.
Upsides

  1. I have total control over the data on my server, I’m not farming it out to an external company.
  2. Can be much cheaper to run a VPS than paying for email hosting which often comes at a cost per user.

Downsides

  1. Need to take the time to keep the server up to date.
  2. Requires some email knowledge in order to run properly.
  3. You have to be able to support your users with any email issues.

I’m sure there’s others as well. Personally while I find MIAB a good solution, I find it’s SPF, DMARC and DKIM setup a bit too simplistic. I’d like to be able to customise the SPF and DMARC records to suit my needs and I’d also like the choice of being able to turn SPF checking on or off. I do understand some of the issues that SPF can cause but DMARC itself uses an either or algorithm to determine whether or not to pass a mail anyway.

e.g. SPF fail DKIM pass - mail passes.
SPF pass DKIM fail - mail passes
SPF pass DKIM pass - mail passes
SPF fail DKIM fail - mail fails.

I understand Josh’s motivations mind you, but that doesn’t stop me wishing.

I think if people are competent enough to host their own mail server, then it shouldn’t be discouraged, I agree with the thoughts that for the big providers, there’s certainly a lot to be gained by discouraging the use of private mail servers and instead driving customers to your business. For some it can be a better experience if they’re not technically competent as the big companies often have experts on hand 24/7 and an interest in making sure their servers are up and running with minimum downtime.