Why is self-hosting frowned upon? Lots of legacy reasons, some well intended, but many outdated, just like their 5mb file attachment limit policy. Or not unlike your grandmother used to cook a huge ham but her recipe called for cutting in half before baking, but your mom still does it that way, not knowing because grandmaâs oven was too short for the whole ham to fit in, and still does the same - cutting it in two before baking.
People are also just âdetermined to be rightâ which probably influences their ability to communicate. 
Long ago, it used to be that running an email server âproperlyâ would often mean not letting it become a spam relay, not getting hacked through Sendmail (or OS), which meant hardening everything to sufficient levels in both the OS and Sendmail/postfix/exim etc. And along with that meant DNS had to be setup in a way that worked with the Email server, didnât open up more security holes in terms of DNS tunnels, spoof attacks, and empower anyone to exploit holes in DNS binaries themselves.
Couple this with a lack of⌠good tooling, strong security features, good support, human-readable documentation, experience on the beginner and/or knowledge from even the more experienced IT guys on how to set up and make it all work, made the whole challenge quite difficult.
Also the attitude of many companies towards their IT guys, kinda sucked in many organisations, particularly towards Email & likewise choose often for some piss poor products. Early generations of Exchange - which was most common in most orgs still today - couldnât scale well, had horrible UIâs for administration, and were always on the short end of the security stick in terms of features.
Toss in that the Email protocol itself sucks too.
And all these problems still exist today, along with the attitudes everyone has. But the tools have matured and gotten better. Two examples are Postfix and Sendmail. Unix Sendmail was crazy powerfulâŚif you were good in writing in âm4â. But a badly setup Sendmail server was a service / security nightmare, and often mail admins would ignore it, or not be aware till major problems were no longer ignorable. Postfix was the answer to Sendmail & did everything so much better. But there were lots of corporates who stuck with Sendmail because Sendmail was what was âsupported by the vendorâ and swapping out Postfix was not supported. The situation was even worse tho with Microsoft shops based on Exchange - I used to beg so many customers to even drop in a âpostfix gatewayâ for security reasons in front of their Exchange servers, but the vendor of their âsupported solutionâ wouldnât have it, unless crazy fees on his side were paid, if it was an option at all.
All of this created some very negative attitudes / stereotypes about people / companies that self host email. Marketing teams at cloud hosting companies (including Microsoft, Google, etc) still leverage these attitudes today towards their own interests.
But also whatâs changed is the core technology, and a lot of people I think have noticed these changes, but arenât fully paying attention to what they mean. Cloud providers are using legalise to claim rights to read, even own, cloud hosted email solutions. GDPR and the upcoming Article 13 will force more of that into the hands of the cloud providers responsibility to do so in the name of artists rights. Which means theoretically at least, less privacy.
On a different note, but related to core technology changes - the miniaturisation of PCâs, Servers and Infrastructure marches forward. The first signs of this could be seen most publicly by the companies and hosting providers who switching to running Mac Miniâs in the corporate / data centres as servers.
SOHO server installs are happening more and more on NUC like computers too. Iâm running my mailinabox on such an installation with dual (DSL/Cable) uplinks to it. And itâs running 7 VMâs concurrently @ 10% cpu average load overall. No fans, only 11 watts and just a few hundred Euros to buy.
Mailinabox is one of those products, like Postfix, that back in the early days, solved a lot of problems, but still not a lot of people have experience with it (yet). A brilliant tool that does pretty well on solving a lot of the common gripes most still have about running their own Email server & DNS.
In fact, as someone whoâs done crazy amount of installs & repairs (of others mistakes) on Sendmail, Postfix, Exchange, Lotus Notes, CC:Mail & yeapâŚUUCP⌠Mailinabox is a pretty damn fine project. Iâve only been using it for a few months now, but I remain stunned how well it works & impressed by the work the contributors and founders all have achieved.
I know GSM Operators and ISPâs who still donât have their DNSes running properly or their Email servers configured correctly after decades of running them, a few I know have been running DNSSEC projects for 4+ years now, and still donât have it realised (but thatâs related to some past rollout choices, sometimes âworst practicesâ have been realized, in their own DNS that complicates it all. Because now itâs hard to change their legacy apps around a re-rollout of DNS). Honestly, we think because Email goes to Google or Microsoft, they some how have âmagic skillsâ and âmagic budgetsâ and âmagical email wizardsâ. Nope, their people just like us. With similar time and budget constraints we often find ourselves in. And itâll get worse for them too.
Hereâs why.
As I mentioned above, the products required to run your own infra are becoming cheaper and cheaper, basically becoming commodity products. Sure, if you want to have a server with 198 Cores, itâs going to be a large 19 inch rack youâre going to need, and those are expensive. And then youâll have to purchase backups for redundancy and availability.
But a 1-50 person company wonât need an Email server with so many cores. They could probably dedicate that to a 2, 4 or 8 core box. One thatâs Celeron based and that runs postfix under a VM along with a few other VMâs. Running emailinabox or some other turn-key variant solves a lot of the former problems associated with running oneâs own Email server. And if all one needs is a couple of NUC like servers running a VM host, Virtualized DMZeds in which to run Emailinabox - Electrical costs would be in the neighbourhood of a RaspberryPi or 4 on your network for such a server. It all lowers the bar which cloud hosting can compete with. Less profit margins, less the Google / Microsoft / [insert cloud hosting name here] have to spend on administrating customerâs Email.
Further, these cloud companies never tell you if someoneâs trying to hack your account, brute force your password, reveal statistics from Network Intrusion Detection, and Application Intrusion Detection. Theyâll only tell you something happened, when itâs so public they canât avoid it and/or legally required to do so. Theyâll leave you in the complete dark - security speaking - until that point, pretty much. The security astute company will want visibility on this, where as the one that is not very security aware, will be cool with âmaking that someone else problemsâ and paying a small fee for that convenience (read: ignorance).
For some companies making the decision to host on premises vs cloud hosting of email solutions, in some cases it might always make sense to cloud host. Itâs a business decision based on financial numbers, really. But there is a fad-like trend to move everything to the cloud, despite the fact many cloud providers are single points of failure, despite the fact that Office365 Professional is the single most attacked cloud service on the Internet today, despite the fact that security breaches in the cloud are a lot more common place than the original marketers promised us they would be. And people will make these decisions assuming their chosen vendorâs mail administration team has a good team culture, always hits their performance targets, etc. Like bad team / company cultures and bad politics never ever happen among the Homo Businessapian species. 
To the company / admins who actually have noticed Article 13 and the GDPR and thought âthis could affect our customer privacyâ in relation to cloud hosting, it may always make sense to host on premises. I know one German International company whoâs very strict about always having âtotal controlâ of their critical business assets, including Email. Like those who will always choose for the cloud, these types will always choose their way.
Myself (and fuller disclosure) Iâve run my own Email and DNS (plus contact / cal / web / other) servers since 1996. And since 2000 that has been running across some sort of fixed-IP xDSL connection just fine. And Iâve had Emailinabox running since August of this year, and itâs the first all-in best practices turn-key solution Iâve ever built & I was amazed at how well it has performed until now.
And I also laugh when I hear comments like you say, myself (just last week, btw) when a fellow security colleague said to me âoh dear, Iâd never run my own Email server, thatâs dangerous. To easy to get the config wrong, so Iâve always been too scared to run one myselfâ Of course, he didnât know about Mailinabox at all either. But since heâs not called me back or updated me about his progress after telling him about it (and there was a WTF is this moment in that callâŚan expression of amazement on his end) Iâm figuring heâs still playing with it, checking it out. 
For myself, Iâll continue to run my own Email server on premises because financially it doesnât make sense for me to host in a cloud. The size box Iâd want for this and my other VMâs doesnât compete financially compared to hosting on some inexpensive NUCs. I donât have it on a raid config, just yet, but have space for two SSDâs if I want them. Live whole disk image backups and snapshots make Disaster Recovery (from SSD failure or box failure) a breeze, and for my own purposes, if it was down for a few hours even, I shouldnât drop a single Email. Since I started off on a 100GB SSD and later migrated my VM host to a 500GB SSD (because NextCloud is gonna get some use too now), that upgrade took only 30 minutes, and I used those DA disk images to spin it all backup again.