| ▲ | johnklos 3 days ago |
| The true value of a company can be measured by our ability to communicate with them. If we can't communicate except after public outrage, then what does that say about the company? Here's a genuine question: is Proton Mail the least shitty of companies that provide email services? I self-host email and will continue until I die. But for others who need a company to do this for them, is Proton Mail the least shitty of options? Does this change the evaluation? I'm genuinely curious about the opinion of others here. |
|
| ▲ | crossroadsguy 3 days ago | parent | next [-] |
| To answer your question, from my limited experience: no. There are better or less shitty companies like Fastmail, Runbox (tried them), even Purelymail (but 1 or 2 people setup), Mailbox (shitty support, solid setup; I am a customer), Migadu (good name, I have never used them), there's Tuta (but somehow they seem off to me; like Proton they also do not allow IMAP/POP - Proton allows with some circus), MXRoute has good name at places like LET forum. There's even Zoho if you just a mail service (but then if you use Zoho then only reason to not use Google or MSFT will be cost or just the middle finger :D) … and many more. So there are options. PS. as per self hosting email - I can't self host my seedbox properly on a VPS, I don't think I should even try email :) |
| |
| ▲ | cedws 3 days ago | parent [-] | | Not allowing IMAP/POP isn’t just for the lulz, it’s not compatible with the encryption architecture Proton uses, which is kind of the selling point of the product. You can either have your emails encrypted at rest with your key OR you can have plain IMAP/POP without a bridge client, you can’t have both. | | |
| ▲ | int_19h 3 days ago | parent | next [-] | | I never really understood the point of that. If you are exchanging emails with someone using one of the most popular email services that together make 99% of the marketshare, their server retains your email unencrypted anyway. So the only time that encryption will really matter is when emailing someone who is also using Proton. | | |
| ▲ | mjh2539 3 days ago | parent | next [-] | | > the only time that encryption will really matter is when emailing someone who is also using Proton. Correct, and this was/is explicit when you first sign up for a proton email account. | |
| ▲ | kevin_thibedeau 2 days ago | parent | prev [-] | | Proton also supports PGP emails... for the dozen or so people who are setup to receive them. | | |
| |
| ▲ | crossroadsguy 3 days ago | parent | prev [-] | | Did I anywhere say it was for the "lulz"? |
|
|
|
| ▲ | traceroute66 2 days ago | parent | prev | next [-] |
| > The true value of a company can be measured by our ability to communicate with them. True, but sadly too many people don't care. Look at how many people will happily throw $$$ per month at Claude when it is basically absolutely impossible to contact a human being at Antrhopic. > is Proton Mail the least shitty of companies that provide email services? Tutanota could be worth a look. |
|
| ▲ | gond 2 days ago | parent | prev | next [-] |
| I self hosted for 20 years, worked flawlessly, gave up because of security concerns. I would like to go back to it. Question: How do you manage the security on such a box? Is there any simplification I missed? I couldn’t keep up with it. So many patches, unrelated to mail, broke something in the stack, bringing the server into a critical state. Often, I had to lock down everything before going up again, consuming a day’s effort or two. These were two days without mail. |
|
| ▲ | jegp 3 days ago | parent | prev | next [-] |
| What's your stack? After reading this, self hosting suddenly appeals to me. |
| |
| ▲ | _kidlike 3 days ago | parent | next [-] | | forget about self hosting email... I tried it for years, and even if you get it working (needs months), it will eventually stop working again. The problem is that in order to get the big boys to accept you as an email provider, you have to jump through infinite hoops, and be treated like a criminal and/or scammer in the meantime (or at best a business that is trying to send newsletters). You will never get a human to talk to, it's just an infinite loop of automated processes. Anyway, the problem is "trust" which boils down to IP reputation. And since we are all still on ipv4, your IP was reused. Which means you need to spend months cleaning it. And you won't have a guarantee that you won't lose this IP in the future. | | |
| ▲ | traceroute66 2 days ago | parent | next [-] | | > I tried it for years, and even if you get it working (needs months), it will eventually stop working again. I've been self-hosting for decades and have never, ever seen the sort of problems you suggest. Once its working, its working. When people have a problem, its usually because they are trying to either: (a) host off a home internet connection; or
(b) host off a less than reputable hosting provider.
Both of which should frankly come to no surprise to anyone with a modicum of technical know-how.Hosting off a home internet connection, assuming the ISP will even open the ports in the first place, has been something to avoid since, well, basically forever ... certainly anywhere after the late 90's. Hosting off a less than reputable provider is the same. I'm not going to name names, but certain providers are well known for originating spam or not responding to abuse@ messages. | | |
| ▲ | pengaru 2 days ago | parent [-] | | I too have self-hosted for decades, there was a brief period of annoyance where I had to set up SPF records long ago, but since then it hasn't been problematic AFAIK (not that I'm in constant contact with people on all the major providers). However, a close friend and fellow ex-sysadmin who also has self-hosted since the 90s, has had some headaches in recent years. He upgraded his dedicated server at the same US provider I use, without attempting to preserve his original IP addresses. He hosts email for his wife's small business, and with the new IP addresses has come a lot of problems.
Her billing is performed primarily via email, when the emails get blocked, her income is directly affected. It's so bad sometimes I'd say it's straining their marriage. This isn't at a disreputable hosting company. It's simply the reality of provisioning new systems receiving new ipv4 addresses inherently from a pool outside the pre-spamers-and-scammers-everywhere era, these addresses have passed through a dumpster fire of abusers. At this point I'll never retire my dedicated server just to hang onto its IP address with a clean history I've controlled since the 1990s. Even if the machine becomes nothing more than an overpriced reverse proxy to somewhere else I run the real back-end on... the address has become the primary value. So when advising people begin self-hosting, at least consider the reality of available ipv4 addresses they're likely to end up with. Even the reputable vendors have been used by malicious actors buying hosting with stolen credit cards and fake identities. We can't have nice things. |
| |
| ▲ | progbits 3 days ago | parent | prev [-] | | Can't you just use a paid SMTP relay which will have good reputation. Sure not exactly selfhosted but trivial to switch. |
| |
| ▲ | BLKNSLVR 3 days ago | parent | prev | next [-] | | Not who you asked, but I self-host some non-critical mail domains using Mailu[0], which is a set of docker containers. It's been fairly low maintenance. Ease of setup depends on your technical knowledge, but if I can do it, and you're on HN asking the question, you'll probably manage. [0]: https://mailu.io/ | |
| ▲ | johnklos 2 days ago | parent | prev | next [-] | | I'm still running Sendmail on NetBSD, the way I've been running it since the '90s. You'll find plenty of people telling you to not do it, but they mostly seem to think that others shouldn't do things because they can't. The biggest problem with self-hosting email is deliverability, and it's easily handled by smarthosting through a reputable service, so anyone who says it can't be done hasn't really thought things through very much. | |
| ▲ | yogorenapan 3 days ago | parent | prev | next [-] | | I've been self hosting my email for a couple years. Currently using mox https://github.com/mjl-/mox
I'd avoid popular server providers like Hetzner or DO. Lots of abuse there so you might get dropped.
https://www.eth-services.de sponsors mailcow and has been pretty reliable | |
| ▲ | thr0w4w4y1337 3 days ago | parent | prev | next [-] | | So, now you have to worry about your VPS/Internet provider deplatforming you. Or about your domain name being seized. And spam filtration, backups, redundancy... I'm not saying email self hosting should not be done, I just say a bit of planning should be done. DNS seems like the most annoying part, it is SPoF by design. The problem can be mitigated, but seems like cannot be solved. For example, owning multiple domain names in multiple jurisdictions. And round-robin them. You cannot eliminate SPoF for any one specific service you want to login using email. But you won't lose access to everything at once. Edit:
P.s. At the same time, owning your domain for mail seems to be one of the most impactful things to do to reduce digital serfdom. Banned at *mail? Just switch those MX records and go on. | | |
| ▲ | johnklos 2 days ago | parent [-] | | > So, now you have to worry about your VPS/Internet provider deplatforming you. Or about your domain name being seized. And spam filtration, backups, redundancy... Your VPS / ISP better have a good reason to "deplatform". If you're really worried, use two different ones. Also, people have more problems with being "deplatformed" by Google, often with no reason given, and with no way to communicate with a human about the issue. Look it up. I'd be more worried about that. DNS isn't a single point of failure. Nor is email when it comes to reception (that's what backup MXs are for). If you need redundancy when it comes to being able to fetch email, you can easily have the primary MX also forward to mailboxes on another host so you have two (or more) copies of everything. None of this is all that hard, and people have been doing it for ages. Give it a try :) | | |
| ▲ | thr0w4w4y1337 a day ago | parent [-] | | 1) To quote myself: "I'm not saying email self hosting should not be done, I just say a bit of planning should be done". I self host my email. I just meant it is not "just rent a VPS and slap some docker containers on it" 2) I never said receiving email is a SPoF 3) Please explain in detail what do I do in order to keep receiving emails using "me@johndoe.com" after johndoe.com gets undelegated. I do not know of a way and would very much like to know. If there is no way.. It is a SPoF. edit: formatting |
|
| |
| ▲ | seszett 3 days ago | parent | prev [-] | | OpenSMTPd + Dovecot is extremely easy to setup and maintain. For my parents, I registered a domain on OVH and they use the free email accounts they come with. So that's an independent, ready to migrate, email account for about 8 euros per year. |
|
|
| ▲ | dbpcut 3 days ago | parent | prev [-] |
| [dead] |
