ProtonMail has been my go to, really fantastic service, you get simplelogin as well and can add custom domains up to 10 iirc. And the VPN is top tier too.
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
I used to self host email and got sick of my emails never getting through. Email is federated in theory, but pretty centralized in practice. Paying for Proton was definitely worth it.
Someone shared this post about ProtonMail the other day and thought I should share here as well.
An interesting read - thanks for sharing.
After reading that post and the linked github issues, with the latest updates and comments from the last 24 hours. Here's the TL;DR:
- This is only relevant if you want to use an email client with Proton Bridge.
- If you're just using Proton for encryption and signing (you can use the same PGP outside of proton too) then there is no issue at all.
- If you want an external tool (like a hardware yubikey) to decrypt your messages that someone else has sent to you using the public key that corresponds to the external tool there will be signature validation shenanigans. This is because Proton expects to be the only entity doing any encryption.This is an important issue for those that need to send encrypted emails (and signatures) with specific keys.
- It is not an issue for anyone using Proton email for a secure email service even if they want to use an external email client on desktop (like Thunderbird) with Proton Bridge.
Please correct me if I missed something.
CC: @howlingecko@sh.itjust.works
You got it right, lots of drama, not really anything to worry about unless you're very fringe and have people you email via PGP with "super secure" PGP keys (and honestly I'd trust Proton more than I'd trust most people to roll their own PGP... it's hard stuff to get PGP right).
How good is spam detection on ProtonMail? Especially compared to some of the big players like GMail?
Edit: I moved my primary email address to ProtonMail. Spam-Filtering is simply not good. About 50% get through just fine, even if it's very easily identifiable as Spam / Phishing. I love everything else about ProtonMail but Spam-Filtering is simply not good despite relatively positive reviews I found about it.
I recommend fastmail.com though they do have done shortcomings that you need to consider such as the fact that they're based in Australia (five eyes country) and have servers in the USA. Their advantage is a slick interface, fantastic app based on JMAP, and just generally being super convenient. They allow catch all addresses, masked emails, custom domain etc. I find them super convenient.
Another upvote or seven for fastmail.com - I spent a little too much time spinning my personal domain hosting through Fastmail, Tutanota, Proton, mailbox.org... and then came back full circle to Fastmail.
Their shortcomings, if you're concerned about privacy, are listed right above^^^ but I don't think you can find a better email hosting provider for the pricing.
Email isn't that secure anyway (don't use email if your life or freedom depends on it), so I don't see that as much as a downside.
Proton and fastmail you can use custom domains. I only have experience using fastmail. They provide great instructions for the settings in cloudflare (mx records, etc). My domain is purchased through namecheap.
I can receive mail on *@mydomain.com and I can send email from any thing I want ad-hoc (anything@mydomain.com or anything@anything.mydomain.com)
I thought about selfhosting as well, but the internet concensus was it can be a hassle with your email getting rejected.
I've been very happy with mxroute for quite a few years now. They have a summer deal going on for $40 a year for unlimited domains and accounts, you're only limited by storage (100GB) and outgoing emails per hour.
t would be helpful to know what you consider basic features you want the host to support, but catchall works.
I self-host my main email account, but use MXRoute as an outbound relay. Works great.
I do have some email accounts that use MXRoute. The Crossbox webmail system they use is very good.
Same here, very happy about mxroute, they even have a plan where you pay once for lifetime account.
I have a couple domains that are very low volume for outgoing mail. I use Migadu. I'm happy with their cheapest tier ($19/year for both domains). They have catch-alls and many other nice features.
Edit: They have no hard limits on the number of addresses, users, or domains and such. They just want you to be reasonable. You choose a tier based on your average quantity of outgoing mails per day. Again, there are no hard limits; they won't cut you off unless you abuse the system.
Seconding Migadu! I’ve had them for about 3 years now and never had a problem.
I’ve just moved my email hosting from Fastmail to Migadu, very competitive pricing if you have a lot of users/mailboxes/domains but not that much email traffic
I use Fastmail and it’s pretty reasonable, has some nice tie-ins with 1Password, alias emails, etc.
Purelymail.com has been great for me for years. Insanely cheap and just works.
Honestly any service that offers cPanel can allow mail hosting and a catchall.
If you just want a basic IMAP/SMTP service with nothing fancy I know these guys do allow catch all mailboxes https://hostinguk.net/email
For 24$/year porkbun has been really easy!
ProtonMail for regular email + smtp2go for services to send outbound email.
I use Proton mail and Anonaddy.
Proton mail offers catchall, assuming you mean what I think you do. Basically I can receive mail sent to anything@mydomain.com, though my account only has 5 named accounts that I can send from.
I can't recommend Migadu enough. I'm on the $99/year plan and have dozens of domains and clients with their own domains too, it's easy to manage and does everything I need it to.
If it is just for email forwarding maybe a service like https://anonaddy.com/ or https://simplelogin.io would work. Catch-all is even included in the anonaddy free plan as that is something you actually do not want to have enabled 😄 For your custom domain you have to have the lite plan at least though.
I've enjoyed runbox.com for years but don't think they offer catch-all, at least not when I last checked. You might look at mxroute.com, I heard about it later and might have gone with them first and they somehow seem more likely to support that
I've used runbox for I don't know how many years now. They do support a catch-all, as I make up email addresses on the fly with my domain and it works just fine.
Protonmail for actual hosting and Cloudflare for free catch-all forwarding.
I self host my imap Server that my clients access. I have a minutely cron job that first fetches, then deletes, the emails from my mail provider.
I don’t self host smtp.
With that I have all the advantages of self hosted email, but no integration problems.
I can highly recommend purelymail.com. They allow multiple domains, users and catch all accounts. They are great value, with a flat rate $10 per year ‘simple’ price, or you can pay per resource which for most people works out cheaper.
Been with them for over a year and been really good. Had a slight issue setting up one domain and their support were friendly, emailed back and sorted it out straight away for me.
Whatever hosting service you're going to use, if you're not afraid of a little bit of Lua coding, consider using imapfilter
-- it's a swiss knife for backups, pre-sorting, hooks and migration.
imapfilter is a (criminally underrated, IMO) tool for writing e-mail rules in Lua, which allow you to do tons of things, but my favorite is migrating e-mail, regardless of account.
See, unlike most filtering/sorting systems which are either completely proprietary or limited to single account (exportable as Sieve, if you're lucky), imapfilter does not care where each "end" of the rule is: you can write rule that migrates from account1/folder1 to account2/folder3.
This allows you to completely decouple any sorting, pre-processing, hook or backup system from the actual locations or providers you happen to be using, as well as it allows you to combine any number of locations in any simple or complex way you need. Whatever system you will end up creating will stay with you as long (as you can use IMAP locations), so you can really focus on making it work long-term and have it fit into the big picture.
I've been using it for almost 10 years and ever since it has changed my whole world of e-mail. I have constant set of rules that take e-mails from set of inboxes (each box for different purpose, each on different provider, for reasons) and sort them to folders on my "actual" account, where I get to read them on my terms. I also have several of rules that run custom scripts exporting CSV's, etc. (The rules are Lua programs, after all, so sky is the limit.) If I ever need to migrate my domain to another service (believe it or not, happened more than once in 10 years), all I need to do is set up the new account as base for the rules, but all of my rules are always going to be preserved.
In my past work I actually used imapfilter to move all IMAP from company Gmail to a locally maintained (on company laptop) Dovecot instance so that I could eventually use a sane client to get my work done. (And because the instance was local, I could access my e-mail offline with best possible speed.) One could do a similar thing with personal/freelance e-mail -- just run Dovecot somewhere at a trusted place (you won't be sending/receiving e-mails here, you will be only using IMAP to IMAP commands, so none of the horrors of self-hosting e-mail apply) and use imapfilter to route all email there, then back up your dovecot folder and you're all set.
Except for need of coding, the disadvantage is that, I need an independent machine that runs 24/7 in order to keep sorting the e-mail (I do it cron-based but you can also do it continually) but that has not been a problem for me as I'm the self-hosting-nerd that's going to have such machine anyway.
Again, perhaps with more clarity:
With imapfilter you can
- choose where you will host your "actual" e-mail, let's say you choose according to best spam filter.
- choose where you will store your e-mail long-term.
- choose where you will access the e-mail for everyday use (this could be several separate accounts if you wanted to eg. use one on your phone and another one on your workstation)
- choose where you will run imapfilter and any script hooks
- start building your rules.
1-3 could be same provider or different providers, including your custom dovecot instance, you will simply choose based on convenience and limits. If you ever need to change one of the endpoints (providers), you just need to rewrite them in your ~/.imapfilter/config.lua. (And migrate, which can be done using imapfilter or manually using any sane client, eg. Claws Mail...)
I found mxroute, it works very well for me. I can't say much about specific features since I just wanted a simple email host.
I like and trust Proton Mail, and they support setting up custom domains while hosting your email data (for subscriber users).
You can then access it via their web mail box, via their Android and iOS apps, or via a desktop email client if you install their "bridge" application. The bridge application basically maintains the secure encryption ethos of their email system by ensuring all email traffic between your desktop and their servers remains encrypted, but can still be accessed via your preferred email clients such as Thunderbird or Outlook. The bridge is available for Windows, iOS and Linux.
I personally recommend Protonmail as it's primary focus is security and encryption, yet it does this in a very well developed and slick interface, so you get the best of both worlds. I'm a subscriber and moved from Gmail about 2 years ago as I wanted better privacy and security (they even have great tools for importing your old emails from major web providers). I don't have a custom domain but from my experiences of everything else they provide, I'd be confident it works as intended.
EDIT: In terms of cost, its €4 a month for the first tier which includes support for 1 custom domain, 10 email addresses, and 15GB of storage, or €10 for 500GB, 3 domains, 15 emails. They also include VPN, calendar, drive storage and a password manager in both.
Side question. Does anybody know of a decent service that basically works as a smarthost for outgoing and will MX incoming emails back to a mail server I host? I've been self hosting email since the '90s and just don't want all of my email stored elsewhere. The IP reputation chasing is just too much to deal with now.
It's not self hosted but I use Tutanota. I have my own domain anything that comes to that domain shows up in my box. It might be better than the alternatives because it's an encrypted mail service.
Microsoft365. It’s like $6/user/month and you get access to the whole MS suite (Word, Excel, etc.). Email is managed by Exchange Online. Crème de la crop as far as email goes.
If you’re in the Apple ecosystem and just want something barebones then you can use a custom domain with your iCloud account. I think it’s called iCloud+.
I am already paying for iCloud+ so I use their service with my domain. It gets the job done.
Microsoft is a privacy nightmare though.