Why are they calling this a “myth” when they readily admit that even when you are an expert who has been doing it for years, there’s still problems sending to the biggest providers in the world?
There is zero practical difference between “you need to be an expert and you will still fail to get something fundamental working” and “you can’t self-host email”.
> Microsoft 365 however apparently will hate your email no matter what. you learn to live with it
Or you don’t self-host but use a major email provider and don’t have the problem.
> there exist several pieces of folk wisdom:
> - "you cannot run your own mail server in 2025, this is too hard and time consuming" (completely false, i've done this since ~2010 with minimal ongoing maintenance)
This seems completely true according to what they themselves write. It is too hard and time consuming.
> I think the combo of "roll the IP gacha a few times" + "let it sit for 8 months while the VM idles" probably did me a lot of good here
Is letting it sit for eight months not “time consuming”?
> until I cleaned up my IP reputation (which has been awful for almost a decade) Gmail refused to deliver to anything but spam
This is not in any way acceptable to the average person, and it does not meet what most people would describe as “I can self-host email”. “I can self-host email but Gmail sends me to spam” is functionally equivalent to “I cannot self-host email”.
> Or you don’t self-host but use a major email provider and don’t have the problem.
This does not follow.
There can be delivery problems between Gmail and m365 - and even between m365 and m365 - and vice-versa.
Absolutely not on the same scale as 'your' mail-in-a-box toy, though. I'm with OP, even for those who can roll Exim with NixOS or whatever the latest fashion is: mail is not worth the hassle.
I pay Zoho and do/host better things with my time [nearly anything], I have nothing to prove. They [or another provider, not an ad] can fight the mail hegemony; not interested, personally.
Or you just use a mail relay as most VPS providers enforce anyway.
The best solution I've been able to find is to self-host /almost/ everything, but route outgoing mail through Amazon SES.
The pricing for vanity email volumes is negligible (a few cents a year), and they have people whose full time job is wrangling IP reputation / Office 365 / etc.
This setup has survived several ISP/hosting switches; at times when I am lucky with IP reputation I route only mail going to Office 365 recipients via SES and deliver the rest directly; at times when I am less lucky, everything goes via SES.
Unfortunately, most of the world seems to use one of those two platforms.
Routing mail to those two services via a third party seems like the wisest choice. May I ask how you implemented that?
SMARTHOST_FOR_MS = email-smtp.us-east-2.amazonaws.com::587
smarthost:
debug_print = "R: smarthost for $local_part@$domain"
driver = manualroute
domains = ! +local_domains
transport = remote_smtp_smarthost
route_list = hotmail.com SMARTHOST_FOR_MS byname ; \
live.com SMARTHOST_FOR_MS byname ; \
outlook.com SMARTHOST_FOR_MS byname ; \
msn.com SMARTHOST_FOR_MS byname ; \
live.co.uk SMARTHOST_FOR_MS byname ; \
hotmail.co.uk SMARTHOST_FOR_MS byname ; \
* DCsmarthost byname
host_find_failed = defer
same_domain_copy_routing = yes
no_more
There are quite a few other providers of email forwarding services, although I might look at SES myself if its that cheap as I have issues with hotmail (I seem to be OK with most mail to email on MS hosted email on other domains, oddly enough).
...it took OP 8 months of "rolling the gacha" and waiting to get a clean IP; no mention of costs. Not really a solution in my book. If you're willing to wait 8 months for working email, I put it to you you're actually using some other provider for your life and the thing you are playing with is a toy.
I've been self-hosting my email for a pretty long time. I first started down the reputation rabbit hole when a provider decided to shut up shop after a decade of operation, causing me to lose my lovely fixed IP block with its decade-old clean rep. Waiting/playing around isn't really an option when your email is broken and you need it working /today/ because it's not a throwaway toy - your digital life is tied to it.
Still, as I said at the start, if you get lucky, awesome for you.
(I tried several other relay services like mailgun and those /did/ have noticeable impact - SES was the first one I tried that didn't, so I stuck with it).
But it's not that difficult to be honest. Currently my internet provider is init7 and they offer fixed ip4 and set the reverse dns for me which lets me run the server downstairs in the cellar instead of at a colo somewhere (which I was doing for maybe 15 years).
Every now and then I look into moving to a paid service but we have GBs of mail since 1999 and it's just too costly when it's pretty much free for me to host it myself, even taking into account the time it takes for my effort, which is practically zero.
Plus I use my server for a ton of other stuff so it will always exist so I may as well host email too.
Basically, someone new emails me and my server responds with a temporary rejection message saying to try again later and then when their server retries the message 5 minutes later it allows it to go through. This is a standard process to block spammers.
However lately when their email service resends the message it will come from a different server. Something like mailserver-1, then mailserver-2, then mailserver-3, each with a different ip address and each time it gets rejected until it reuses one of the addresses. But with apple for example they have hundreds of servers to cycle through and eventually the message times out and is rejected at their end.
So I have to whitelist senders to skip the temporary rejection. It comes up every few months for me, having to whitelist someone. I think it's a result of every small- mid-size company moving to providers and not hosting their own email, and these providers having dozens of servers. The domain of the server never matches the domain of the sender...
A lot other servers will not play ball here. Your self-hosted mail server, if it lacks IPv4, will not get inbound from mailgun, mailjet, github; neither will it be able to send outbound to cisco/iphmx, as well as about 90% of small servers from what I see in my logs.
I still have a lot of accounts associated to my gmail email, but i've been slowly migrating things over when convenient. It has been a much smaller lift than I anticipated and absolutely worth it.
I recall roundcube to be pretty much the best webmail offering back when I was hosting but also severely lacking two important features:
1. Fast search against mailbox folders/labels with say 100k+ messages.
2. Handling multiple aliases, both individual and catch-all, and being able to automatically respond with the correct alias if an email is received using one.
Fastmail webmail handles the above two cases gracefully and its usually the benchmark I apply when evaluating other providers. My understanding is roundcube is severely lacking with search being IMAP SEARCH, and requiring you to enter multiple identities manually for each alias which doesn't permit catch-alls.
But the real reason I stopped running my own mail is that I didn't trust myself with regular backups (even though I still do them via IMAP on occasion) and disaster recovery. I don't think anyone self-hosting really has this figured out.
On the server itself a cronjob calling rsnapshot [1] is a good habit in the event something gets corrupted or someone deletes mail by mistake and you want to save the day. RSnapshot uses hardlinks to avoid copying the same data to keep the size small which allows for many snapshots. Then a cronjob to call a script that uses either lftp+sftp+mirror or rsync to back up all the important things to a standby node along with a corresponding script on the standby node to quickly copy everything into place and start everything in an idempotent manor can get one back into operation quickly. All of this should be tested quarterly in the event some software update breaks any assumptions.
If running this on VM's in a VPS provider there may be an option in the VPS control panel to swap IP addresses on the active and standby assuming they are in the same region.
[1] - https://rsnapshot.org/rsnapshot/docs/docbook/rest.html
All the typical recommended services though tend to treat mailboxes as the same thing as a person, charging an entire new fee for every single one, and then have hacks like aliases or catch-alls on top. Obviously that works for most and if you're setting up a new workflow can go with that and use other mechanisms for notifications, but for me changing at this point would be brutal. Self-hosted + relay (Amazon SES) works ok though.
That said, I've discovered two nice services (Migadu and MXroute, probably there are more out there somewhere) that charge along my own usage model. Migadu I think has been featured on HN before, and it seems solid. You can make arbitrary accounts under your domain as you wish, the charge is for storage and outgoing mail. So I'm now hybrid, and I could see that making me lazy enough to switch entirely. But I still think knowing how to do it yourself isn't a bad thing, there's some empowerment in having the fallback and remembering how it all works underneath. If nothing else as part of self-hosting you can run your own notifications through it.
1) BEC filters. I run mail servers for several mid size companies that I am part owner of. We are constantly inundated by BEC scammers. But I now have filter lists that block it. You can’t email my staff using any manager or boss’s name and a e-mail that doesn’t match. It basically shuts down the whole BEC scam. I have one business still on Google apps, and we have now had two employees in that business get fooled by the scammers.
2) speed. Amazon AWS SES is great until you want to send 150,000 emails a day. At this point you’re running into issues with network transfer speeds for each request taking too much time, causing the full outbound send to take too long to complete.
Well, sad fact is that one person's exiting subscription email is another person's spam.
Also — I use a mail host provider and I would even think about hosting my mail from “scratch”. And I am never using my domain as a disposable address domain or email per service kinda way ever again. Hell, I might even disable catch-all. Then stick to disposable and privacy email providers like SimpleLogin for the rest.
Self-hosting email is great, if you have plenty of free time to waste, and if you don't particularly care if your messages are delivered.
One little thing the OP failed to mention is that even if you get a "lucky IP address" today, it can be randomly blocked (with no recourse) tomorrow by Google.
MS365 (outlook, hotmail) bounced my emails for a while. Not “classified as spam”, but outright rejected, so you can’t even ask the person to un-spam you, add to contact list, &c.
Luckily, very few people I know use those, and Gmail worked fine. MS365 also works now; I’m not sure what changed.
The entire thread is bullshit then, because you simply cannot learn to live without M365. M365 is one of the largest group of recipients, and especially in the business world (and business is where the money is). So I inbox my friends on GMail, but when I send my CV or an invoice to a business, my email is not received. How does that qualify as "self-hosting is easy and doable". The delusion is strong in this one.
It's modern, secure, and easy to manage.
It's free, but you are encouraged to donate.
On the server I have sogo running so I also use iCal and the Mac and iOS contacts apps.