protonmail

About a third of my domains are on Fastmail for family members to use and for emailing businesses that would spam-flag VPS CIDR blocks. I've taught family members to create aliases for email canaries so they can nullify companies that sell or leak their address.

About a third just point to my name servers and accept email for my domains and most of the popular email domains to give spammers a feeling of accomplishment and to pre-populate ISP DNS caches. Those servers just dump the email into a single flat file. I use these for sending to known malicious entities or when I need a throw-away temporary email address. I just grep out what I need from the text file.

The remainder of my domains just point to non-routable public addresses.

I self host my email. From the very start I had no problems with being rejected. What I have noticed is some companies won't _send_ to me but it's rare so it's not worth paying for hosting service. It really hasn't been very complicated. In the last 3 years I've done it has broken twice.

Primary mailserver at home. Secondary MX in a VM at one of the services; it only stores mail if primary is down, otherwise relays immediately.

Dovecot and Postfix, SpamAssassin and ClamAV; greylisting, SPF and DMARC but not DKIM. I handle mail for my family, some friends, and a few mailing lists.

Using fastmail atm, but going to migrate to my server eventually (because I like to tinker with servers in my spare time). I'm using mail mostly to receive email, so sending mail reliably is not a priority for me.

That said, I used to host my mail server for a while and my mail always went to Gmail inboxes. My recipients don't use some exotic providers like outlook or yahoo, so it was pretty smoooth for me. I know that people have issues with self-hosting mail, so may be it was just luck for me.

My opinion is that as long as you correctly configured stuff on your side, it boils down to IP history and reputation. So buy VPS from some expensive provider in a reputable country (so spammers are unlikely to host in this provider), ensure that received IP is clean (and its subnet is clean), set up DNS, keep it running for few months and it should be good.

I host at a couple of levels:

* Mail in a Box for a bunch of low-volume domains, hosted on a major cloud provider VM. Total SMTP volume ~2k outbound emails a month. This was previously hosted on my own server in a datacenter.

* Plesk/Postfix for a higher volume domain tied to a nonprofit, SMTP relayed out through Amazon AWS. Total SMTP volume ~100k emails a month. Likely moving this to a standalone Mail in a Box installation as well.

Neither has given me any deliverability issues, but I did take the time to register with Google Postmaster, Microsoft's similar service, etc. The only problem I ever encountered was a spammer getting hold of a transactional account last year for about a week -- Google put a hard bounce on not just the server IP but also all domains tied to it. Took about 2-3 weeks before they decided to trust it again.

Yes. At a VPS for the last decade with my own domain. Postfix and dovecot using the ispmail tutorials. SPF and DKIM, no DMARC. Virtual user Maildir storage style. It is only for me. No web mail interface, only imap. The first few years there was a problem with MS Office365 but I managed to get de-listed within a day. I can't remember my last problem. I migrated to Debian 10 in 2019.

I'm still running an older Postfix. Mostly incoming but a few outgoing. Have SPF, DKIM and DMARC configured. My sent mails don't go to Spam except for some times on o365. That issue is well documented, even MXRoute has that issue.

If anyone has any experience with Docker-Mailserver, please share. I'm exploring exiting Gmail.

https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/basic-installation/

I think it's important to at least own your email domain, so you can keep your address when changing hosts. Hosting myself is too much of a hassle, so I go with PurelyMail. It's wonderfully cheap and works great. Had no issues with delivery so far.

Yes. Using Mailinabox.email on a €3 VPS, since 2016. Have had zero issues with it.

I mostly use aerc but recent versions of Roundcube are pretty slick as well.

I host my own using a VPS with OpenBSD, OpenSMTPD, and Dovecot. I like having unlimited mailboxes and aliases.

In-bound is easy with DNS checks filtering all spam. Out-bound is somewhat out of my control, so I use a relay like smtp2go or sendgrid for reliable delivery.

I use Gmail. I used to self-host when my time was worth $15.50/hour (college), but these days I have many things more important in my life than meddling with email servers and fretting about deliverability.

I'm self-hosting since 2005, moved from Courier to Postfix/Dovecot/Rspamd to dual server Maddy/Dovecot (replicated)/Rspamd + legacy Postfix (to be scrapped when I find time) setup. I've changed IP addresses and domains over time, and everything was perfectly smooth. Both machines are my own hardware, on residential ISP connections on different continents (with some tunnels for one machine where ISP is less friendly). Have some plans to throw in asymmetric encryption and add some MTAs running on machines outside of my physical control (a VPS or something) - but I'm quite fine with what I currently have.

Maddy instead of Postfix because Postfix configuration gets quite messy with complex virtual users logic. I was trying to refactor it, trying to devise some sort of DSL to make things more bearable - and found myself wishing there'd be something more straightforward. Maddy was a good fit (and it has a modern easy-to-understand codebase that I can hack on it if I need to). It's much smaller and simpler than Haraka, but still has all the features I need, and looks secure (I swept through the source code and found nothing obvious).

Dovecot is a very fine piece of software. I was considering Wildduck, but haven't figured out a contingency plan if I'm going to dislike it in the long run. As long as all my mail is a Maildir (with some extra indexes I can just ditch), I have no worries - I'll always be able to read it. So I've just set up dsync for the failover (in case one of my servers has a network or power outage) and can't be happier.

Once (somewhere in early 2010s) I had a backscatter issue that put me on a couple DNSBLs, fixed that the same hour I've learned of the issue, filled out some forms on RBLs I was listed on, got removed in a couple days.

Delivery-wise, I've had some issues with Outlook (to an extent I've almost set up an "embassy" there, tricking the system into thinking that my domain is hosted with them and using their own MSA for my outgoing mail to Outlook-hosted domains - proof-of-concept had worked, but I haven't really bothered to implement it in practice as they had suddenly started to receive my mail without issues, and this whole idea is a dirty hack), but otherwise email delivers fine. A couple times Gmail put my emails into spam, but mostly everything worked as expected. Not that I send many emails, maybe a couple dozen a year - it's mostly receiving.

I'd say the main problem is lack of decent mail clients.

Maybe not what you're looking for, but I have a catchall alias setup using Cloudflare, so any mail @mydomain gets sent to my Gmail address.

I can only receive mail, but having my own domain is useful because now I can move without telling everyone a new address.

For my websites, I use Zoho's free mail plan + nodemailer for sending automated password reset emails and the like. It works pretty well.

The best of all worlds is to use your own domain, and point it at a paid professional mail service. It is reliable, and you can easily switch services in the future without changing your email address.

Someone change my mind but I find hosting your email to be risky. I could lose my domain through social engineering or just by being in a coma and there is 0 grace period so if someone registers I lose everything.

I have a catch-all setup on my server that forwards everything from my domain to gmail and I usually give unique addresses when asked. One caveat: I haven't set up sending because I'm too lazy, so I send from my gmail address. Thankfully I receive orders of magnitude more email than I send.

I just use FastMail with a custom domain. What's especially nice is that it lets you generate aliases that use the fastmail.com domain. Great for signing up for sites where I don't want them to be able to identify me. This wouldn't work if I was hosting my own email since you'd be able to link all my identities by matching the domain.

use icloud with custom domain

Installing a working e-mail server takes a few minutes in a terminal, and you are basically ready to send and receive e-mail out-of-the-box, even from a laptop if you wish. Only thing you need is setup SPF records and other similar small-effort requirements, and then your e-mail should reach the inbox rather than the spam folder on must proper services.

If you do have multiple users, then you also need to protect them against e-mail spoofing. This can be done by enabling SPF checks for incoming e-mail.

For live servers with multiple users, you want to limit the number of e-mails being sent per minute/hour to something reasonable, because some unfortunate user is going to get their password hacked sooner or later, and then a hacker might abuse your server to send e-mail unrestricted, which can in turn get everyone else blacklisted.

E-mail security measures has a lot of AoE damage, because when someone gets hacked and spam is sent, receiving servers don't just ban the offending sender e-mail address, instead they typically ban the IP of the server, which will DoS all users of the server. Extremely inappropriate, and it should be illegal, nevertheless that is what they do, and to a certain extend perhaps understandable. But, this is why you place limit on how many e-mails users can send, as it hopefully avoids that issue.

Some hosting providers has insecure server images. E.g. Ubuntu where the root user has no password, since, as they might argue: "you login with key file on SSH anyway"; however, custemers might not realize or remember that anyone can login on the e-mail server with the root user if the port is opened, and the server will become an open relay, as automated tools find it with port scanning.

You also need to make sure that whoever is logged in, and sending e-mail from a given e-mail address is actually the owner of the address. Postfix does not do that by default, meaning that users can just claim to be whatever@yourdomain.com, and there will be no check. Thankfully, you can not claim to be b.gates@microsoft.com, because that will be rejected due to DNS records. In the past you could because there was no check for that..

A lot of issues is of course prevented by simply limiting IP access to your own personal IP, and that's a good idea if you are the only user, but not practical when you got other users.

I use fastmail with my own domain.

I am selfhosting using Cloudron. Works great and I haven't really had any deliverability issues as such (Digital Ocean with Postmark relay)

yes for years. Own SBC Hardware Olimex A20-OLinuXinu at home via cable internet. SMTP sending through a smarthost from a local mail provider with good reputation to avoid delivery problems. Software: Debian stable, exim4, courier, spamassasin. Works great. No problems.

I use fastmail (personal) and Google Workspace (business email). Both are great. The point is to have your email under your own domain in case you need to switch providers in the future.

I have no interest in managing my own email server though.

Yes, I have my own cobbled-together mail setup on a home server. I would probably use a commercial service if I didn't already have a server running numerous other things, though.

I did a bunch of research on this earlier this year. I really do enjoy Gmail, even if it is technically a cloud service. So, I split the difference on this one. I use a Gmail account as "primary", but I still have my own domain for email inboxes. The best option I found is to have my own domain (e.g. at Hover) and then have the MX servers managed by Cloudflare's new product, email routing. They also handle SPF, DKIM, and DMARC. That's described here[1] and here[2]. What's nice about this setup: you have your own domain; you can setup custom forwarding rules; all email flows to a single GMail inbox. You can also still send email "from" those domains if you use the Gmail SMTP server[3].

So then your only concern is backup and email message export. For this, I setup automation with a script called got-your-back (gyb)[4]; it's a nice Python script with incremental backup that can archive your Gmail account and restore it to another account. I set up a second Gmail account to test this restore functionality.

[1]: https://blog.cloudflare.com/introducing-email-routing/

[2]: https://www.cloudflare.com/products/email-routing/

[3]: https://jhart99.com/cloudflare-outbound-email/#outbound-email

[4]: https://github.com/GAM-team/got-your-back

Mailinabox on a droplet, on a domain I own. Has worked great for 7 years now. I receive *@mydomain.com, and when I sign up for a service X I give them servicex@mydomain.com. Good for spam control and that way I know who is selling my address.

Recently I've been using docker-mailserver with my web apps and that's great too.

I've been running my own email server for 20+ years. As of now, it costs well under 10€/month at Hetzner Cloud and it uses Debian jessie and whatever exim and dovecot that came with it.

It also hosts my private git repositories in /var/git and a few other services and websites.

One day, I will migrate it to Arch Linux.

I run Postfix, Dovecot, Spamassassin and Amavis/ClamAV. Works like a charm.

One day I ran in some problem with backscatter causing my mail server to be listed. It's good to setup your server to be less prone to this, I wrote a blog post with some configs / tips:

https://willem.com/blog/2019-09-10_fighting-backscatter-spam-at-server-level/

I got one self-hosted setup: Postfix, dovecot, both IPv4 and IPv6. It has been working for 15+ years and is still going strong. Never had any major deliverability issues.

In my new company we are using Gmail though. Easier to manage for non-tech people and it’s fully managed.

I run a OpenSMTPD+Dovecot SMTP server on a rented VPS with my own domain. It /mostly/ runs fine, but when something breaks, that's really annoying. I think using a paid service with your own domain is probably a lot superior from a technical perspective, but I do like to do some weird things with my email that self-hosting allows me to. I definitely wouldn't recommend it if you don't have a decent amount of free time and technical knowledge.

I used to in the late 90s early 2000s, but it became impractical. I also maintained one as part of my job in the 2000s, and it became obvious that the amount of upkeep/time was not worth it just to host it yourself.

The main headache? Anti-spam. A lot of IP ranges are just outright broadly blacklisted (e.g. residential IPs, some hosting services), but also a lot of individual IPs reused by hosting providers got blacklisted for actually sending spam. Then you have trust scores which are a huge chicken/egg headache (how do you gain trust while being span-binned from the get-go?). You'll spend your days asking to get unblocked from various random third party providers that you may never have heard of (e.g. email a small business about their online shop, and their email vendor bounced you because they never heard of you, they take ten days to respond, and now it takes two weeks to email some random small business).

Plus the ever-changing requirements (and they ARE requirements, if you lack reverse DNS/DMARC/SPF/DKIM/TLSA/valid certificates you will be blocked).

It is just a headache, time, and it actually costs more for the pleasure. Free Google Workspaces killed 90% of people self-hosting, too bad it costs tons of money these days.

Self-hosting since 2015 with Xeams ( https://www.xeams.com ), running in a Linux VM.

Xeams is monolithic (has all SMTP/pop3/imapd/... integrated), using it for 1 domain and a bunch of email accounts.

I access it from K-9 on Android or from a Web-Gui (Roundcube).

I do; a simple Debian/exim setup; it also has dovecot for imap access (only available over a tunnel). I've run it for a long long time (~20 years?) and it only needs the occasional tweak. It's had DKIM/SPF added and gone through a few combinations of anti spam filtering (post reception). It runs on the bottom level VM at a local hosting provider; when I started it they were providing UML! Originally resource usage was a challenge when subscribed to big lists - but these days even the biggest/highest bandwidth lists are no problem for it. And compared to gmail's flaky imap it's fast!

I've used Google Workspaces (formerly G SUITE) for many years without any issue.

Hosting it myself on legacy system for 25years now.

Migrating to postfix at Hetzner that forwards at home hosted server is not for the faint at heart. Still struggling with the plethora of settings that have to line up with dns and forwarding.

For testing your email settings, internet.nl/test-mail is highly recommended.

My DNS provider for my domains provides email account setup and storage through the interface and I use that with clients as well as self hosted web mail. They seem to have solved the issue with emails going to spam so I haven't felt the need to self host it.

This has been part of my web hosting package since the nineties. I've never been interested in the low-level stuff, in this form - managed via an user interface - it's a good compromise. The only stumbling block occurred after more than 20 years in the form of DKIM, SPF, etc., the introduction of which had simply escaped me. This led to a gradual, seemingly non-causal disappearance of email, especially in communications with larger companies.

In the grand scheme of things, I really appreciate this setup. All my domains can contain an infinite number of derived addresses, which makes it possible to control outgoing information. For example, it's easy to detect and eliminate multiple types of spam sources.

I do. For many years I have run a Mail in a Box server hosted on Digital Ocean. I like it very much and have had no problems. MIAB is a wonderful piece of scriptware. The guy promises to follow best practices in all things and, as best I can tell, he delivers. I have rarely had any problem with deliverability or anything else.

I continue to do so for several reasons, hosting multiple domains, ad hoc addresses, etc, but the biggest surprise reason is a completely not email one. It hosts DNS.

I LOVE hosting my own DNS. The first and most important reason is that, unlike all of the other services, there is no delay getting new records on to the net. Until MIAB, the 'will be updated in 20 minutes' thing drove me nuts. It made doing programmer stuff that relied on DNS incredibly annoying. Now, my LetsEncrypt proof is there instantly.

Of course, not being reliant on the good will of Google or having to decide if it's worth another $3.50/month for another address are all good things. But, the other main reason I choose to host my own server is, also why the MIAB guy makes it possible, to cast off the shackles of the corporate overlords.

It is bad to allow a mission critical function to be owned by five big companies. Much like the current consequences of having relied on Twitter for our short form public communication, I see the move to the decentralized Mastodon as similar to my implementation of MIAB. It is, for me, a blow in favor of internet freedom and robustness.

Owned Domain on Fastmail

Used to be on a Legacy Google Apps for Domains before they pulled their forced changed to paid accounts.

Yes, my own mail server for 100-or-so domains with a few hundred users in total, which has been running in its current incarnation since around 2005 (and with 3 or 4 different setups before that, going back all the way to a UUCP node in the early 1990s). The number of domains/users is probably a third of the high-water mark, since many users have migrated to cloud solutions by now, but traffic is still quite significant, with most users having been onboarded long before anything more fancy than Hotmail was a thing.

Mail deliverability has, with some minor exceptions, never really been an issue. These days you need SPF, DMARC, and of course a clean outbound IP reputation, but that's all rather manageable -- biggest deal is setting up strict filtering and rate limits on outbound messages, plus ensuring mailbox passwords can't be brute-forced (complexity rules plus blocking abusive IPs).

The only real recurring issue is people setting up forwarding to gmail.com/outlook.com/whatever, and the target service then becoming temporarily upset due to all the 'spammy' messages being sent: DMARC helps with that up to a point, but not perfectly, and directing users to reverse the mail replication direction (setting up gmail.com to pull, not my server to push) is a common chore.

For the current setup, the biggest headache was finding software with an acceptable webmail and domain setup self-service web interface. Next up was shared access to large mailboxes, Outlook calendar support (which just really can't be done with only CalDAV, even though that should be possible), and (believe it or not) getting 'Drafts' folders to sync across devices.

I don't host my own email server, though I'd like to give it a go one day, even if just as a little sysadmin "adventure".

At the moment, I use the really good Migadu Micro plan.[1] It has very nice limits for the $19/y price (half if you're a student like myself), with a pretty lax and understanding policy. They also care about standards and make an effort for you to configure your domain with all the right records. Even their support was pretty fast and helpful, even in this plan where it's best effort. I am completely satisfied by their service and recommend it to anyone wanting more control over their email, but don't want or can't run their own server.

I've heard great things about FastMail as well. In the end, I think services like these are a great compromise between independence and convenience.

[1]: https://www.migadu.com/pricing/

Did it for 5 years with mailinabox hosted on a cheap 3€/month vps on OVH with a custom .de domain. But I had severals issues in this time e.g. with mails coming from Office 365 Mails. So I switched 3 months ago to mailinabox.org along with my custom domain. Also paying just 3€/month.

Mail on OVH, standard services (IMAPs/SMTPs without strange setups) on my domain to avoid anti-spam issues and have less to maintain at home; homeserver who suck all mails via getmail, autorefile (some) via MailDrop and index them with notmuch. From clients (desktops, a laptop) muchsync over ssh. Planned but not there a WebUI on the homeserver where I'm on the go and I need to search something in my maildirs.

In general I suggest NOT to chose providers offering "safe" services, the more safe/privacy protected etc they claim to be the more likely they do not. What it count is:

- having your own domain, so you can switch from one provider to another NOT change you mail address, all your contacts will not notice the change;

- having mails accessible with standard protocols so it's easy to grab them, for instance GMail IMAP is crap, Tutanota do not offer standard protocols, you are essentially bound to them, Proton offer JMAP witch is NOT proprietary but still not much spread to have a good support and so on;

- having you mails on your iron, you can sync them with OfflineIMAP and nothing else for mere "live copy" on a home server and eventually back to another IMAP if needed;

- if you can USE them with a personal MUA, no matter if a WebUI or TUI or whatever but something local so in case of trouble on the upstream you are still partially operational and if you change the upstream provider you keep your usual UI.

All the above are from very easy and cheap to moderately easy and cheap (at least in absolute terms). Other options might be far less easy and less cheap.

I don’t. I’m thinking of switch to Fastmail with a custom domain.

I self host, have been for more than a decade. I started hosting at home (I had a fixed IP for some time) and moved on a cheap server I rent. I use postfix, dovecot, opendkim with SPF, DKIM and DMARC enforced I use Nextcloud for webclient and k9 on Android.

I wouldn't go back to use something else, what I much prefer: - I'm in control of my email address which is at the center of most of digital life. None of the big provider are up to the task, they do not care at all about me, they do not care at all about the impact of their mistakes (if they decide to block me). - I can manage my own backups much more easily - I can monitor and troubleshoot (with a 3rd party you are totally blind when something doesn't work) - I trust myself not applying any censorship (hotmail and gmail will take the decision to make email based on spam assumption disappear without any visibility from the user)

The downside: - Depending on where you host your system, you can have some issue due to ip reputation. It is something to be careful with before setting up a server - It requires a fair amount of testing, with different providers to ensure that your emails are delivered. - It takes a bit of time. Not too much, but it is still a commitment as, when it goes down, it's quite problematic.

I do. I use postfix and dovecot. It's very simple to run. I always heard nightmares about your IP getting blacklisted and the big provides flagging your email as spam, but it's never happened to me.

I use Postfix, Dovecot, SpamAssassin, CrowdSec , Let's Encrypt on Ubuntu 22.04 with 4 domain names running on an AWS t4g.micro. I've done this since about mid 2015 (seems a lot longer somehow). I've tried to configure DNS, DKIM, DMARC etc correctly. I think the entire setup is at least mostly right, though I'm sure it can still be improved.

To make it do what I want, the mail configuration is a bit complicated. Well it is for me, doing it once every 2+ years and forgetting most of how it all works in the meantime. Presumably it's not complicated compared to large-scale setups or for people who do this as their main job.

Upgrading the OS every 2+ years is a pain, because there tend to be quite a few configuration file changes in the new OS, sometimes different software packages, I have to review everything well enough to understand it, then merge my own changes from the previous setup. And in fact the last time I tried the upgrade failed anyway, I don't know why. Very possibly nothing to do with my mail setup though.

So I've concluded that for OS upgrades it's probably as quick to install on a new VM and reconfigure everything from scratch. That takes me me about a day in total, working from my bad notes, comparing the old and new systems, copying data files etc. Which does not seem like a good way to do things, but it does mean I end up with a clean installation. Also I've been able to switch the underlying VM, so now I'm on the allegedly faster/cheaper ARM instead of Intel architecture. That would not have been possible otherwise, because the OS and application software binaries are different for the different architecture. Also the underlying SSDs are the newest types, and the latest ones are allegedly faster/cheaper.

I have seriously considered trying to script the setup or updates somehow. But I think there are enough changes in the OS between upgrades that for a single system it's just not worthwhile. I'd have to review and fix the scripts, then run them once, then not use them for another 2+ years. Plus learn the tool (Ansible?). Plus I would guess some of my configuration changes are not common so I'd probably be writing custom stuff for the tool as well.

And... I almost never have problems with it. As far as I know mail is sent and received reliably, and for years the server almost never went down. More recently it did hang a few times, though I don't know why. But I suspect it was because the wimpy VM just gets overloaded sometimes. It's not easy to find the reason though, and I didn't want to spend much time on it. Also since that happened I've upgraded from Ubuntu 20.04, and for whatever reasons, it's been fine so far.

Whether this is all worthwhile or not I'm not really sure nowadays. Originally for me it was to learn about the mail software, also because some software I wrote for an older project did a lot with email, so I had a kind of professional interest. Also I wanted to use my own domains and be independent of an ISP. Plus I sometimes use the VM for other things, such as a rarely used OpenVPN server in the past, replaced with Wireguard now. Also technical experiments sometimes. And if I could think of anything worthwhile to have on a website I would use it for that.

But if you just wanted easy and cheap email with your own domain(s), I think the best way could be a "traditional" hosting service. Compared to what I'm doing, you could get far better performance, storage space, bandwidth, backups, reliability, maybe security, everything else. And probably more cheaply, with near zero time and effort and hassle, and without having to be try to be a biennial mail configuration expert. Plus if there were any problems the hosting company would fix them, or provide support for you.

So for most people I think it's difficult to justify running your own mail server. There'd have to be some specific reason. Which might just be that you want to!

Yes, dovecot+postfix with aliases stored in ldap.

I can't go back to anything that doesn't have a sieve implementation for filtering.

Does anyone have experience with Amazon Workmail? Considering moving to there from Gmail

I host email from my basement. Rackmount server down there runs all my VMs, including ones for Postfix, Dovecot, and Rspamd. Apache Solr/Tika are connected to dovecot for full-text IMAP search. Never had any issues, but I have postfix on a static IP from a business-class cable internet connection, so I'm sure that helps.

Dovecot and the postfix submission port (587) are only accessible internally, or through my home wireguard VPN.

Rspamd catches just about all junk mail. I might have one or two messages a week slip through. Moving messages to/from the Junk folder trains Rspamd to recognize spam/ham.

Make sure the IP of your mail server has reverse DNS in place, and set up SPF/DMARC records and DKIM signing, and you should be fine. I've been doing this for a decade and never had any problems.

I do maintain a separate, paid email account at a commercial provider for things like banking. In case I die, I don't want my poor wife to deal with my crazy email setup.

This topic always brings up so many hysterical naysayers, I almost wonder if some are paid Gmail shills!

I run a small cheap public VPS (512 megs RAM) which only runs Wireguard. It takes the public ports and tunnels them to my home machine (2 Gig VM) running Ubuntu running postfix, dovecot, mysql (for users, domains, aliases), fully self-hosted over 20 years. That's for personal and some business. I run my own simple spam fighting service I wrote in plain Java and run it in Docker. The same 2 Gig VM also runs my multiple web sites all in Java. That same 2 Gig VM runs on KVM on an Ubuntu host.

I use Gmail, Hotmail, Yahoo for stuff I don't really feel is personal but potentially important, useful or otherwise interesting.

Yes. VPS with Mailcow. Easy to set up and configure, even the DNS stuff. You do need a rather beefy VPS (6GB of RAM or so) if you want to enable mail indexing and antivirus, though, it's costing me about 8 euros a month for hosting (though I'm also using the server for other stuff so it's not just email) and about 12 euros a year for the domain.

I use G Suite nowadays, but I used to self-host up until a couple years ago. Mailcow is (or at least was) pretty nice and reliable: https://github.com/mailcow/mailcow-dockerized

Yup, OpenBSD + OpenSMTPD off a wholesaleinternet dedicated box, for roughly a dozen domains. Previously, Postfix and/or qmail.

If anyone's got any tips or contacts for getting off of Microsoft's (live.com, outlook.com, hotmail.com ,etc) blacklist, I'd be much obliged. Their webform for such matters goes nowhere, and postmaster@ goes unanswered. It apparently has to do with the ASN of my hosting provider, but I've been on the same IP for 6+ years now and have done nothing untoward with it.

Hosting my own for more than 10 years. Using a hosting provider's box. Postfix, dovecot, roundcube stack, and letsencrypt certs. Postfix is pretty solid. Install and forget.

First thing I do when moving to a new server is check whether the new box's IP is black listed in any mail-blacklist-dns service. If not, it's good.

What I have also found is that Gmail and other services are relatively forgiving on your server's IP, but marks mail as spam based on context and content.

Yes, since ~2008. Yes, sometimes mails go straight to google's 'spam' folder or I get cryptic bounces from MS. Once you have your SPF, DKIM and DNS RTR records it's mostly a smooth sailing. Yes, I'm totally fine with investing 2-4 hours per year troubleshooting delivery issues. I don't by argument "I'm paid $50/hour so I won't", I, in contrast, paid yearly+bonus and outside of 40 hours/week my time is 'free' and I'm OK to spend it on activities like maintaining my servers or preparing my own food or cleaning my own house.

I self host a mailserver on a hetzner VPS running NixOS using nixos-mailserver [0] (dovecot and postfix under the hood).

[0] https://gitlab.com/simple-nixos-mailserver/nixos-mailserver

Sorta. I run my own mail server for receiving but I send through google. Helps that I'm using only one email addy on my domain.

I've set up smtp servers for various projects with SPF DKIM etcaetera and they work (even Google accepts them) so it can still be done.

One day I'll do it for my own server ;)

It's the only way to do mailing lists without spending tens of thousands a month (once you're at a certain amount of recipients)

I run my own email.

I have my own physical servers, that I built and tested myself, that I'm colocating. They handle both incoming and outgoing, and I've been doing it for so long that there is no previous reputation for the IP addresses I use.

In spite of how vehemently some people, Reddit's /r/sysadmin, as an example, want you to NOT host your own and use issues like deliverability as reasons, it's really not hard at all. It's super simple to refute all the major points they make, because they're so painfully weak that anyone that believes them may actually not have the aptitude to do it, and therefore shouldn't be telling others to not do it.

1) The primary issue brought up is deliverability. If you don't have a static IP, or you don't have control over your reverse DNS PTR, or the reputation of your IP is poor, then pay a company to smarthost your outgoing mail through them. It's a few $ a month, and poof! Problem solved.

2) There is no problem 2! Incoming email is incredibly straightforward. Even if you're on a residential network that blocks incoming port 25, you can pay for a VPS or something like that on a public address and port forward to your mail server.

Why make a distinction between simply hosting your email with a VPS and doing this? Well, one of the primary reasons for people hosting their own email is being able to possess your own email - that is, your email isn't sitting unencrypted on a server that you don't control.

I've even run an email server in my car while driving across the country, just to show how easy it is. It uses tinc to forward a public address and had no issues with email in either direction :)

I've been hosting my own email for 20 years.

I started on grokthis.net, they got acquired by Rackspace, stuck w/ rackspace longer than I should, groomed an elastic AWS IP for a year, got reverse DNS Mapping on it, and it's been pretty good.

Years ago, I was blocked once a year, and have not really seen much deliverability issues. More recently, either due to the reputation, or AWS being more diligent in blocking abusers, or blocklists being more focused, I have not had many if any issues. DKIM, SPF, DMARC all setup help.

Rspamd, postfix, dovecot, and roundcube are the tools I use to manage it, and it works for my pretty light load. There was a fun incident early on where my Bank did not send a 'Date: ' header (which is legal, per spec), but an rspamd default rule scored that as a high spam signal.

It's helped me learn about SMTP and all the related tech, and for someone who's in systems + operations, it's not that heavy a lift to do on the off time.

I have two custom domains for email. Used Fastmail for them for several years, but now have both in iCloud Mail through the custom domains support that comes with Apple’s iCloud+ product. This support was pretty rough-edged a year ago, but has improved sufficiently that it’s now worth saving the $50/year for Fastmail (one domain was only an alias, so I didn’t have to pay for two accounts).

Yes, postfix+dovecot+sqlgrey+postfixadmin, since about two decades. Well I started out with qmail+vpopmail+courier way back - no one recommends that nowadays I'd wager! My current setup is about 15 years old and takes very little effort to maintain.

Several domains, several aliases, but I'm intentionally the only user. Because if I would hand out aliases to people they'll inevitably start receiving some spam there, that then gets forwarded to the {hotmail, gmail, ...} that they're alased to, and when at those termini it can be subsequently marked as spam. I surmise that that could be bad for my mail server's reputation and that's why I don't hand out aliases. That's just caution. There's plenty signal for the top-10 mail hosters to tune their reputation heuristics to so that that wouldn't happen, but I don't trust that they worry enough to invest smarts in improving the general state of email delivery. The incentives are not there. They're the incumbents, and interoperable federated services were good news when they were starting up (whooo hey we bought Postini and now we're doing this web based office thing where you can send and receive email, come join us in the beta, free forever, promised!" aka GSuite), but now that they're incumbents it's better to stamp out those cooperative federated protocols. Before anyone gets any ideas that you could actually own your own data and and could communicate with people over the internet independently of some FAANG-size corp, you know.

While I don't do this anymore, I hosted Exchange 2010 for many years. I did this because I wanted to keep my BlackBerry and needed BlackBerry Enterprise Server, which only supported on-premise Exchange 2013 or under.

Yes I host my own email infrastructure for my own business and personal use. The "plumbing" is IMO trivial. I have no delivery issues.

The headache is with people who want to do things which aren't in my "acceptable use" envelope. I know there are adversaries out there ranging from the simply venal and self-righteous to the outright evil. That ranges from spam to tracking to phishing to malware delivery; and from scanning for open relays to credential stuffing to SYN attacks and more.

I actively map and target adversary infrastructure (and sometimes the "friendlies" are useful idiots). I use and encourage the use of 1:1 email aliases (I wrote and support TruAlias). I mess with DNS; I mess with L2. So around here if something doesn't work, you'd better ask me or your designated contact if you're expecting it to. There is no privacy around DNS or netflow info on my network.

My support issues are largely people-driven / political, which shouldn't be surprising given the above. However overall the support and IR load is light and the most problematic and chronic interlopers are the self-entitled aaS providers themselves.

Yes. Exim, Dovecot, SpamAssassin. In two systems: FreeBSD and Alpine Linux.

I believe we need to keep doing this sort of thing, more.

I haven't had the same problem as people widely complain when hosting their own email. FWIW since you ask, I put this down to:

Using a quality ISP. VPS is ok, but not from widespread bulk providers. It seems to me that receivers judge quality by the network (eg. AS number) it originates from, not IP address. So you're judged by the quality of your neighbours and what those IPs are doing.

Properly set up SPF and DKIM. Someone here was recently stating how impossible it was to host your own mail, but a commentator quickly showed they had misconfigured.

Switching off IPv6. I love it in principle, but in practice there are big providers breaking IPv6. eg. Hotmail broke theirs a month or two ago. Or applying more stringent constants to IPv6 receipt.

I don't relate to people who say you need to "warm up" an IP address. It seems they might be often trying to use bulk VPS/cloud providers who probably get a lot of abuse. I don't see it's in the receiving ISPs interest to constrain IP addresses which only generate small amounts of mail (by definition this is unlikely to be spam), and it would be easy to mistake the per-network reputation for this effect. Make sure you're not on the various public spam/block lists, though.

I've been running my own mailserver for the last ~8 years off a home server.

I'm lucky enough that my ISP provides me with a fixed public ipv4.

I use postfix as an smtp server and dovecot as an imap server (pop3 is disabled). I run them on Red Hat Enterprise Linux via a developer subscription.

So here's the deal:

1) learning postfix, dovecot and general email stuff does require some time, but essentially it's an one-time effort, email protocols do not change that much over time. you might split the effort over time and configure bits part by part. needless to say, the bit to learn as soon as possible is how not to be an open relay (that is, not to relay spam).

2) deliverability is the main problem. many services (mostly gmail) blindly assume that you're a spammer because you're sending from a residential ip address block. this is a form of discrimination in my opinion. needless to say, no matter if you setup spf and dkim, gmail is still going to deliver your emails to spam folder.

personal pet peeve: whenever i open my gmail inbox (used to do that due to having an android-based phone) it was full of promo emails that google willingly delivered to my inbox. yet my legitimate email are delivered to spam folder. i hate the gmail team passionately.

3) i have an mx backup via a virtual machine on aws, the smallest cheapest instance available. it was a quick fix when power went out at home and i was on vacation, but it's been worth keeping around for the last ~3 years.

4) maintenance is effectively a non issue. i just go through the configuration file when updating the base operating system to make sure new versions of postfix and dovecot still accept my configurations

5) server-side filtering via sieve is just awesome. when i was ~16 i used to reconfigure my filters in thunderbird every time i reinstalled my laptop, nowadays my emails are always delivered by dovecot to the correct folder (i'm using maildir to store mailboxes)

6) you do need to take care of backups. but mailboxes are essentially text files, they do not require special care and their compress ratio is very good. i keep my emails on a snapshottable filesystem (zfs), and that comes in handy when doing maintenance (worst case scenario I rollback).

7) for incoming email, when you set graylisting, spf policy verification and dkim verification, 99% of the spam is rejected by the server. i actually get most of my spam from my mx backup host, which was configured in a hurry. but i add an "x-from-mxbacup: yes" header when pulling that mail from there via formail and do filtering on that via sieve in dovecot. works okay.

8) antispam servers are clunky, i decided not to run one and just reject mail on the basis of greylisting, spf and other checks. it works okay.

9) after a while i gave up with deliverability and started using amazon ses as a relayhost. Nowadays i've got a small dedicated server with a public ipv4 and a configurable reverse-ptr dns. I should be looking into that again, but nowadays i'm fairly busy.

In general I'm very satisfied.

I have custom domains forwarding emails to a couple of gmail accounts. It's a PITA.

I still have issues receiving emails. Especially from financial institutions. (Wells Fargo emails just... stopped. So I gave up and setup a gmail just for them.)

I have issues sending emails from my custom domain.

IRL I always have to explain that yes, my email address is YourCompany@MyDomain.com, but no, I don't actually work for YourCompany.

Over two decades, I have played whack a mole with a number of problems. Switching to a hosting provider that does not allow me to forward <any>@customdomain.com helped. It only allows explicitly forwarded email accounts, and setting up the email address explicitly passes most email validation tests, and I suspect the underlying IP is less likely to be blacklisted by fin tech that is extra careful about who they email.

Yes. I did so for 20 years, stopped for 5 or so, but do so again now.

No, I pay fastmail [1] to do it all for me. I am reading in the comments that a lot of people have success with self-hosting, and maybe I will look into it someday when I am not busy every hour of every day studying chemical engineering, but for now I am happy to pay £50/yr to have someone else deal with hosting, clean IP addresses, DNS/SPF/DKIM, or whatever else is necessary to make sure my emails land in people's inboxes.

[1]: https://www.fastmail.com/

I hosted my own mail for years. I stopped just due to inflation. I have been cutting every single cost that I can. I already pay for iCloud+ and it now supports custom domains and the like and has encryption, so I moved my email over.

If I wasn’t trying to trim every possible cost currently, I would still selfhost. It’s trivial if you have any sysadmin/syseng experience and a little time for setup. IME, the main thing that trips people up has already been mentioned. You need SPF, PTR, and DKIM records to get delivery to big providers. You can usually request to be removed from blacklists if your IP was flagged before you got it.

Been running my own email server since January 2000. Most of that time, it's been running postfix, courier etc. I also run spamassassin, have reverse DNS set up etc. No issues but then I also have few users receiving e-mail - about 10, including myself.

I gave up 5 years ago after running qmail for 15 years, I just didn't want to deal with the spam anymore, it constantly needed some adjustments.

I use one of these domain+email only webhosters, doesn't cost much more than the domain itself and they do a better job than I did in my spare time. I still get spam but it's maybe 5 mails per day and I have catchall on a 20 year old domain.

I use an outgoing postfix server if that's the question. It has the same IP from hetzner for > 7 years and emails seem to be delivered most of the time, at least i dont get complaints about them. No special setup just SPF

>Do You Host Your Own Email?

Yes?

> Do you run a mailserver/host email accounts on your domain?

g-suite free - multiple domains + simplelogin (previously used anonaddy) with a custom domain (actually a subdomain of one of my gsuite domains)

I host my own email. I have been running email servers since the 1990s so it is not hard for me. I run postfix with SpamAssassin on a Debian VPS, and usually use alpine to read it. I have SPF records in my DNS and such.

I have not had trouble sending to Gmail. On important emails to Gmail addresses I BCC my own Gmail account. If my account does not get the mail I figure there is a problem. For me it always goes through.

My setup is stable. In the past ten years I had my current setup, but also other domains hosted via Google Mail, or by my hosting providers etc. They all had migrations, discontinuations etc. I migrate them all to my mail setup. I have no such hassles with the email servers I myself set up. It does not have large changes (by servers I mean the primary and queuing mail servers).

I have a lot of experience doing this though, not sure how hard it is for others, but it is a lot easier than the old days of configuring Sendmail with m4.

I have decided not to. I prefer to support a small-tech company like Tutanota with a paid subscription to give bigtech's top line a millimetric nudge.

Disclaimer: I'm a passionate Tutanota customer.

I've been self-hosting Zimbra for around 10 years, but if I were to start today I'd probably use Mailcow. I like having a good webmail. I have multiple work/personal domains and I like keeping them in separate tabs/containers.

Self-hosting email isn't hard if you know the basics, and there are lots of resources online. Not like, say, self-hosting asterisk, which is a bit more of a pain (and I also do, reluctantly, but I barely use it, webrtc+asterisk is useful).

Having access to mail logs has been very helpful for various things. I also have aliases that connect to various (self-hosted) Gitlab projects for work, where we use service-desk.

I know that for most companies, self-hosting does not make sense financially, but our company does not make a ton of money, my time is fairly cheap (a few hours a year), and having control on the infra means we don't have to worry about how many seats/licenses we have, we can just do whatever we want.

Quite often, working with other companies, we end up having these artificial barriers because they can't afford to create an account for me on their issue tracker. So now we have a dozen companies using our systems, because it's all setup, it just works, and no artificial barriers, just a bit of disk usage and good backups.

Interesting to see so many folks here running Exim. It's my favorite MTA primarily because I find it understandable, it has excellent documentation, and I'm used to it as it used to be Debian's default MTA. I get a lot of folks telling me not to use it due its history of security issues, and recommending something else instead, like a qmail derivative. I'm not sure how I feel about this.

Yes, for about 27 years now. I spend a few hours per year in maintenance and configuration, hardly ever see spam and manage to get most of my messages delivered - even to Google- and Microsoft-hosted addresses.

The server-under-the-stairs (dl380g7, Proxmox running containers with services, one of those being the mail container on which Debian/Exim/dovecot/greylistd/spam assassin/dovecot-sieve). Backup to several external locations, mail archived for about 25 years.

Yep.

Postfix + dovecot + rspamd on Debian on my own colocated hardware. Have been doing it for over a decade at this point (probably over 15 years)…

Has moved service providers a few times, as I try to stay on small providers with a high level of clue :)

A paid setup as part of my ISP hosting package.

Exim + Dovecot + MariaDB + Weakforced + Rspamd + ClamAV, Proxmox/LXC + Docker/SOCKS5, DNS (DNSSEC) (PowerDNS), Custom API + React (react-admin), Multiple providers (Linode, Oracle, OVH, Scaleway), Prometheus (ofc), Multiple blocklist sources (via pfsense), Mailbox-centric.

This has evolved since 1996 (!)

Yes, I have a physical dedicated server that is colocated that handles all of my email (along with websites, FTP and a few other services), and a second server in my home that acts as a secondary email server with a nicer UI that gathers up all the email from the main server and lets me read it locally either on laptop, desktop or phone. I have a static IP on my main server, and I've had that same IP for going on 20 years, so the reputation is of the IP solid.

I host my own email on a DigitalOcean server using Mailu. Works great and allows me to receive *@mydomain.example.com, which is super useful for generating throwaway emails on the fly for different companies. If they send me spam I block the entire address, and it's easy to see phishing attempts because they come in to the wrong address. It's definitely not trivial to set up and maintain but I recommend it if you're into self-hosting things.

Google and Microsoft have gotten very bad at delivering mail from self hosted servers so for now I switched to using EasyDNS's hosted email service which they don't seem to mind much.

It really pisses me off.

Yes, using yunohost on a VPS. Selfhosting mail and many other services without any hassle. No delivery issues yet.

But honestly, without an easy solution like yunohost I wouldn't attempt to selfhosting personal mail even I already know how to do on different platforms.

I've been running a server since 2005, as a teen. It's been easy. It's my main email.

In 2019 I migrated from the vServer to a dedicated setup switching from Debian to OpenBSD, from Postfix to OpenSMTPD. I use Dovecot, the only thing I ever tinkered with were spamd or spamassassin. The only things to do were DKIM, DMARC and SPF.

I have never had an issue with mails not arriving on either end, I rely on it personally and professionally.

I am very much not an expert in the area, nor really interested. I just set it up and it works. Should some emergency thing happen I'll just put on my last backup. But no data loss has ever occurred in these years. Just use your RAID setup.

So far it has been more reliable than Gmail (which was down, had bugs, etc., just search Hacker News ;))

I think there is a huge amount of FUD in the area. E-Mail itself is very reliable and handles any issues very well. Since it's a super old tech nothing much changes, just DKIM and so on. I think a lot of tech people are all to used to hosting stuff that constantly changes which makes them very scared of it. But e-mail you just read into, set it up, add a couple of comments for your future self and might easily outlive you.

Of course you should do your updates and of course I wouldn't recommend to do it like me and do that as a whim as a teenager with no experience, but also it worked out.

I'd recommend OpenBSD because the system is sane, you get OpenSMTPD which is compared to other extremely easy to set up correctly. It doesn't have all the cruft that others accumulated.

Here some things that you need to not forget so others won't think you are a spammer:

* Set up (and test) SPF

* Set up (and test) DKIM

* Set up (and test) DMARC - even if it's just the record part

DON'T FORGET TO SET UP the PTR record. I do that for all systems, but somehow even with people that should know this things from their job people seem not to.

Read up on each of these things to get it once, configure it properly, add comments, maybe write down some notes somewhere, have backups. And you are good to go.

If you are scared, you can just do all of the above and still use what you currently use. Spend some times (years?) to see if it works for you with non-important stuff. If it does, you can switch stuff over. If not you learned something.

This is not me saying that I think you should do it, but it's an option if you are interested. You can just get a cheap server and try it. In the very worst case you'll have learned something and made your own opinion.

Also on IP reputation. I think there's something off here.

You go to say Mailchimp/Mandrill/Mailgun/etc., because of their "reputation" and a month later you notice that their reputation sucks, so what happens is they upsell you to get your dedicated IP (own thing, more expensive package, etc.).

I never had a problem with IP reputation but I'd assume that your hosting company would give you a new one if you brought it up.

Yeah, since the late 90s. Been through a few migrations (sendmail to Postfix to exim, considering Postfix again if I can replicate my setup; courier to dovecot; maybe 5? different hosting providers; squirrel to roundcube to rainloop to snappymail).

It can be death by a thousand cuts though but if you can get it into a stable mode where no-one is blocking you, it'll generally just tick along.

Setup is exim on two machines with rspamd (aggressive settings) feeding one IMAP store which is accessed via an OpenResty proxy (lets me write my own auth stuff) on the other machine (and also controls where each user's IMAP store comes from - just in case I need to split and/or restore to another machine.) Oh and currently snappymail for a webmail frontend.

Main problem I had was fail2ban blocking my users because they forget passwords, don't have PTRs, etc. (it's set to be very aggressive on exim and dovecot failures because there's just a constant stream of probes and attacks) but I solved* that by unbanning the IPs people have successfully authenticated from in the last day, IYSWIM.

[edit: forgot the webmail and spam parts]

I've had a VPS running the free version of Axigen server for I don't even know how long. 10 years?

The first year was rough because I didn't know what I was doing. Mail would not go to or from certain domains with no indication of why.

Once I finally figured out all the security settings, it's fine. My domain will talk to anyone (including Google) and has been for several years.

My private email is my primary account. It's on a domain with my name, so I use it everywhere.

Is it worth it? Absolutely not. I wouldn't recommend you run your own server unless you just want the experience. It's far, far easier and cheaper to just buy the domain name and use the inbox your registrar offers. Or a paid service to host email under your custom domain.

For me, I have other users on this service, and the cost and risk of migrating them to a new service is way, way too much. I'd have to decrypt their inboxes and merge them into the new service, and I just don't want to go there, so I keep this server ticking over until we all die I guess

Running my own mail for 20 years, I've never experienced any of the commonly cited problems re delivery to cartels like Gmail etc, but YMMV there...

Tech wise, in the old days it was sendmail and pine/mutt/etc, more recently courier, these days postfix and dovecot.

I wouldn't ever consider outsourcing something as crucial as email as it's not e2ee and being able to diagnose delivery issues and fix them quickly is very important.

Also related: former mailop

Self-hosted for about 20 years now. Currently running a few VMs in a Hetzner cloud project built with terraform and managed with Ansible - dovecot proxy, postfix and rspamd on the public host, dovecot with encrypted-at-rest storage (mail-crypt) on the private host and another host running monitoring (Prometheus, graylog etc etc)

to put it in a nutshell:

* self-hosted on a rented physical server-system running debian gnu-linux (stable)

* setup via ansible-roles

* using my own DNS-setup with isc-bind

* (open)ldap-directory (qmail-schema)

* exim4-ldap with my own configuration (not the distro-standard)

* spamassassin + clamav

* courier-imap

* roundcube for web-access

* gnu mailman ver 2.x

* letsencrypt for certificates

just my 0.02€

ps.: i'm doing this since the 2nd half of the 1990ties ... so i really know what i'm doing :))

No, I use https://purelymail.com/ with my "own" domain. Happy with it so far (~2years?)

After messing with POP3 and local mail clients (before Gmail was a thing) I decided that I wanted my emails in a Maildir, so I started to host them on Dovecot on the LAN, which made it easy to backup all my mail and move around. The local server would POP them from any (of multiple) services and serve them to clients that needed access. I would take my mailserver with me on travels and during moves (multiple countries) and use DDNS where necessary to access mails outside the home (currently using an old BananaPi as hardware has gotten smaller). I've had domains for decades as well, and started out receiving mail using services that came with the domain name registration. For sending I would use the ISP, later Gmail, but settled on MXroute which is very affordable and has good deliverability. I als started using it for MX, but after a few years decided that I really want to receive any and all mails sent to me, so for the past few years I have run Postfix (with a few failovers) with trimmings like SPF, DKIM, DMARC etc. This all works OK, and doesn't cost a lot.

Is it hard to run the basic software to have a self-hosted e-mail server? No.

Is it an utter PITA to have to chase a dragon's tail of stupid things that you don't control to have RELIABLE e-mail? Yes.

While running your own server is great for a hobby or as a learning exercise, 99%+ of people just want e-mail to WORK. And many of the big providers have an endless amount of hoops to jump through, and have little to no transparency or feedback when things aren't working.

I recently switched to Fastmail and have been happy with it so far.

The setup I’m using is:

- I have a mylastname.com domain. For serious accounts like my bank and insurance, I use companyname@accounts.mylastname.com. - I also have a myrandomdomain.com. For most other online accounts I register with companyname@accounts.myrandomdomain.com. - I have been playing with a sieve script to automatically create folders and categorise incoming mail for each address. It needs a couple of small tweaks still that I didn’t quite iron out before going away for a few days but should be pretty straightforward. - In limited cases where I want more anonymity (eg. Facebook, Reddit, now Twitter), I create a masked email and set up a filter to put it into a folder myself. - I use a different address to log in to my account instead of myfirstname@mylastname.com

For me this is a reasonable mix of security and convenience. Depending on your level of paranoia you could be slightly less paranoid (company@yourdomain.com or company@something.yourdomain.com), or more paranoid (use masked emails for everything - there is now integration for this in 1password so if you’re using that for a password manager it’s very easy to manage. I love the automatic categorisation using my own generated addresses gives though.

I host my own email.

Incoming messages are sent directly to my SMTP server.

Outgoing messages are sent through the ISP's SMTP server. (This service is included with the internet service from the ISP, so I do not need to register for this service separately.)

The IP address rarely changes, but sometimes it does, and when it does change, I can update the DNS records.