3

I'm trying to improve my email setup once again and need your advice. My idea is as follows:
- 2-5 users
- 1 (sub)domain per user with a catchall
- users need to be able to also send from <any>@<subdomain>.<domain>
- costs up to 1€ per user (without domain)
- provider & server not hosted in five eyes and reasonably privacy friendly
- supports standard protocols (IMAP, SMTP)
- reliable
- does not depend on me to manage it daily/weekly
- Billing/Payment for all accounts/domains at once would be nice-to-have, but not necessary

I registered a domain with wint.global the other day and I actually managed to get this to work, but unfortunately their hosting has been very underwhelming.. the server was unreachable for a few minutes yesterday not only once, but roughly once an hour, and I'd really rather be able to actually receive (and retrieve) my mail. Also their Plesk is quite slow. To be fair for their price it's more like I pay for the domain and get the hosting for free, but I digress..

I am also considering self hosting, but realistically that means running it on a VPS and keeping at secure and patched, which I'd rather outsource to a company who can afford someone to regularly read CVEs and keep things running. I don't really want to worry about maintaining servers when I'm on holiday for example and while an unpatched game server is an acceptable risk, I'd rather keep my email server on good shape.

So in the end the question is: Which provider can fulfill my email dreams?

My research so far:
1. Tutanota doesn't offer standard protocols. I get their reasons but that also makes me depended on their service/software, which I wouldn't like. Multiple domains only on the business plans.
2.With Migadu I could easily hit their limits of incoming mails if someone signs up for too many newsletters and I can't (and don't want to) micromanage that.
3. Strato: Unclear whether I can create mails for subdomains. Also I don't like the company for multiple reasons. However I can access a domains hosted there and could try...
4. united-domains: Unclear whether I can create mails for subdomains.
5. posteo: No custom domains allowed.

I'm getting tired.. *sigh*

Comments
  • 1
    The best method would be hosting it itself.
  • 0
    With powerdns you can and ldap you can have an user entry, a domain entry and the catch all the the subdomain in one entry. The most tricky thing would be the subdomains in the postfix config.
  • 2
    For patching during holidays: unattended-upgrades.

    The quality control of Debian is actually good so automated updates won't break anything.
    Occasionally reboot, or get (paid) livepatching (a few dollars a month).

    P.S.: Many companies also don't patch daily, and you usually won't be able to get an SLA to force them to do so.
  • 0
    @sbiewald the companies i know(gouvernment contractors) patched once a month at most.
  • 0
    I think I'll go for a VPS then. I'm still torn between a very tiny server (1vcpu 512MB RAM) just for email (to keep its tasks and risks small) or a bigger one to have some more headroom and maybe run some other (lightweight) stuff.

    Looked at IONOS, hetzner, netcup and contabo. (not strato as their small VPS run on virtuozzo)
  • 0
    @saucyatom i can give you an code for netcup
  • 1
    @stop Which package would you recommend? I'm tempted by the VPS 1000 G9 (though it is totally overpowered for mail and static hosting) or even the RS 1000 G9. The 200 G8 would probably be more than enough though..

    Or I wait for a special offer, since it's black Friday / advent time soon..
  • 0
    @saucyatom i forgot that. The discounts at that ocasion are usually bigger than the discount i can give with an code.
  • 0
    @stop I suppose it's the 10% for VPS? I guess I'll go for a VPS 200 to try and when there's a good offer I might switch to that, but 2.42€/month really isn't that bad anyway. I'll probably be better off with 2GB RAM vs 512MB.
  • 0
    10% discount forthe vps g8 200, 500, 1000, 2000
    1 month discount fir the vps g9 1000 - 8000.
    30% for the rs 1000 ssd g7se, ssd g8 and the sas g8.
  • 0
    and i have one 5€ that can be used for anything except domains.
  • 0
    I have seen those. Unfortunately the 5€ / 30€ voucher doesn't work for the VPS, as they're billed hourly. (except for the bigger ones on 6/12 month contract)

    So I guess I'll just go with the VPS 200 G8 for now, should be more than enough (at least if I don't care about clamAV).

    Do you get any credit if I use your code or shall I just use those I found online?
  • 1
    @saucyatom i get 10% of the income they get of an new aquired customer. These vouchers are only for new customers.

    this is the text on the customer control panel:
    Give away vouchers for our products and get rewarded. Every new customer who redeems a voucher that you have generated here brings you cash and the new customer a discount on the order. You will receive a lifelong 10% share of the revenue that we generate through the referred customer. The income can be viewed and paid out under "Partner Program".

    The vouchers can be redeemed under the following URL:
    https://netcup.de/bestellen/...

    Please understand that the vouchers can only be used for new customers.
  • 0
    @stop Nice. Can you send me the VPS 200 voucher then? You can send it to me at user@temp2109.uber.space if you don't want to post it publicly.
  • 1
    VPS 200 G8 10% discount: 2052nc16329870650
  • 0
    @stop I messed that up, but I asked the support and they can add you as the referrer if I give them your customer id. I probably won't run much on this account though (so don't expect much), as I'll split it between two accounts.
    (Why? The VPS will be a business expense but I'd rather have some of the domains registered to my own name.)
  • 0
    @stop I'll try my luck with this guide https://workaround.org/ispmail later today or tomorrow. Do you have any tips to prevent ranting a lot soon?
  • 1
    @saucyatom
    My setup is special. I have rspamd, postfix and dovecot. Users come from ldap and aliases from an postgres db. Authentication for everything is backed by ldap (even the postgres db). I have sssd running and except of the system users, i have no local users. Data is stored on glusterfs volumes. What do you want?
  • 1
    @saucyatom bullseye has already rspamd,i use dehydrated instead of certbot (less requirements), don't use an webmailer, use nginx instead of apache. But the tip about the mailer autoconfig is nice.
  • 0
    @stop I planned postfix, dovecot and rspamd and I've read that using Redis for rspamd is a good measure. Otherwise I'm still open, particularly on user management (users need to at least be able to set/reset their password). Might be good to explore LDAP, but most of this is new to me (I'm a dev at work, not ops) and I don't want to make things too complex and/or brittle.

    Fortunately I'll have time to play around (and mess up) at first. I plan do go "in production" (alas actually use the mail server) around December.
  • 1
    @saucyatom i know that nextcloud has the ability to write to ldap with a plugin, including passwords. Im currently playing with keycloak, that i plan to use as a sso solution for various applications and as an central place for user self service.
Add Comment