[chriszhang]

My last straw with Protonmail: I created an email account in Protonmail. Used it to send and receive emails as usual. Then one day suddenly their "algorithms" suspended my account because the "algorithms" found that my account was being used for abuse. That was the end of Protonmail for me. Back to GMail. I know people lose their GMail accounts too. But in the last 17 years, I had 0 issues with GMail and 1 issue with ProtonMail and that 1 issue disrupted my life for a while.

I now find me asking: What is a good reliable email provider out there? I know I can host my own email in my own server under my own domain name but on HN we have seen articles about people losing their domain names too. Is there truly no good way to have permanent email address?

[France_is_bacon]

I have used tutanota, which is a competitor of protonmail. Not one problem.

I don't use Google mail or Yahoo mail or any of those because they scan your emails all the time and sell the info in a heartbeat. What would you think if the Post office let people scan your physical mail before you received it? Why should Google or Hotmail? Nasty.

[x4e]

I would say self hosting is best. At least if you lose your domain name you still have your emails.

[sofixa]

But then you have to deal with self-hosting emails and all the associated bullshit ( reputation, spam lists, dealing with spam on your side, etc.).

IMHO the best is to use a mail service with your domain and local / remote / something backups. You need to lose 2/3 to be really impacted.

[France_is_bacon]

I have reviewed and read on this topic for a long time.

It is extremely unrealistic to operate your own self-hosted emails. There are all kinds of problems with this direction.

One is that it is very difficult to even find an app to do this. Then you have to set it up, which is very difficult.

You have to always be updating your self-hosting, as it is a very much a security nightmare.

Then you have to worry about blacklisting. Companies like Google or Yahoo might blacklist your self-hosted mail server for various reasons, like you are not up do date or listed with trusted email provider associations, and a whole bunch of other things - so basically, you cannot send or receive emails from the most popular email systems, so good luck with that. And then you have to somehow try to get unblocked from them, and welcome to that nightmare, right? It could take weeks and you won't be getting emails.

Nobody should self-host unless they are crazy expert at it, and who even has the time to do that?'

.

.

Here is what some people write about self-hosting:

.

The key to reliable delivery from your server is to go through a relay like Mailgun. You can accept email directly, that's not blocked, but sending out needs to go through a relay. So your stack will look something like dovecot, postifx, and spamassassin, maybe raindrop for the UI." So right - need dovecot, postifx, spamassasin and raindrop. What a nosebleed to learn all that.

.

Sender reputation and RBLs.

Summary: Large providers spend a lot of effort fighting spam, and that includes tracking where email comes from and blacklisting untrusted sources. They use a combination of publicly available blacklists (the RBLs) and also their own secret algorithmic sauce and assign you (where "you" == your MTA's IP address and also your domain) a reputation score. If your score is too low, your email gets rejected and your recipients will never see it. There is often a complex process to try to get your email un-blacklisted—it means arguing with individual RBL maintainers, or begging Microsoft to please let your email through.

Sender reputation is also affected by whether or not you're implementing a whole suite of other technologies in addition to SMTP—most importantly SPF and DKIM, and probably DMARC at this point as well.

tl;dr - if you're writing your own smtp implementation, you almost certainly won't be able to email anyone at a major email provider.

.

The base protocol is simple, but the flexibility of configuration expected by real-world users is quite challenging and the scar tissue of dealing with broken or semi-broken clients and servers (e.g Microsoft Outlook) builds up over time. Virtual domains, rewriting rules, forwarding rules, see Postfix's wide variety of configuration options, lookup tables (and table backends) for just a small taste of the complexity.

.

A good starting point is being able to receive mail. Running an SMTP server that listens to the internet but only relays mail for your specific domain is fairly easy, and should work out of the box. That means, if you own example.com, and set up the correct MX record, and listen on port 25, people can send you emails immediately. Actually, even without an MX record, if you just have a standard A record, that is enough. In a pinch, I've done it. Perhaps it has gotten harder in the last few years.

Tools like Docker and Ansible are great for setting things up quickly and reliably, but if you really want to understand, there are plenty of tutorials on setting up an MTA on Linux, or FreeBSD.

And, if you want a simple "dropbox", there are modules for php and nodejs that will run a simple SMTP server that you can hook into. It can be useful for embedded devices. A long time ago I worked on an interactive installation where anyone was able to interact with by simple sending an email. The server portion was about 10 lines, after including the server module:

https://www.npmjs.com/package/simplesmtp

It was deep behind a firewall too, but I just used ssh with the -R option to a VPS on a public IP address pointed to by our domain name.

.

nstall postfix and configure main.cf and master.cf to use mandatory tls required. Set tlsa record and dane. Spf, dkim and test the server. And use firewall that bloks shitty country asn's.

Also configure dovecot and set dnssec to domain. There is a online mail testers. It will work like a charm.

.

.

So my take is: what a horrible nosebleed all of this is. Unless you are already an expert in it. But if not, who has the time to monkey around with this stuff? I have a degree in Computer Science, but I have better things to do with my life. Especially since there are so many other better options.