[drchaos]

Dovecot + Roundcube hosted on a cheap VPS, with Thunderbird (on the Desktop) and K9Mail (on Android) as client works pretty well for me. Dovecot 2.2 implements several new IMAP extensions, so you can do serverside fulltext search, threading and push of incoming mail, and with some work[1] it should also be possible to sync your contacts and even a calendar with your server (I must admit though that I haven't tried that yet).

The only thing left to be desired is support for tagging in Roundcube. Thunderbird has it, but it would be nice to have it in the web interface, too. There's a ticket for it in the Roundcube tracker[2] but it doesn't seem to receive much attention yet.

Personally I hope that with the recent closures of Google services more people choose to run their own services with free/open source software. With VPSes and modern tools this is cheaper and easier than ever, and if we want the web to remain free and open, it's much better to have some diversity and decentralization, instead of placing everything in the hands of Google and Facebook.

[1] https://patrick-nagel.net/blog/archives/389 [2] http://trac.roundcube.net/ticket/1485799

[damncabbage]

What do you use for spam filtering?

I've had terrible trouble with SpamAssassin in the past; can you share an effective config, and are there pre-built spam/ham databases around so you don't need to go through the entire training process?

Are you checking RBLs on a regular basis, or is an SPF record and a reputable VPS provider enough to keep you off blacklists?

Any other tips for someone wanting to try their hand with a VPS + Dovecot + Postfix setup (assuming a Linux sysadmin background)?

[drchaos]

I use the sender/client/HELO restrictions from Postfix to block misconfigured spambots (no FQDN HELO etc.), and a custom rule to block submissions where the sender domain equals to one of my own domains. This alone catches quite some spam, for the rest I use the NixSpam RBL[1], which has a very lenient policy (only IPs actually sending spam are listed, with a TTL of 12 hours, so false positives are pretty rare, while still covering the major botnets).

Usually less than 5-10 spam mails per day survive with this config, which is acceptable for me, I view it as a typical 80:20 solution and don't want to lose potential customer communication anyway.

Regarding outbound mail, in my experience it is sufficient to have a clean IP from a reputable provider with proper reverse lookup to have most sent mail go through. I don't check RBLs regularly but I did once when setting up the server, since sometimes one can get an IP which has been burnt by a spammer before. For a quick check whether everything is configured properly I recommend using the email check of webcheck.me[2], while not covering every single aspect, it gives starters a good overview where they can improve.

If you want to host a blog or personal site in addition to e-mail you should definitely have a look at Froxlor[3]. Froxlor (fork/successor of SysCP) is a lightweight control panel which allows to add domains and mailboxes through a web interface, without taking over your whole /etc (like Plesk or cPanel). Even if you don't use it in the end, the suggested configs contained in Froxlor are a good starting point.

[1] http://www.heise.de/ix/NiX-Spam-DNSBL-and-blacklist-for-down... [2] https://webcheck.me/ [3] http://froxlor.org

[vizzah]

Anti-Spam-SMTP-Proxy (ASSP) (written in Perl) does wonders for me with a minimal tweaking. My own account`s Inbox has less spam than Gmail`s "Spam" folder. And that's considering my e-mail is scattered all over the net (thanks to the WHOIS).

[flyinRyan]

DSpam.

[carletes]

Yep, dspam (http://nuclearelephant.com/) works perfectly well for me with the Dovecot integration (http://edeca.net/wp/2010/03/dspam-integration-with-dovecot/)