Self-Hosting Email in 2025 Is Easy Actually (apart From M365)

IP reputation is a gamble, and there is no recourse. If you're lucky, awesome. But if you're unlucky and switching host isn't an option, you pretty much have to involve a large third party to act your behalf - there is zero appetite in the industry for interacting with individuals.

The best solution I've been able to find is to self-host /almost/ everything, but route outgoing mail through Amazon SES.

The pricing for vanity email volumes is negligible (a few cents a year), and they have people whose full time job is wrangling IP reputation / Office 365 / etc.

This setup has survived several ISP/hosting switches; at times when I am lucky with IP reputation I route only mail going to Office 365 recipients via SES and deliver the rest directly; at times when I am less lucky, everything goes via SES.

  SMARTHOST_FOR_MS = email-smtp.us-east-2.amazonaws.com::587
  smarthost:
    debug_print = "R: smarthost for $local_part@$domain"
    driver = manualroute
    domains = ! +local_domains
    transport = remote_smtp_smarthost
    route_list = hotmail.com SMARTHOST_FOR_MS byname ; \
                 live.com SMARTHOST_FOR_MS byname ; \
                 outlook.com SMARTHOST_FOR_MS byname ; \
                 msn.com SMARTHOST_FOR_MS byname ; \
                 live.co.uk SMARTHOST_FOR_MS byname ; \
                 hotmail.co.uk SMARTHOST_FOR_MS byname ; \
                 * DCsmarthost byname
    host_find_failed = defer
    same_domain_copy_routing = yes
    no_more

> i think the myth of "you can't self-host email" persists because while it can evidently be done, basically all of the software involved is ancient, baroque, inconsistently documented, requires a PhD in Bullshit to correctly configure, and is almost actively hostile to observation. but this is _annoying_, very different from _impossible_, and fortunately mostly solvable by delegating the annoying bits to an expert using something like NixOS to make it reliably work

Why are they calling this a “myth” when they readily admit that even when you are an expert who has been doing it for years, there’s still problems sending to the biggest providers in the world?

There is zero practical difference between “you need to be an expert and you will still fail to get something fundamental working” and “you can’t self-host email”.

> Microsoft 365 however apparently will hate your email no matter what. you learn to live with it

Or you don’t self-host but use a major email provider and don’t have the problem.

> there exist several pieces of folk wisdom:

> - "you cannot run your own mail server in 2025, this is too hard and time consuming" (completely false, i've done this since ~2010 with minimal ongoing maintenance)

This seems completely true according to what they themselves write. It is too hard and time consuming.

> I think the combo of "roll the IP gacha a few times" + "let it sit for 8 months while the VM idles" probably did me a lot of good here

Is letting it sit for eight months not “time consuming”?

> until I cleaned up my IP reputation (which has been awful for almost a decade) Gmail refused to deliver to anything but spam

This is not in any way acceptable to the average person, and it does not meet what most people would describe as “I can self-host email”. “I can self-host email but Gmail sends me to spam” is functionally equivalent to “I cannot self-host email”.

I am in favour of the middle ground. Rather than expending effort self hosting email, which while plausible is unequivocally a heavy lift for most, make use of smaller providers such as Fastmail or Protonmail. Just please stop consolidating the internet.

I've been running my own mail server with several domains for me, my now wife, and friends since 1999. It's definitely changed with time and gotten more strict with things like spf, dkim, dmarc, and reverse dns all becoming necessary over the years.

But it's not that difficult to be honest. Currently my internet provider is init7 and they offer fixed ip4 and set the reverse dns for me which lets me run the server downstairs in the cellar instead of at a colo somewhere (which I was doing for maybe 15 years).

Every now and then I look into moving to a paid service but we have GBs of mail since 1999 and it's just too costly when it's pretty much free for me to host it myself, even taking into account the time it takes for my effort, which is practically zero.

Plus I use my server for a ton of other stuff so it will always exist so I may as well host email too.

I used to host my own email until switching to Fastmail.

I recall roundcube to be pretty much the best webmail offering back when I was hosting but also severely lacking two important features:

1. Fast search against mailbox folders/labels with say 100k+ messages.

2. Handling multiple aliases, both individual and catch-all, and being able to automatically respond with the correct alias if an email is received using one.

Fastmail webmail handles the above two cases gracefully and its usually the benchmark I apply when evaluating other providers. My understanding is roundcube is severely lacking with search being IMAP SEARCH, and requiring you to enter multiple identities manually for each alias which doesn't permit catch-alls.

But the real reason I stopped running my own mail is that I didn't trust myself with regular backups (even though I still do them via IMAP on occasion) and disaster recovery. I don't think anyone self-hosting really has this figured out.

My experience says quite the contrary: nowadays you have to be a mail giant to be able to send more than one mail. I.e. policy imposed by Gmail and M365 will keep you at bay from delivering the mail in more copies (e.g. to your subscribers), marking you as a potential spammer.

Curious – for those self-hosting, what email _clients_ do you actually use on desktop/mobile?

With Microsoft you need to fill in a form first specifying your IP address and they will whitelist you, at least it used to work like that the last time I set up a new mail serer a few years ago.

The thing about selfhosting email is that, Even after getting rated 10/10 in every mailchecker service and after a nearly 1 year service, Gmail still marks it as spam. So Gmail is basically the monopoly that undermines small startup business by marking their Email service as spam. But ofc this will happen because Europe allows it, making Europe lawmakers an inferior entity even to a private company.

Actual situation:

Self-hosting email is great, if you have plenty of free time to waste, and if you don't particularly care if your messages are delivered.

One little thing the OP failed to mention is that even if you get a "lucky IP address" today, it can be randomly blocked (with no recourse) tomorrow by Google.

I've hosted my own email for over 30 years. About five years ago I switched from integrating it all myself, to using "mail in a box":

https://mailinabox.email/

It's modern, secure, and easy to manage.

It's free, but you are encouraged to donate.

I'm currently stuck with an awful hoster provider just because of IPs with a decade-old reputation.

There’s also https://gitlab.com/simple-nixos-mailserver/nixos-mailserver , if you prefer to write not quite as much Nix yourself.

MS365 (outlook, hotmail) bounced my emails for a while. Not “classified as spam”, but outright rejected, so you can’t even ask the person to un-spam you, add to contact list, &c.

Luckily, very few people I know use those, and Gmail worked fine. MS365 also works now; I’m not sure what changed.

"Ah, this is obviously some strange use of the word easy that I wasn't previously aware of"

"Microsoft 365 however apparently will hate your email no matter what. you learn to live with it"

The entire thread is bullshit then, because you simply cannot learn to live without M365. M365 is one of the largest group of recipients, and especially in the business world (and business is where the money is). So I inbox my friends on GMail, but when I send my CV or an invoice to a business, my email is not received. How does that qualify as "self-hosting is easy and doable". The delusion is strong in this one.

O365 and gmail should be honorably mentioned as places that will deliver both inbound and outbound to/from an IPv6-only MX.

A lot other servers will not play ball here. Your self-hosted mail server, if it lacks IPv4, will not get inbound from mailgun, mailjet, github; neither will it be able to send outbound to cisco/iphmx, as well as about 90% of small servers from what I see in my logs.

My biggest issue with hosted email for awhile was the disconnect that has developed between how most services now seem to bill and how over the now many decades (yeesh!) I've ended up using email. I have my own domains, on a technical level mailboxes ("accounts") are effectively free. So I've used them freely for separating usage (servers and services can all have their own accounts for emailing me notifications, I can use "accounting@mydomain.tld" for financial institutions, etc. For my own servers/services in particular it's good that they have their own isolated email accounts with their own passwords or keys and no ability to spam the world, only email me. It also makes it really easy to use white lists and ensure hard barriers and rules for important stuff so that even if an email address leaks it's irrelevant, and irrelevant in a deterministic manner. I still of course have general addresses that must accept traffic from the world and thus have to worry about spam, but a lot of the most key stuff where I never want to miss a message is from a pretty small circle.

All the typical recommended services though tend to treat mailboxes as the same thing as a person, charging an entire new fee for every single one, and then have hacks like aliases or catch-alls on top. Obviously that works for most and if you're setting up a new workflow can go with that and use other mechanisms for notifications, but for me changing at this point would be brutal. Self-hosted + relay (Amazon SES) works ok though.

That said, I've discovered two nice services (Migadu and MXroute, probably there are more out there somewhere) that charge along my own usage model. Migadu I think has been featured on HN before, and it seems solid. You can make arbitrary accounts under your domain as you wish, the charge is for storage and outgoing mail. So I'm now hybrid, and I could see that making me lazy enough to switch entirely. But I still think knowing how to do it yourself isn't a bad thing, there's some empowerment in having the fallback and remembering how it all works underneath. If nothing else as part of self-hosting you can run your own notifications through it.

There are actual reasons to self host that aren’t discussed here.

1) BEC filters. I run mail servers for several mid size companies that I am part owner of. We are constantly inundated by BEC scammers. But I now have filter lists that block it. You can’t email my staff using any manager or boss’s name and a e-mail that doesn’t match. It basically shuts down the whole BEC scam. I have one business still on Google apps, and we have now had two employees in that business get fooled by the scammers.

2) speed. Amazon AWS SES is great until you want to send 150,000 emails a day. At this point you’re running into issues with network transfer speeds for each request taking too much time, causing the full outbound send to take too long to complete.

I setup dmarc and immediately had to drop ruf/rua tag from it. For a domain I barely use to send emails, others are sure trying a lot. I was getting too many/much reports and I could do nothing about those shady senders. So I chose to be not dmarc-spammed and set p=reject. Screw it.

Also — I use a mail host provider and I would even think about hosting my mail from “scratch”. And I am never using my domain as a disposable address domain or email per service kinda way ever again. Hell, I might even disable catch-all. Then stick to disposable and privacy email providers like SimpleLogin for the rest.