I have compiled my official mail provider recommendations. With any provider, you must always use your own domain.
Good: Down to earth. Unlimited domains, storage, etc. Full marks for philosophical, ethical, and technical merits.
Bad: Difficult to set up. UI is a bit confusing. Advertises itself in your signature in the free plan. Apparently blocks VPN and Tor users (I have reached out to them about this).
Note: Was unable to evaluate their webmail
Good: excellent PGP support and good on other security fronts as well
Bad: requires google captcha, does not handle plaintext as well as I'd like, german leaks through into the english interface sometimes, too scatterbrained
Good: Goes above and beyond in support for various standards and protocols, handles plaintext email very well. Lots of good options for account security.
Bad: rough UI
migadu is hard to set up but is the best all-around offering. If you're security concious, mailbox.org has the best PGP support and good all-around security; runbox.com has good account security options but no built-in PGP support.
Evaluated but not recommended: disroot, fastmail, posteo.de, poste.io, protonmail, tutanota, riseup, cock.li, teknik, megacorp mail (gmail, outlook, etc)
For your own mail server, I recommend setting up a box with Alpine Linux, postfix, dovecot, and opendkim to sign outgoing email, with no webmail. I also recommend running your own DNS server with bind9. Test your mail configuration with mail-tester.com.
I do not endorse any fast-and-easy docker-based solutions.
@sir Can you elaborate on why you don’t recommend the docker-based solutions for self-hosting? (I assuming including mailu, mail-in-a-box, &c.)
@emacsomancer I don't care to, no
@sir I would add here that a big challenge is getting an IP with a clean bill of health from whichever hosting provider this server ends up on.
And that it may also mean not being able to reliably send email to megacorps for at least a year (or in case of outlook.com forever because they're that obnoxious) no matter how perfect your setup is with all the bells and whistles.
Whether that is a dealbreaker or an advantage is very subjective :)
@cmsirbu it's not especially difficult to get your IP cleared of wrongdoing
Maybe not difficult, but tedious. Microsoft for example is known to block whole /24 subnets for spam. If anyone on your network subnet is using the IP for spam, its pretty easy to get caught on the backwash and you need to deal with a lot of unsupportive staff to get of their blacklist. These kind of unwritten rules by the big three made me stop hosting my own mail in the end.
@sir A few more tips: You generally do not need a database server to manage multiple logins with virtual users. Disregard any tutorials that tell you otherwise. Postfix can authenticate via Dovecot and that can easily use a simple text file with user/auth/mailbox mappings.
Sieve scripts are extremely useful.
Instead of opendkim, you can also use amavis, which additionally takes care of validation and spam handling. Not difficult to set up.
(OT) And speaking of running your own DNS: It may be a good idea to run iodined so you have a way to bypass overzealous firewalls and captive portals/surveillance mechanisms of “free” public wifi networks.
@sir rspamd is also a great addition, implements the opendkim and spamassassin stuff and greylisting in one tool.
@sir agree rolling your own is the best way if you can. Personally I use OpenBSD because OpenSMTPD config is a dream to write (+ dovecot, DKIMproxy, no webmail)
@containsliquid gmail doesn't flag my emails afaik, but I don't do anything special
@firstname.lastname@example.org Thank you. I think i have to take a look at their postmaster program.
@sir why not disroot, riseup and cock.li? I think they are the only good free email providers.
@sir Why don't you recommend ProtonMail?
@sir nice reccomendations
@sir I can honestly recommed #uberspace. Good mixture of privacy, control and painlessness. Basically a shell on a shared host with mailserver setup, you can use dotqmail, maildrop, etc. Hosted in Germany, so good data protection & privacy regulations. Unfortunately, some documentation seems to be only available in German... Worth checking out (some of their staff is in the fediverse), but you've probably decided already. https://uberspace.de/en/
@sir It's one of those hosters where asking why Chromium shows that TLS security could be improved, gets the founder to write you a multi-page Email explaining that security is fine, up to modern standards, and its more important to avoid Java 7 clients breaking. :)
@sir What speaks against Tutanota? I've been with them for a few months and have been quite happy so far (limited filtering options, but super fast and beautiful web UI and mobile app).
@solarkraft same psuedo-secure gaslighting protonmail engages in
@sir I’d be interested to why you didn’t like Fastmail
@sirodoht australlia has whack privacy laws
@sir I've been using fastmail for my personal domain for several years now. Why "not recommended"?
@Paul australlia has whack privacy laws
cmpwn.com is a private Mastodon instance for friends of SirCmpwn.