Email server progress?

Jacob · January 18, 2021, 4:04am

The current google/microsoft/amazon internet gatekeepers have spelled out a terrible fate. Communication wars is beginning in the USA. Services are polarised now, and opposing groups to the party are suppressed by Cloudfare, Amazon servers, and search engines. It’ll only get worse. Thankfully, we have opensource projects like FreedomBox. I know y’all have been working on an email server for a while now so that’s great progress to self sustainably. ZeroNet is also a good platform but I need an email to communicate on a professional level. Gmail is my main provider and now I’m scared of the google platform because of its behaviour as a company. How high is the email server priority? Also for an unrelated question, what is the voltage requirements of your FreedomBox hardware? I have a custom 5v rail for my ARM server rack. I have a boost converter so I can step up but I would need to know the amps too.

The FreedomBox project looked like a cool project, I would never think it would turn into a necessity

zippy99 · January 18, 2021, 7:58pm

People must learn using tools such Retroshare, Patchwork/Manyverse.
Until email server available in Freedombox use things like Retroshare (amazing tool!) or setup an email server with OpenSMTPD and Dovecot:

Email providers comparation:

Stay away from shitty protonmail and such providers.

Jacob · January 18, 2021, 10:33pm

Thanks for the examples/suggestions. I’ll take a look

johnlines · January 21, 2021, 7:02pm

The main problem with running your own email system, as I do, is that you really need a static IP address, and one which is not in a netblock of IP addresses regarded as ‘dial up IP addresses’, as most systems will block you.
I have a hosted virtual system with a hosting company, which acts as a mail relay for me. My real mail system lives on my home network ,and I will be porting to run on same system as I am now running FreedomBox. My home system is my primary MX host, but the hosted system is secondary for receiving which helps mail reliability when my IP address changes.
I have some work on automating setup of a mail server as part of what would be needed for a Small Organisation Server. It uses postfix rather than opensmtpd, and is a Work in progress.
I have also just split of the external DNS bits into put-dns, but am waiting for that to come out of the NEW queue before I restrofit into smallorganisationserver

I am learning about FreedomBox and DJango while getting Zoph going as an app, and should be able to use that knowledge when migrating my mail system.

Jacob · January 21, 2021, 7:27pm

Sounds cool. My IP address is practically static even though I don’t pay for a dynamic one. My VPN on my home network still works for three years now. I haven’t changed its address in the key file so I know it hasn’t changed. Running an email server on my network doesn’t seem like a bad idea because of that. I know there are extra steps to be recognised as a valid email server. I think I can get away with something like
example@145.75.1.45

It doesn’t bother me too much. Everything I’ll send will probably end up in others junk mail but whatever.

johnlines · January 21, 2021, 8:59pm

The key thing from the mail delivery point of view is what you find if you enter your IP address in something like http://www.anti-abuse.org/multi-rbl-check/ does it show up as one to block, that is for you as a sender.
For receiving mail, I think technically example@[145.75.1.45] is still valid, I suspect most mail clients will tell you it is a syntax error and insist you enter a valid mail address.

Jacob · January 21, 2021, 9:21pm

Ah, you are saying I could have inherited I blocked IP address. Thanks for the link! On other “what’s my IP” sites my IP shows up completely clean with no comments.

NickA · January 22, 2021, 11:53am

Concerning the blacklisting of dynamic IPs, I was hoping that this front server idea could simplify to solve the problem. It may also be interesting that https://freedombone.net seems to have implemented email already.

Jacob · March 25, 2021, 12:57am

It took me a while to get around to looking at freedombone but I just don’t like the feeling of it. I haven’t installed it on a machine yet but the reason I won’t try is because FreedomBox it very comfortable to me. I have a spare lenovo thinkcentre and I think I am going to put FreedomBox on it too. That will make 3 FB servers total on my home network. All of my FB servers have been using ARM instructions so far. I have only one entry to my network ( that I know of lol ) and that’s my VPN hosted on a FB machine. Before I leave the nest for college, I intend to put FB on a X86 instruction machine. There, I’ll install Wiregaurd (not available on ARM) and the email when it comes out. Side note, I’m installing the FB on a machine with KDE Neon. I’m not familiar with Linux and its distributions. What VNC server do yall suggest I install? I don’t care about frame rate or quality, I don’t care if it would only be available on a local network. My only two conditions is if it uses the VNC protocol and its installed and configured with a ui or as little commands as possible.

NickA · March 25, 2021, 10:30am

@all is that in progress?

If it’s only for sending out like this: WIP: GSoC21. Email: Set up msmtp (!2049) · Merge Requests · FreedomBox / FreedomBox · GitLab
then I hope it won’t stay hardcoded to use the g (mail service) only.

Jacob · March 25, 2021, 12:27pm

When I think of an “email server” I seriously doubt it’ll be just a program with a email address and password saved using an API to send mail. That looked like another function all together.

I think the email server we will be getting will let us create an email account on the FB to send and receive emails over the internet. Also, this is mostly set up already because roundcube is already a FB app. I hope it would be as easy as installing both the server and client program using the FB ui.

zippy99 · March 25, 2021, 10:46pm

https://blog.freedombone.net/email-via-onions

Current

brain dead simple self hosted i2p mail
brain dead simple database backend (sqlite3)
brain dead simple smtp access
brain dead simple pop3 access
brain dead simple license (MIT)

Near Future

brain dead simple inet/i2p mail relay

Future (Eventually)

brain dead simple i2pbote gateway

fioddor · March 28, 2021, 12:45pm

@all is that in progress?

Debian has been accepted for the GSoC21. There’s a bunch of students interested and preparing their application tasks.

!2049 is a student’s draft for the application task. Official application period is from March 29th to April 13th. So expect to see some alternative merge requests in the coming weeks. But these are selection exercises. The implementation is expected during this summer.

NickA · March 27, 2021, 1:24pm

Thanks fioddor, that puts that MR into a better light.

Since mailstacks don’t seem that of an easy beginner task to set up well, and to be maintained, this may also be an opportunity to work with some existing and maintained project (like yunohost [email is part of core not a ynh-package], some stand-alone mailserver project, or the above complexcity-reduced? opensmtpd+dovecot).

NickA · March 27, 2021, 10:06pm

Looks like yunohost would also be interested to refactor their email-stack into a separate _ynh bash script configuration package, to make their email server optional.

Making the bash script helper library also work on freedombox could be a nice way to allow sharing a common email-stack-on-debian configuration package, and likely others more as well. (Maybe it can even provide for the “make it generic” bonus part.)

Peterc · April 12, 2021, 5:23pm

Hello All and Thanks,

One of the basic function for freedombox is to be ease of use. So the issue of reachability for a email server needs to be spoken about. For a email server set up there would need to be port forwarding to the email server if it was behind a NAT router, a majority situation. This would add a level of complexity that a user could find a hindrance to using freedombox email server.

Running a email over Pagekite.net is coming about and I may be wrong but email over a pagekite tunnel will not able to manage the MX records ?

So how is a email mail server going to be reachable if it behind a NAT router ?

Regards: peter

fliu · April 14, 2021, 1:51am

To send and receive emails over the Internet you will need full control over the email domain’s TXT record (which holds email authentication data) and MX record (which holds the domain names of your MTA). From what you wrote it seems like Pagekite does not allow you to set an MX record on their subdomains.

Dynamic DNS providers that may allow you to set these records:

DuckDNS (Q: can I use this for my email? A: yes…)
YDNS (allows you to specify a record ID, not tested)

Proposed setup, works in theory but untested:

Let’s say you have a Dynamic DNS domain peter.ddns.example.com and a Pagekite domain example.pagekite.net

Point the MX record of peter.ddns.example.com to example.pagekite.net, priority arbitrary
Make sure the SMTP(S) port of example.pagekite.net is Internet-reachable
(Optional) For additional security, deploy or enable DNSSEC on both peter.ddns.example.com and example.pagekite.net

Email 101: What happens when I send an email to hello@peter.ddns.example.com? (Highly simplified)

My email server: looks up the MX record of peter.ddns.example.com
Example DDNS: returns “example.pagekite.net 10”
My email server: looks up example.pagekite.net
PageKite’s DNS: returns an IP address of PageKit’s relays, say [241.97.83.5]
My email server: tries to establish a TLSv1.3 handshake with [241.97.83.5] on one of the SMTPS ports.
My email server: delivers email to your MTA.

Peterc · April 14, 2021, 10:56am

Hello @fliu and thanks,

So the DNS and MX issues can be resolved but.

Make sure the SMTP(S) port of example.pagekite.net is Internet-reachable,"

How can this issue be resolved when the freedombox user do not have access to their NAT router for port forwarding or they do not have the skills to do this task ?

I think I am correct in saying that the only ports that are accessible over pagekite.net is, ssh 22 and web 80, 443

Regards: peter

Jacob · April 14, 2021, 7:36pm

Well, the VPN that is hosted by FB does require you to forward a port. So it is not new that you need to forward ports to use FB full functionality.

Peterc · May 24, 2021, 11:48am

Hello All and thanks to Flynn GSoC21. Student,

Yesterday on the Sunday Mumble call Flynn was very supportive of having the email server on freedombox being able to work with the Tor network. It was said that Postfix will be the email server for freedombox.

Here a web link to a how to for Tor email and Postfix. SMTP over Hidden Services with postfix
The config page for the mapping of domain to .onion address could be on the config page for the email server on freedombox ?

Thanks Flynn and All, regards: peter