A few weeks ago, I moved back to self-hosting my mail server after using Purelymail for three years. The decision wasn’t about cost – it’s actually more expensive to rent a VPS – but about control, security, and data locality. My mails are now hosted in Europe, giving me more confidence in their privacy, and I can configure everything exactly as I want while ensuring compliance with GDPR.

I originally self-hosted my mail server during my student days. Back then, I enjoyed experimenting and tweaking my setup, but mail servers aren’t the best playground for that – especially when you need to reliably receive important emails. Eventually, I opted for a hosted service to simplify things and avoid the responsibility. At the time, I wasn’t certain about taking on the operational burden.

Now, several years later, I feel much more comfortable running my own mail server again. I regularly work with infrastructure-related tasks, deploying services on Kubernetes and managing cloud resources. This experience has made self-hosting easier. I actually self-host fewer services than I used to – Miniflux, for example, I now use as a hosted service – but for the services I do run, I feel confident in maintaining them properly.

What also helps is that I’ve become less adventurous in my setup. I briefly tested newer mail server projects like Stalwart and also eyed Maddy earlier, but there aren’t many online resources about these newer projects. After some local and short-lived server tests, I quickly decided to stick with a stable and well-established solution: docker-mailserver. It uses Postfix, Dovecot, Rspamd, and ClamAV – nothing fancy, just solid and widely used components. The first few days required some configuration adjustments, but every problem I encountered had a documented solution thanks to the large user base of these tools.

I also prioritize stability for the underlying system. My mail server runs on Fedora CoreOS, which requires minimal maintenance. I apply updates with rpm-ostree upgrade every few weeks and keep access secure by using Tailscale with SSH, eliminating the need to expose an SSH port on my Hetzner Cloud firewall.

All configurations are stored in a Git repository, ensuring they are versioned and easily reproducible. Backups are dealt with restic, pushing encrypted snapshots to an S3-compatible object storage. This setup is similar to how I manage my main VPS, which hosts my blog, Gitea, and Baïkal for contacts and calendars.

The world’s political landscape is shifting rapidly, and while I can’t predict the future, I feel more at ease knowing that I have full control over my email infrastructure. So far, the setup has been working smoothly, and I don’t regret making the switch back to self-hosting mails.