# What one should know if planning to start public mail service



## Belucci (Oct 26, 2014)

Since I have spare VPS and domains I'm considering to start offering free mail service.

1. Are there any risks associated with it? I suppose the biggest care will be spammers taking advantage of the smtp server, but I plan to set limit of mails per user per day. Are there other risks?

2. is it resource intensive? (web mail and imap, pop3, smtp)

3. What package you would recommend me to use?


----------



## Steven F (Oct 26, 2014)

Maybe, since you're not too knowledgable when it comes to e-mail, you should just host your own e-mail.


----------



## willie (Oct 26, 2014)

There is a subforum about running email services at emaildiscussions.com. 

Overall it seems like a big hassle because of likely user expectations, abuse from outgoing spam, dealing with filtering for incoming spam, etc.  Spam filtering (e.g. with spamassassin) is in fact relatively cpu heavy.  It might not be suitable for a small vps serving multiple users with domain wildcards or the like.


----------



## wlanboy (Oct 27, 2014)

Please don't offer one until you can ensure that no user of your server can send massive emails through your ip.


----------



## AlphaNine_Vini (Oct 27, 2014)

To provide a public email address wont be a good idea if you dont have enough staff to monitor threats on your network. Why you are looking public email address. There are already enough player in web space. For example Gmail, MSN and Yahoo! . It's better if you look forward to provide some niche services in email hosting. That will be a good out come for you. If you are just looking to make some good money from  Advertising. Then its not a good idea.


----------



## Belucci (Oct 27, 2014)

Actually I'm looking to provide it for free.

That's why I'm asking here to see if the hassle will be too much for me to handle.

So far most people are saying I shouldn't do it, but without providing solid arguments


----------



## wlanboy (Oct 27, 2014)

Belucci said:


> So far most people are saying I shouldn't do it, but without providing solid arguments


You should read the posts again.

To name four:


You will get at least 90% abuse which then leads to a termination of your server.
You will cause a lot of spam emails. Your IP will get blacklisted within days. Which then leads to a termination of your server.
You will get a lot of [email protected] mails. Lottery, identity theft, deception, child p....
You won't get a lot of real customers that like yourdomain.com as their email address.
We don't want to destroy your dream to become an email provider.

We don't want to not grant you something.

Hey we even provide (private use only).

We just want to protect you from a lot of trouble.


----------



## William (Oct 27, 2014)

Don't.


----------



## vRozenSch00n (Oct 27, 2014)

I agree with @wlanboy. That's why back in 2005 my free e-mail project only last for a month


----------



## Belucci (Oct 27, 2014)

I see and thank you for the concern, but won't limiting your user to some number of emails per day fix the spam issue?


----------



## drmike (Oct 27, 2014)

Belucci said:


> I see and thank you for the concern, but won't limiting your user to some number of emails per day fix the spam issue?


Yes limiting per hour and per day will deter the idiots and prove mostly not worth their time.

Common tactic employed in most places.


----------



## Belucci (Oct 27, 2014)

drmike said:


> Yes limiting per hour and per day will deter the idiots and prove mostly not worth their time.
> 
> Common tactic employed in most places.


Well how the non-idiots would go around it though?


----------



## willie (Oct 27, 2014)

Belucci said:


> Well how the non-idiots would go around it though?


Main thing is if it's a free service they will enroll 1000s of accounts and use each to the limit.  Forget about IP matching, they will use botnets.  Forget about captcha or confirmation to existing email, they have ways around that.  More free email services is the last thing anyone needs, especially with advertising involving scanning email content.  It's not only annoying and invasive to the person seeing the ads--it invades the privacy of the person sending the email (who never signed up with the service), to have it scanned for advertising purposes.  I hate sending mail to gmail accounts for that reason.

If you want to run an email service, make it like mxroute or fastmail, i.e. zero advertising, high emphasis on privacy, and charge money for it.


----------



## Belucci (Oct 27, 2014)

There won't be ads.

I need to figure out how to keep the spammers away then


----------



## willie (Oct 27, 2014)

Belucci said:


> There won't be ads.
> 
> I need to figure out how to keep the spammers away then


No fees and no ads = no revenue = no sustainability = no thanks.  People who sign up for email and give out their addresses don't want the address to stop working when the operator gets bored.  I like mxroute.com's approach where you have to bring your own domain.  If you did it like that, it might be more interesting.


----------



## raindog308 (Oct 27, 2014)

willie said:


> No fees and no ads = no revenue = no sustainability = no thanks.


This.  You will start it, it will become a hassle, you will drop it.  Like a hundred high school kids before you.

And what exactly are you going to offer that a hundred other free email providers don't already offer?  I can get a bajillion free email addresses.  The only people who will be interested in your service are spammers.

Think up something new and don't waste your time being the 1,000th copy of something.


----------



## Belucci (Oct 28, 2014)

Who the fuck is asking you about that?

How about you don't worry about this and if you don't have something relevant to the thread go preach your unasked for advices to someone that cares?


----------



## Darwin (Oct 28, 2014)

You need to cool off a bit.

He was giving real advice, not being a jerk. Btw, if you are not prepared to have an idea criticized, you shouldn't have post it.

Don't forget what wlanboy wrote:



wlanboy said:


> We don't want to destroy your dream to become an email provider.
> 
> We don't want to not grant you something.
> 
> ...


----------



## Belucci (Oct 28, 2014)

So, when you ask for apples and they give you oranges that's still a real advice? 

I'm well prepared for relevant criticism. What they do is irelevant and simply stupid.

Also take a look at the 3 simply put and well structured questions in the OP

How many posts here are actually addressing any of them? Yeah a couple, and just 1 of the questions.

The rest is crap.


----------



## Aldryic C'boas (Oct 28, 2014)

You've received plenty of helpful advice and warnings.  You simply don't want to hear what they are saying.

Here's a dead-on reason why you shouldn't:  In you opening post, you asked questions that made it quite obvious you've never been an actual sysadmin.  No experience dealing with public services, no experience with the various services/daemons needed and what resources they'll consume.  You are missing vital knowledge necessary for running a public-accessible system, let alone one as important and intricate as email.

My advice to you would be hosting your *own* email first.  Then spend some time in the employ of a company that frequently deals with more relevant issues - such as security and privacy (two very important topics you didn't consider).  Once you have a bit of experience under your belt, and are willing to invest a good deal of time into learning, then you can consider a public hosting project.


----------



## Belucci (Oct 28, 2014)

Yeah the thing is those are things I will decide on my own and don't really need advice on.

I need advice on the technical part, more specifically the fuckin 3 things i asked about.

Everything else about how I should live my life is not for you guys to give advice on.


----------



## Aldryic C'boas (Oct 28, 2014)

And you have pretty much just guaranteed that you won't get help now.  Plenty of folks have offered constructive, helpful advice - and throwing a tantrum is how you respond.  Technical skills (which you lack) can be learned, but the punishing lack of maturity will be the downfall of nigh anything you attempt until you get that chip off of your shoulder.

But let's take this from a different approach - I'll be happy to help teach you what you need to know for your project.  My rates start at 120$/hr, billed in half-hour increments.


----------



## zzrok (Oct 28, 2014)

Aldryic C said:


> Technical skills (which you lack) can be learned, but the punishing lack of maturity will be the downfall of nigh anything you attempt until you get that chip off of your shoulder.


This times 1000.  You came here for advice from people ostensibly more knowledgeable than you, but you refuse to accept any of it.  I can't figure out why you posted here, since you seem to know everything already.


----------



## wlanboy (Oct 28, 2014)

Belucci said:


> Yeah the thing is those are things I will decide on my own and don't really need advice on.
> 
> I need advice on the technical part, more specifically the fuckin 3 things i asked about.
> 
> Everything else about how I should live my life is not for you guys to give advice on.


To topic 1:

I allready wrote everything about this topic.

Others too - so their responses were not off topic at all.

To topic 2:

It is. The whole discussion can be found on my 

To topic 3:

As stated in my tutorial: Ubuntu meta package: "dovecot-postfix".

Or go the long way to a Postfix, Dovecot and Roundcube setup: "postfix postfix-mysql dovecot-core dovecot-imapd dovecot-pop3d dovecot-lmtpd dovecot-mysql mysql-server dovecot-sieve dovecot-managesieved"

Configuration: Read my tutorial.

Domain settings: Read my tutorial.

Securitry: At least read my tutorial (and optional chapter #13)

But please first try to host your own email server to check if everything is right. (with a domain name you don't want to use later)

Afterwards ask friends to do bad stuff.

See if your monitoring kicks in.


----------



## raindog308 (Oct 28, 2014)

Belucci said:


> Who the fuck is asking you about that?
> 
> How about you don't worry about this and if you don't have something relevant to the thread go preach your unasked for advices to someone that cares?


I guess someone didn't like being outed as a 14-year-old.


----------



## Belucci (Oct 28, 2014)

Thanks to wlanboy


----------



## wlanboy (Oct 28, 2014)

@Belucci maybe you should choose other words to express your feelings.


----------



## Belucci (Oct 28, 2014)

nah, those are good


----------



## tonyg (Oct 28, 2014)

@Belucci - way to go there dude! Nice display of total lack of self control and discipline.


----------



## HalfEatenPie (Oct 28, 2014)

Belucci said:


> Since I have spare VPS and domains I'm considering to start offering free mail service.
> 
> 1. Are there any risks associated with it? I suppose the biggest care will be spammers taking advantage of the smtp server, but I plan to set limit of mails per user per day. Are there other risks?
> 
> ...



1. Yes.  Major risks.  Simply placing a limit on mails per user per day is NOT enough to combat this.  You're assuming setting this and letting it go would be fine.  It's not.  You need to take more proactive measures against this.  You're going to assume "this is good enough" but seriously, when it comes to security and mail, even the smallest hole can screw you over.  *This is what everyone else is stating*.  *You have no actual background knowledge on this and you want to provide a public service.  You're going to do more harm than good, people here are trying to prevent that and instead provide you an opportunity (or more like a thought) to first test out your skills on a smaller case study before moving on to the big fish.  This is probably the most logical thing to do.  Just because it's free doesn't me it should be done in a crappy manner.  Look how that panned out for ZPanel.  *

2. Depending on volume, yes.  Look at @wlanboy's tutorials and posts.

3. Look at @wlanboy's tutorials and posts.

Look, the people who have already posted here are incredibly intelligent and have skills many companies would love to hire.  A large percentage of the people here actually work on systems like this as their full-time gig.  Don't just wave them off because they disagree with your opinions.  It's best to have an open mind and to approach it from a different angle.  Another spam server becomes another pain in the ass for the provider (dealing with dirty IP and spammer) and for the spamees (having to deal with another server sending out spam, more than likely going to just simply block your entire server).  

And then there's no point in having a "free email server" if the majority of your emails aren't accepted anywhere.


----------



## Belucci (Oct 29, 2014)

HalfEatenPie said:


> 1. Yes.  Major risks.  Simply placing a limit on mails per user per day is NOT enough to combat this.  You're assuming setting this and letting it go would be fine.  It's not.  You need to take more proactive measures against this.  You're going to assume "this is good enough" but seriously, when it comes to security and mail, even the smallest hole can screw you over.  *This is what everyone else is stating*.  *You have no actual background knowledge on this and you want to provide a public service.  You're going to do more harm than good, people here are trying to prevent that and instead provide you an opportunity (or more like a thought) to first test out your skills on a smaller case study before moving on to the big fish.  This is probably the most logical thing to do.  Just because it's free doesn't me it should be done in a crappy manner.  Look how that panned out for ZPanel.  *


What I hate is that everyone is saying this but no one actually gives an suggestion on what else to implement to combat the spammers.

I mean this is a tech forum and one would expect to the point and relevant answers not being philosophical about life in general.

Yeah I don't have the knowledge to run this yet and that's why I'm asking!

But you can't gain knowledge with 90% of the answers here. They are more like, you don't know that shit, better give up right away. Yeah right. So, concstructive.

Of course that before it's open to the public it will be built for myself and tested, but still one gotta know the answers of those questions.

Seems the only thing of value here is the links to those tutorials and I'll read them, but all the posts with general advice of the kind, "Well man you don't need those oranges, here are apples instead. "  are useless and annoying.

And when you confront those people, they are all like, you are immature, grow up.

Well here are the news for you smartasses, when you act like an ass i'll be there to confront you, yeah I will use the language too.

We use that language in our every day life, but when one says fuck it on a forum, suddenly it's a major issue.....come on don't be that hipocrite.

If you never sweared in your real life then come at throw rocks at me. Fuck.


----------



## HalfEatenPie (Oct 29, 2014)

Belucci said:


> What I hate is that everyone is saying this but no one actually gives an suggestion on what else to implement to combat the spammers.
> 
> I mean this is a tech forum and one would expect to the point and relevant answers not being philosophical about life in general.
> 
> ...


It doesn't matter about swearing.  It's simply being a dick when you're asking people for help.  You ask people for help.  They offer you help.  Granted many were in a different format or different way than you expected but hell, they took the time out of their day to write it for you.  

And then you curse at them.

Yep...  You're a real swell guy.


----------



## Belucci (Oct 29, 2014)

Here is how they tried to help me.

Excuse me for not appreciating useless, irelevant help.

Yeah they wasted their time to waste mine as well.

Those are the facts.

I thanked to the one that actually provided the relevant help.


----------



## raj (Oct 29, 2014)

Soooo instead of your own education and experience teaching you the foundations for your free mail service, you wanted to be hand fed all the information that vpsboard.com's working professionals have worked for over time.  Sorta like "hey new person to the forum, here's all the trade secrets I've learned in my tenure as a sysadmin".  And when they didn't do that, you're butt hurt?


----------



## zzrok (Oct 29, 2014)

Here is an analogy to explain our perception of your request.

You came into a mountain climbers forum and asked how to climb Mt. Everest.  The experienced climbers of the site noticed from the questions you asked that you are a novice hiker at best.  They wisely suggested that you start by climbing a smaller mountain so that you can eventually work up to Everest after a lot of training.  You whined like a baby that you should be able to climb any mountain you want and everyone else should bend over to help you even though you will probably die trying.  Then you started calling everyone names.


----------



## Belucci (Oct 29, 2014)

Eat shit and die bitchez


----------



## HalfEatenPie (Oct 29, 2014)

User has been suspended for 7 days for obvious reasons, most recent one I'll quote:



Belucci said:


> Eat shit and die bitchez


----------



## sleddog (Oct 29, 2014)

The only way (IMO) a free email service makes any sense is to offer it as an add-on service to known-good, existing clients who are already paying you significant amounts of money.

Even then, it can be painful, because your service needs to be at least as good as Gmail or people will complain.


----------



## Aldryic C'boas (Oct 29, 2014)

Quite honestly, people like him are why I rarely reach out to offer help anymore.  It's just so damn disheartening to try and help someone learn and succeed, and all they bring to the table is a shitty attitude and a demand that all the work be done for them.


----------



## MartinD (Oct 29, 2014)

How did I miss this grade-a moron?

I feel ashamed


----------



## RLT (Oct 29, 2014)

It's the McDonalds complex. Fast and easy without having to do any work or thinking at a minimal cost.


Sadly he won't understand that setup is the easy part. The continuous up keep is the killer.


----------



## raindog308 (Oct 29, 2014)

Aldryic C said:


> Quite honestly, people like him are why I rarely reach out to offer help anymore.  It's just so damn disheartening to try and help someone learn and succeed, and all they bring to the table is a shitty attitude and a demand that all the work be done for them.


Aldryic, how can I increase my alcohol tolerance?

Can you help me?


----------



## HalfEatenPie (Oct 29, 2014)

raindog308 said:


> Aldryic, how can I increase my alcohol tolerance?
> 
> Can you help me?


Careful.  He'll probably have you start off by chugging a handle of tequila.  Straight. 

After that, a bottle of 151 and Everclear.  

And then illegal moonshine...


----------



## RLT (Oct 30, 2014)

If it don't burn blue it's not worth drinking.


----------



## Aldryic C'boas (Oct 30, 2014)

raindog308 said:


> Aldryic, how can I increase my alcohol tolerance?
> 
> Can you help me?


Sure, come visit me in south Louisiana a couple weeks   My daily routine could drown an Irishman >_>


----------



## nunim (Oct 30, 2014)

I wouldn't even want to host my own personal email as the amount of work required to achieve the results is huge.

I feel that Email is the most finicky service we use today due to everyone using a different blacklist/spam detection filter and the most complicated to maintain as instead of server->client like HTTP,  it's client<->server<->server<->client.  

Plenty of free email providers out there right now that offer a solid service.

I hope you enjoy making friends with every abuse desk op as you're going to spend a ton of time getting yourself off blacklists.  Since your don't have your own IP space, your provider will likely tire of you quite quickly... Maybe go to ColoCrossing? Although they're already blacklisted..


----------

