# Falling off the Grid



## Aldryic C'boas (Aug 5, 2013)

Over the past couple of months, I've been slowly moving all of my services that were previously hosted by third parties (Google, etc) on to self-hosted solutions. Partially to be more cost effective, and primarily due to just how invasive some of these services are becoming. I think the straw for me was an email from a family member I was reading that mentioned a chiropractor; shortly after I started seeing a large number of Google Ads for chiropractors in what they thought was my locale. I don't mind having targeted ads based on the browsing history I voluntarily allow them to collect - but this is getting a bit ridiculous.


So, I started reducing just how reliant I was on their services (going to keep using Google as my example), as well as bringing more of my data 'in house' and off of third party servers. I started with ditching Chrome (which has been annoying the hell out of me with the memory leaks anyways), and decided to give Mozilla's Aurora project a try (tl;dr - a very beta, constantly updated Firefox). I'm very much reliant on sync services, so I was thrilled to learn that Mozilla not only offers their Weave (self-hosted Firefox sync) publicly, but makes it very easy to setup and run. So that's one down.


Next on my list was media sharing/music/etc. Google Drive/Music was my default for this, simply due to how convenient it was, especially with an Android phone. As an alternative, I'm now running self-hosted Owncloud and Subsonic (freaking in love with Subsonic now) services. Both fully compatible with pretty much any OS, as well as Android. Indeed, Subsonic has me inspired to make a new home media system, but that's a topic for another day. So, two more down.


Given the blatant disregard for privacy, one of the things I always disliked was using Google to store contacts and calendar/schedule items. Thankfully, with a little help from CardDAV and CalDAV, Owncloud takes care of this little issue as well.


My next step is email, and this is where I'm pausing a bit. I currently use Google Apps, which has been decent enough (aside from none of it being truly private... and no, I've never used their services for truly confidential information). I don't mind setting up dovecot/postfix/etc, but to be honest I just don't have enough time to keep everything in smooth working order. I've been looking at various panel-like solutions (including *shudder* Zimbra, but only if I could forgo the front end) such as ISPConfig, but honestly have zero experience with "Do it for you" setups.


So, I told you all that to ask you a question. Do you host your own email service? Is there a decent panel you might recommend? I'm partial to SQL over flatfile (for storing account/domain info), but I'm not overly picky at this point.


----------



## KuJoe (Aug 5, 2013)

My advice is look at getting a cheap Synology NAS. It's basically a Google replacement and handles everything from streaming content to e-mail to file replication/syncing.


I have a DS110j and love it.


http://www.synology.com/dsm/dsm_app.php?lang=us


----------



## Aldryic C'boas (Aug 5, 2013)

Looks fairly nifty... is this something self-hosted, or do you have to use their services? (To clarify, I'm doing self-hosted at BuyVM obviously.. Fran and bz are family, and I know for certain that my stuff there is private.) I'm leery about using hosted solutions outside of my own home and BuyVM, since that's pretty much defeating the purpose of having full control over my data.


----------



## KuJoe (Aug 5, 2013)

It's all self hosted. They do provide a free Dynamic DNS service that I use for home though.


----------



## KuJoe (Aug 5, 2013)

I just noticed they have a package for High Availability now. I might pick up another to play with. I like that in the event of an emergency I can pick it up and take it with me.


----------



## Aldryic C'boas (Aug 5, 2013)

Ah, cool deal. I'll definitely look more into that - thanks :3


----------



## KuJoe (Aug 5, 2013)

The android apps are nifty also. The DS112s look even better with a faster CPU.


----------



## acd (Aug 5, 2013)

I've heard more and more people trying to attempt this recently, especially in buyvm circles. The problem I have is that integration is really hard! The synchronization features offered on my android are really good which makes it extremely difficult for me to step away from it to a self-hosted solution.

To answer the question though, I do self-host email (at buyvm NY actually). I use postfix+mysql w/ courier-imap, though only because I haven't messed with dovecot. tbh, if I had to do it over, I would do it in sqlite3 specifically because it doesn't need an external process running to receive and deliver mail (making it higher reliability at the cost of secure integration with your perl cgis, etc). I have also yet to find a panel based solution that handles things nicely. I've messed around with ldap+krb5 based auth because it allows SSO w/ basically anything else that is written by serious people but I've yet to hammer out a solid config for it (my understanding of ldap and x.509 is really insufficient for the project). Debian configuration for SPF-verification and DKIM is actually pretty easy. Spam and virus filtering can get expensive though, even on the 512MB I've got it running on. Clam-av has a tendency to fall down which tanks your postfix pipeline in a non-obvious way to external monitoring, at least in my config. I wouldn't run a high load mail server the way I have it set up, nor one that needs multiple administrators, but for just me, it's more than sufficient.

If owncloud or someone using a sane programming language ( ) made a debian-based "federated new-gapps" distribution, I would be all over it. Bring your own 512MB server, a domain name & go... Well, I can dream anyway.


----------



## xmob (Aug 5, 2013)

SOGo plus z-push (sogosync) for me. Mail, CalDAV and CardDAV all in one.


----------



## notFound (Aug 5, 2013)

I've pretty much taken most of the steps Ald has done for pretty much the same reasons but after searching am still to find an alternative for self-hosted e-mail. I have a manual dovecot setup but it's a pain in the arse tbh, for some reason I can set it up for clients fine but when you're using it yourself day to day it's much easier to have a panel like thingamajig.

I like those Synology NAS thingamajigs but hosting e-mail off my home connection is probably the dumbest thing I could do, this IP is fixed to my MAC address on the modem but it's in all sorts of blacklists and I can't change rDNS etc., and it cuts out all the time.


----------



## acd (Aug 5, 2013)

Infinity, a couple perl/python/shell scripts to manage users/virtual emails go a long way to ease the pains of management. For me, setting up a new virtual domain is a one-liner using mysql to manage domains, as is user-to-virtual email mapping. I expect it'd take you a few hours tops to get to a similar position if you already know how to do the management steps on the CLI.

You may want to consider setting up a backup MX that forwards to your local one and set it as your primary outgoing smtpd. Since you have a static IP, if you aren't too worried about security, you can probably just set your home IP as an allowed relay-from address and not require authentication. It would probably take you all of 20 minutes on any smtpd.


----------



## Leyton (Aug 5, 2013)

For email, I've found that Axigen is a rather nice solution for an easy install, and control panel. Yeah, the webmail interface is a little horrid - but you can easily swap that out for Horde or RoundCube.


Only downside for the free version are the account limits. But, if you're not using thousands of email accounts, I think the values are fairly reasonable.


----------



## wdq (Aug 5, 2013)

I've been essentially doing the same sort of thing as you over the past few months. I have always disliked how all of the tracking works. When I heard that Google Reader was going away I switched to Tiny Tiny RSS and ever since I've been moving more and more things over to that same server.

For email I've been using Atmail for the past month. It looks good, and works. It's not very affordable though.


----------



## drmike (Aug 5, 2013)

Add me to the abandonment party.   I long ago ditched using big email providers for anything of importance.  Then again, absent crypto and avoiding users on those honeypot systems, you are joining the monitoring pool just by interacting with one of their 'USERS'.

In fact, I think most people are ADDICTED to these cheap, know-nothing systems.   Chemical dependency if I ever saw one.

For me:

1. File storage - never used the cloud stuff, but disturbed when I saw random files from Gmail stuffed in their Drive or whatever from years back.  No thanks.     All my files live in SSHFS accessible storage here and there on dedicated servers usually.   Owncloud I just started tinkering with and it's alright, but frankly, I don't see the big deal with it, so far.

2. Email - Still have throwaway mega mail service accounts--- but they are dust bins mainly.   Real accounts are scattered amongst various Cpanel hosts.

3. Backups -  Buying more drives for local use.   Backups in house more than ever now.  Remote backup for the online and must have stuff on a dedicated server that is sliced into virtual pieces.

4. IM  - I hardly use it except when working with someone actively.  Jabber server running on dedicated server.

5. VOIP - Google Voice was nice and free and voice printing everyone plus recording/converting to searchable text.   No F'N thanks.  Threw up a Magicjack for now, but I trust them only 1% more.  Scratch that, I don't trust them.  Heading to a small no frills VOIP provider who isn't big enough to be mixed up with paying tariffs, 911 fees, etc.

I am done with Google even if that means half the net doesn't work for me.   Microsoft I've long been done with.   Search is Duckduckgo and Startpage.

Social media, screw that honeypot, I don't do that stuff or Facecrook.  So banning those locally on DNS basis is what I am doing to stem leakage to them.  Ditto for Google and Bing.

For online maps, liking Nokia.  

Mind you, it is the big companies that the feds/spooks target/partner with.   It is all about scale.  If you stay away from those entities life sails much smoother.  Mind you the other end of the spectrum, the very small privacy oriented providers who are very vocal are just as dangerous and fed targets for other obvious reasons.  It's the slim middle ground to stay in.  New, semi viable companies that are growing.   At some point you will need to abandon them too though.  Popularity will ensnare them -- either cooperate with the feds or get put out of business.

What we collectively need is a roadmap of alternatives to these idiot corporatists and their spyware.  We also need a bundle of how-to's for common outsourced services so folks can set up their own (i.e. email, IM, Owncloud, etc.)


----------



## shawn_ky (Aug 5, 2013)

May want to check out ZPanel (http://www.zpanelcp.com/). It is an open-source hosting solution that has been recently updated with a nice theme.  It has a lot of built-in features including email using dovecot, postfix and all the other frills + the normal hosting solutions. Run it in-house if you want and it would keep it as secure as you are. 

Subsonic?  might need to look at that.


----------



## mikho (Aug 5, 2013)

I've spoken to two of my customers how have tried zimbra and both hate it for various reasons. One is actually switching back to MS Exchange and the other would change to something else if there was money to do it.


Both customers migrated from already existing solutions to zimbra and they have no knowledge with Linux and by the looks of it, neither did the consultants how did the migration.


----------



## drmike (Aug 5, 2013)

shawn_ky said:


> May want to check out ZPanel (http://www.zpanelcp.com/). It is an open-source hosting solution that has been recently updated with a nice theme.  It has a lot of built-in features including email using dovecot, postfix and all the other frills + the normal hosting solutions. Run it in-house if you want and it would keep it as secure as you are.


How is the Zpanel install process?  See support for Ubuntu, but no Debian....


----------



## clarity (Aug 5, 2013)

Has anyone use this? It comes with a panel just for the mail accounts.

http://www.iredmail.org/


----------



## shawn_ky (Aug 5, 2013)

I use Centos, so out of the box works... Should be the same for the others and I think they were waiting on Dovecot 2... Here is a link to  someone who has the script. http://forums.zpanelcp.com/thread-6983.html?highlight=DEBIAN I am sure if this is here, then an official installer will be made shortly.  I'll PM the guy to get it for you...


----------



## sleddog (Aug 5, 2013)

Aldryic C said:


> Do you host your own email service? Is there a decent panel you might recommend?


Yes, approximately 150 clients at last count.

All panels suck.


----------



## drmike (Aug 5, 2013)

dclardy said:


> Has anyone use this? It comes with a panel just for the mail accounts.
> 
> http://www.iredmail.org/


I tried iredmail 6 months ago (roughly).  Didn't install right.  Tried multiple times in different environments.  Others report success with it, but unsure if in the past or current.


----------



## happel (Aug 5, 2013)

Zpanel has a bad track record when it comes to security. I even recall one of the developers stating security wasn't relevant or something like that.


I moved away from Google services a few years back.


- owncloud for caldav/carddav


- postfix/dovecot/opendkim/dspam for mail (plain mysql for managing)


only I haven't found a satisfactory alternative for is dropbox..


----------



## WebSearchingPro (Aug 5, 2013)

http://www.indiegogo.com/projects/mailpile-taking-e-mail-back

Looks pretty awesome

https://github.com/pagekite/Mailpile


----------



## Francisco (Aug 5, 2013)

Zimbra.


----------



## wdq (Aug 5, 2013)

mikho said:


> I've spoken to two of my customers how have tried zimbra and both hate it for various reasons. One is actually switching back to MS Exchange and the other would change to something else if there was money to do it.
> 
> 
> Both customers migrated from already existing solutions to zimbra and they have no knowledge with Linux and by the looks of it, neither did the consultants how did the migration.



I spent a week with Zimbra and thought it was alright, but the web interface kind of sucked so I didn't stick with it. 



dclardy said:


> Has anyone use this? It comes with a panel just for the mail accounts.
> 
> http://www.iredmail.org/


I tried installing iRedMail at one point. RoundCube is really nice, but the free administration tools are very limited. The paid version might be a little more worthwhile.


----------



## Maximum_VPS (Aug 5, 2013)

dclardy said:


> Has anyone use this? It comes with a panel just for the mail accounts.
> 
> http://www.iredmail.org/


We use this , had a backup mishap early on and swore it off only to go back things are fine now, but ease of use is A+.


----------



## Mun (Aug 5, 2013)

Roundcube maybe?


----------



## drmike (Aug 5, 2013)

Mun said:


> Roundcube maybe?


The issue @Mun isn't the webmail interface.   Most folks trying to roll their own mail never make it anywhere near that end point.


----------



## shawn_ky (Aug 5, 2013)

happel said:


> Zpanel has a bad track record when it comes to security. I even recall one of the developers stating security wasn't relevant or something like that.


It was one of the volunteer tech support guys (going through some bad things in life) that responded to a security analyst (who in the support techs defense, was extremely rude and belittling).  All issues were addressed immediately, tech stripped of his role, etc, etc. made it over to reddit even, so was pretty serious.

Needless to say, a lot of improvements and enhancements went into 10.1.0. Don't want to use it? Go ahead and let it setup the mail servers and remove what you do not want. Or use it personally. I like it. Working on a module now to extend someone else's module for webmail. I like to have options.  Using the default, you have RoundCube. With the module it adds,  AtMail, HastyMail2, AfterLogic mail, Squirrel Mail, and Iloha Mail.


----------



## perennate (Aug 5, 2013)

I run a personal mail server, use it for all of my domains. Running Postfix, with Dovecot for IMAPS. Simple install with system users (since all the mail accounts are trusted, have shell access anyway), also runs with DKIM (opendkim), basic antispam (amavisd-new/spamassassin -- although I have it just marking ***SPAM*** instead of blocking spam since it started blocking legitimate mail), backup mail server (postfix also, not really needed though since any mail senders will retry if first connect fails). Oh and mailman for some mailing lists.

Don't use a panel, a script to make install easier would be nice though.

Used to have some problems delivering mail (over relay server, since mail server is running on residential connection), but now it's fine. Actually only ever had problems with Hotmail, which no one ought to use anyway.


----------



## HalfEatenPie (Aug 5, 2013)

See...  My trust with ZPanel left after the founder/owner stated that he wasn't interested in security (and he expressed that by stating (I don't recall the exact words) "What do you expect from a free software that we donate our time to?").  Now I read over everything the security analyst you're speaking of wrote and from my understanding initially when he asked diplomatically his concerns were basically brushed off as in "I know better and you're wrong" and then immediately "It's a free software, what do you expect".  When he pursued it more aggressively that's when the development team (from my perspective) took his concerns more seriously (now the hacking just happened when another individual saw the opportunity).  

Maybe they fixed that initial problem, but I still can't trust ZPanel at all.  It's not the software but the people I have an issue with (and kind of why I don't have any interests to recommend the software).  No offense to you @shawn_ky, just wanted to share my opinions of ZPanel.  I do hope they don't have this self-entitled thought of themselves.  I mean it's as bad as curtisg showing his code and stating "it's just a small piece anyways, what do you care?  It's free work anyways!" when criticism about it's security is made.  

Of course, I am also a guy who writes pretty crappy code (can't write secure code to save my life) and should not be allowed near a compiler, so take what I say with a grain of salt.  

*Edit:* bringing this back to the topic of discussion, ownCloud has always been a pain in the ass for me to handle at times.  I mean sometimes it works and sometimes it just fights with me every step of the way.  It's like PMSing every other day.  Entire reason why I ended up sticking with dropbox.


----------



## jarland (Aug 5, 2013)

Maybe do a little reading about lavabit.com. Some recent press in favor of their security, trusted by none other than the guy currently evading the NSA. From what I gather, made by a couple guys in Dallas who wanted true privacy and security.


----------



## wdq (Aug 5, 2013)

HalfEatenPie said:


> *Edit:* bringing this back to the topic of discussion, ownCloud has always been a pain in the ass for me to handle at times.  I mean sometimes it works and sometimes it just fights with me every step of the way.  It's like PMSing every other day.  Entire reason why I ended up sticking with dropbox.



I have also never quite gotten ownCloud to work properly. Recently I have been using BitTorrent Sync with the combination of SFTP for my file syncing needs. It's not really an all in one solution, and BitTorrent Sync still has some issues, but it seems to work more reliably than ownCloud for me.


----------



## perennate (Aug 5, 2013)

wdq said:


> I have also never quite gotten ownCloud to work properly. Recently I have been using BitTorrent Sync with the combination of SFTP for my file syncing needs. It's not really an all in one solution, and BitTorrent Sync still has some issues, but it seems to work more reliably than ownCloud for me.


What about NFS?


----------



## wdq (Aug 5, 2013)

perennate said:


> What about NFS?


My upload speed at home isn't very great so having something that syncs performs a lot better than something that runs directly off of the server.


----------



## drmike (Aug 5, 2013)

jarland said:


> Maybe do a little reading about lavabit.com. Some recent press in favor of their security, trusted by none other than the guy currently evading the NSA. From what I gather, made by a couple guys in Dallas who wanted true privacy and security.


Lavabit has long tempted me.  They sorely need to update their site and raise the packages some:



> All of the Lavabit servers use CentOS 4.8. The application servers are Dell PowerEdge 1650s with dual 1.4 GHz Pentium III processors, 4 GB of RAM and 36 GB SCSI hard drives. The database servers have dual Opteron 246 processors with 8 GB of memory and six 146 GB SCSI drives in a RAID 5 configuration. The storage servers have dual Opteron 242 processors, 2 GB of RAM, a 36 GB SATA boot drive, and 12 250 GB SATA drives in a RAID 5 configuration. The load balancer is an Alteon AD4. For our network, we use unmanaged Linksys gigabit switches.


----------



## drmike (Aug 5, 2013)

wdq said:


> I have also never quite gotten ownCloud to work properly.


This might be the ticket for easiest Owncloud install, where you have your own virtualized environment or are running your own full server.

Turnkey Linux has a ready rolled install:

http://www.turnkeylinux.org/owncloud


----------



## KuJoe (Aug 5, 2013)

Also throwing this out there in the event you have your own hardware to use and want something free: ClearOS

I install this on every one of my ESXi hosts as a simple virtual gateway but it can do a lot more if you want it to. I'd still go with Synology if you have the money for the hardware + drives but if you want to go the cheapest route, ClearOS will run on any old PC you have laying around or you can even virtualize it.


----------



## HalfEatenPie (Aug 5, 2013)

Yep.  Our house's internal network was managed by ClearOS.  While it did work I wouldn't say I 100% enjoyed the experience.


----------



## Aldryic C'boas (Aug 5, 2013)

Francisco said:


> Zimbra.


Where's that 'Fuck You' button >_>

Thanks for all the suggestions folks... even if only a handful were the actual panels I was asking about   I suppose I'll just stick with the ol' manual setup for now.


----------



## bzImage (Aug 5, 2013)

Aldryic C said:


> Where's that 'Fuck You' button >_>


In the ass with a rake.


----------



## shawn_ky (Aug 6, 2013)

HalfEatenPie said:


> See...  My trust with ZPanel left after the founder/owner stated that he wasn't interested in security (and he expressed that by stating (I don't recall the exact words) "What do you expect from a free software that we donate our time to?").  Now I read over everything the security analyst you're speaking of wrote and from my understanding initially when he asked diplomatically his concerns were basically brushed off as in "I know better and you're wrong" and then immediately "It's a free software, what do you expect".  When he pursued it more aggressively that's when the development team (from my perspective) took his concerns more seriously (now the hacking just happened when another individual saw the opportunity).
> 
> 
> Maybe they fixed that initial problem, but I still can't trust ZPanel at all.  It's not the software but the people I have an issue with (and kind of why I don't have any interests to recommend the software).  No offense to you @shawn_ky, just wanted to share my opinions of ZPanel.  I do hope they don't have this self-entitled thought of themselves.  I mean it's as bad as curtisg showing his code and stating "it's just a small piece anyways, what do you care?  It's free work anyways!" when criticism about it's security is made.
> ...


No offense at all... I've only used it a short time and at this point nothing mission critical. If I move forward it would have to be with CPanel + whatever solution for VPS.  I think, and just my opinion, that language barrier comes into play a lot there... I see a lot of abrasiveness at times but believe it more culture or translation that anything. I'm not a coder either... Not secure at least. So in the same boat.


As far as OwnCloud, latest version seems A LOT more stable.


----------



## KuJoe (Aug 6, 2013)

Just setup the mailserver on my Synology NAS and it was the most painless process I've ever experienced. It uses Roundcube for the web client, but I setup IMAPS and SMTPS on my Android phone so I don't think I'll need the web client much (but it's nice to use on my home PC). Only issue I am having is when I am connected to WIFI I need to use the IP for my NAS, off WIFI the FQDN works fine. Weird.

Additionally, I am disappointed to see SpamAssassin in there instead of ASSP.


----------



## Tux (Aug 6, 2013)

I've been falling off the grid for a while. I started by using DuckDuckGo.

Now, I'm diversifying the proprietary services I've been using. I've gone from using Gmail to my own mail server setup on my RamNode VPS. I also have a OwnCloud instance on it that I'm migrating over to my Backupsy VPS.

Next up: Installing CyanogenMod on my Nexus 7 (to remove vestigial traces of Google apps on the thing) and getting OwnCloud+Firefox for Android+Firefox Sync working.


----------



## Francisco (Aug 6, 2013)

Aldryic C said:


> Where's that 'Fuck You' button >_>
> 
> Thanks for all the suggestions folks... even if only a handful were the actual panels I was asking about   I suppose I'll just stick with the ol' manual setup for now.


It's called the "Thank you" button on these forms sir.

You're confusing VPSB with CC's ticketing system again.

:3

Francisco


----------



## happel (Aug 6, 2013)

KuJoe said:


> Only issue I am having is when I am connected to WIFI I need to use the IP for my NAS, off WIFI the FQDN works fine. Weird.


This is a limitation of many home routers, I forgot the specifics but sometimes there's an option in your router settings which you need to enable.

edit: http://serverfault.com/questions/26845/unable-to-connect-on-natted-server-from-a-host-computer-on-the-same-lan-using-pu/26851#26851


But it works fine out of the box with my openwrt router, but I recall I needed to activate some 'triangle-blahblah'-option when I was using the router of my ISP.


----------



## peppr (Aug 6, 2013)

Am surprised no one mentioned Zarafa ( http://www.zarafa.com/ )

Its opensource and a drop in exchange replacement ( with outlook support ! ) and comes with collaboration ( active sync support) . the community a.k.a free version doesnt support HA, and outlook support is limited to 3 users. 

demo here : https://demo.zarafa.com/webapp/

Am using it for some community projects and for our internal mail server at office ( mail cannot be routed outside the local network and such.. ) and it works perfectly and is adapted by most people without any hiccups.


----------



## KuJoe (Aug 6, 2013)

happel said:


> This is a limitation of many home routers, I forgot the specifics but sometimes there's an option in your router settings which you need to enable.
> 
> 
> edit: http://serverfault.com/questions/26845/unable-to-connect-on-natted-server-from-a-host-computer-on-the-same-lan-using-pu/26851#26851
> ...


I tried some iptables suggestions from DD-WRT's forum but no dice. It looks like I'll be moving my NAS to a data center anyways since port 25 is blocked by Comcast.


----------



## stim (Aug 6, 2013)

Some good suggestions above that I should explore.

In the past month I have moved my business from MS to Linux without any major headaches. I tried a lot of distributions, but the outright winner was Crunchbang Linux. It's a absolute joy.

I've mostly replaced *Dropbox* with BTSync. Though I still use dropbox for public sharing. I have installed owncloud and will be using that instead. BTSync is so incredibly useful. 

*Evernote* is next. Nevernote looks like a viable replacement, though I'm working on a DIY-replacement. Of course, without some of the nice features, but then I rarely use them. I just need a good clipper and a way to search my documents. 

Also intrigued by Bitmesssage. That looks like it has a lot of potential, but how long before it's made illicit?

I use Gmail for personal stuff - for work, my clients provide their own systems. I'm looking to move.

I have questions about mailservers: My main worry is downtime. How easy is it to set-up/sync several servers for the same IMAP service? 

And how much maintenance is really required? Can spam Assassin compete with Gmail's spam filter? 

Though I have a few VPS, I am looking at getting one of these and running the mailserver from home, mirrored if possible.


----------



## happel (Aug 6, 2013)

KuJoe said:


> I tried some iptables suggestions from DD-WRT's forum but no dice. It looks like I'll be moving my NAS to a data center anyways since port 25 is blocked by Comcast.


The webinterface of my openwrt router shows a zone_lan_prerouting thingy which contains a DNAT rule for each of the forwarded ports, rerouting them to their respective internal ipaddresses. But I can't find them in the terminal, iptables isn't really my thing, but most of the other stuff shows up and it specifically stated that that chain didn't exist. :|

Comcast is blocking incoming connections on port 25?? For outgoing you could relay the messages through a small vps on a different port.


----------



## HalfEatenPie (Aug 6, 2013)

peppr said:


> Am surprised no one mentioned Zarafa ( http://www.zarafa.com/ )
> 
> Its opensource and a drop in exchange replacement ( with outlook support ! ) and comes with collaboration ( active sync support) . the community a.k.a free version doesnt support HA, and outlook support is limited to 3 users.
> 
> ...


Whaaa.  I might actually test this one out.  Honestly all this talk about moving your services off of Google is fantastic.  Although anyone know a nice easy tool to move the individual e-mails as well over to your own solution?


----------



## perennate (Aug 6, 2013)

HalfEatenPie said:


> Whaaa.  I might actually test this one out.  Honestly all this talk about moving your services off of Google is fantastic.  Although anyone know a nice easy tool to move the individual e-mails as well over to your own solution?


Easy - http://www.howtoforge.com/how-to-migrate-mailboxes-between-imap-servers-with-imapsync

I'm pretty sure most mail clients (like Thunderbird) support copying emails though. So even easier than easy.


----------



## Tux (Aug 6, 2013)

KuJoe said:


> I tried some iptables suggestions from DD-WRT's forum but no dice. It looks like I'll be moving my NAS to a data center anyways since port 25 is blocked by Comcast.


My ISP doesn't block port 25. It's that ISP that rhymes with Harder.


----------



## KuJoe (Aug 6, 2013)

happel said:


> The webinterface of my openwrt router shows a zone_lan_prerouting thingy which contains a DNAT rule for each of the forwarded ports, rerouting them to their respective internal ipaddresses. But I can't find them in the terminal, iptables isn't really my thing, but most of the other stuff shows up and it specifically stated that that chain didn't exist. :|
> 
> Comcast is blocking incoming connections on port 25?? For outgoing you could relay the messages through a small vps on a different port.



I can bypass the incoming with port forwarding, the problem is they block the outgoing and if I used a small VPS for relaying, I might as well host a mailserver on it defeating the purpose of my project so my best bet is to throw the NAS in a cabinet and give it a dedicated IP and call it a day. I'll get a 2nd one for HA and ship it to Tampa and nerd out for a week or 2.


----------



## Chronic (Aug 6, 2013)

Anyone tried out Kolab? Seems like a decent solution to me.


----------



## Leyton (Aug 6, 2013)

Chronic said:


> Anyone tried out Kolab? Seems like a decent solution to me.


Yeah, the older versions worked and installed okay. Couldn't get the new version to install for the life of me on my last try.


----------



## Aldryic C'boas (Aug 6, 2013)

Out of curiosity, I gave ISPConfig a try. A quick --purge later, I decided to just stick with a postfix/sasl/dovecot manual setup. Thanks for the suggestions though folks; I did see a few recommendations that look rather interesting for some unrelated project ideas.


----------



## jarland (Aug 6, 2013)

Aldryic C said:


> Out of curiosity, I gave ISPConfig a try. A quick --purge later, I decided to just stick with a postfix/sasl/dovecot manual setup. Thanks for the suggestions though folks; I did see a few recommendations that look rather interesting for some unrelated project ideas.


I think it's the only solution that doesn't end up causing more grief than it's worth. Least overhead, less to secure after default setup, efficient and rarely fails.


----------



## Aldryic C'boas (Aug 6, 2013)

> I think it's the only solution that doesn't end up causing more grief than it's worth. Least overhead, less to secure after default setup, efficient and rarely fails.


Pretty much. I've got everything running smoothly now.. perhaps this weekend I'll put up my deployment layout, and maybe do a couple guides for folks wanting to do the self-host thing as well (contacts/calendar/email/sync/'drive'/etc).


----------



## clarity (Aug 6, 2013)

@Aldryic that would be nice of you! I am looking for the exact same thing. I like ISPConfig 3, but there is just so much bloat.


----------



## Shados (Aug 6, 2013)

KuJoe said:


> Only issue I am having is when I am connected to WIFI I need to use the IP for my NAS, off WIFI the FQDN works fine. Weird.
> 
> Additionally, I am disappointed to see SpamAssassin in there instead of ASSP.



You're suffering from your home router not supporting NAT loopback. Most don't, and it's a PITA. You may be able to work around it by having your router's DNS return the internal IP for the FQDN instead of the external-facing internet IP.

Also, cool thread. I've done some of this stuff myself, but I'm taking it pretty slowly - I've moved some stuff to completely self-hosted/DIY solutions, but also moved a lot of stuff to smaller commercial operations that are less likely to be reading through all my data and actually have privacy policies as an interim solution (e.g. fastmail.fm for most email at the moment).


----------



## Quexis (Aug 6, 2013)

shawn_ky said:


> May want to check out ZPanel (http://www.zpanelcp.com/). It is an open-source hosting solution that has been recently updated with a nice theme.  It has a lot of built-in features including email using dovecot, postfix and all the other frills + the normal hosting solutions. Run it in-house if you want and it would keep it as secure as you are.
> 
> Subsonic?  might need to look at that.


You mean this ZPanel?


----------



## KuJoe (Aug 7, 2013)

Speck said:


> You mean this ZPanel?


You mean this joepie91? Sorry, I had to say it.


----------



## shawn_ky (Aug 7, 2013)

Speck said:


> You mean this ZPanel?


As with anything, there will be concerns. I can't answer for the dev team. I am not them. A long the post there was suggestions about disabling, this that and the other... I don't know. I can say for what I am using for a personal use, it does it's work. Disabling the info mentioned would more than likely secure this for what the Op wanted.. I still think it's a good project that it doing some pretty good things -- that's something I'll stand behind.





KuJoe said:


> You mean this joepie91? Sorry, I had to say it.


^^^^ Now that's funny!


----------



## MCH-Phil (Aug 7, 2013)

Shados said:


> You're suffering from your home router not supporting NAT loopback. Most don't, and it's a PITA. You may be able to work around it by having your router's DNS return the internal IP for the FQDN instead of the external-facing internet IP.


Another solution to this issue would be to edit hosts file on machines in the local network.  NAT loopback issues suck completely though.


----------



## bizzard (Aug 7, 2013)

I don't have much personal files on cloud, but would love to give owncloud a try. My photos and media stays in my portable HDD's and optical disks.

For mail, I still have 1 or 2 gmail accounts. For all others, I have a VPS, which run Dovecot + postfix with Virtualmin as the panel to manage mail accounts. Virtualmin has a pretty good interface to manage mail accounts + RoundCube as the web interface does the trick for me. I access mails mostly via thunderbird and k9mail on my phone. The web interface is just incase if I need it while travelling. Syncing contacts between all my devices is one problem I face now.

The cost of dedicating a 1GB VPS for mails + backup is almost equivalent of having two Google App accounts now a days. Keeping up backups is not much pain with rsync, but still need to setup a backup mx. Had found some tutorials to do it using postfix, but haven't tried yet. Please share tutorials if anyone has succeeded with setting up backup mx.


----------



## Aldryic C'boas (Aug 7, 2013)

> I don't have much personal files on cloud, but would love to give owncloud a try. My photos and media stays in my portable HDD's and optical disks.


Heh, I hardly ever use 'cloud' type deployments for actual filesharing/etc.  I originally tried Owncloud to see if it handled RSS (before finding TTRSS), and ended up keeping it after I found out about Contact/Calendar sync.



> Syncing contacts between all my devices is one problem I face now.


You're already running Owncloud - so pretty much all you need is CardDAV.  Syncs to Android perfectly.  Owncloud has other syncing options as well (Windows, *nix, etc), but I haven't had reason to use those yet.


----------



## shawn_ky (Aug 7, 2013)

I've got OwnCloud working being between VPS's and Windows machines..then move it to a NAS for backup.  It really is doing a pretty good job with the last update. Haven't tried with the phone yet... Next attempt. (iPhone) 

How well are the Contacts and Calendar working with multiple machines? (Should be the same, but...) Have been thinking about doing a home calendar with my wife and I to keep track of where we are going to be when...


----------



## Aldryic C'boas (Aug 7, 2013)

shawn_ky said:


> How well are the Contacts and Calendar working with multiple machines?


Flawlessly for me.  But it's worth noting that I don't touch Apple, and I don't know if there's an equiv to CardDAV/CalDAV for the iPhone.  Worth looking into, though - it's not proprietary, so there's bound to be other apps for it.


----------



## wdq (Aug 7, 2013)

I ran across this post today. It lists a topic like RSS reader, or photo gallery, and then some self hosted open source options. 

https://wiki.debian.org/FreedomBox/LeavingTheCloud


----------



## drmike (Aug 7, 2013)

Good random stuff there @wdq.   Came from Eben Moglen's FreedomBox project (wish Eben would get launching things in beta already).

So much hope so long ago for Freedombox... errr...


----------



## happel (Aug 8, 2013)

Aldryic C said:


> Flawlessly for me. But it's worth noting that I don't touch Apple, and I don't know if there's an equiv to CardDAV/CalDAV for the iPhone. Worth looking into, though - it's not proprietary, so there's bound to be other apps for it.


iOS and OS X have had excellent support for CardDAV and CalDAV for years . Only platform that doesn't support those two is Windows.. (Both desktop and phone)


----------



## mpkossen (Aug 8, 2013)

happel said:


> Zpanel has a bad track record when it comes to security. I even recall one of the developers stating security wasn't relevant or something like that.
> 
> 
> I moved away from Google services a few years back.
> ...


Try BoxCryptor Classic. Works very fine for me. On Linux-like system you can just mount it as an EncFS volume.


----------



## happel (Aug 8, 2013)

mpkossen said:


> Try BoxCryptor Classic. Works very fine for me. On Linux-like system you can just mount it as an EncFS volume.


Thanks, I will give that a try .


----------

