loading...

Running own private email server and the problems?

nav_devl profile image Naveen Honest Raj ・1 min read

I created my own email server using postfix and implemented a catch-all email approach. I am a beginner in creating and running my own email server but read few articles and successfully ran it.

The approach I followed is written in here https://naveenhonestraj.in/creating-an-incoming-email-server-and-sending-data/

My end goal is to catch all the email sent to a specific domain, say (@example.com) and make a POST call(something like a webhook action) with payloads that contains all the information of the email sent.

I successfully made this and now can make those POST call with proper payload, but I am not aware of the problems/cons along running own server with the catch-all approach.

If somebody who worked on the similar lines can share their thoughts and opinions on this, it would be very very helpful. Thanks.

Discussion

markdown guide
 

Unless this is for some educational or testing purposes I would not recommend doing this yourself.

Seems to me that you want/need to implement an Email to Webhook integration which services like Email Parser by Zapier or Mailgun Routes.

 

Thanks for your valuable inputs, Erick. But, say I am trying to build a functionality like, something in a ticket management systems like Zendesk, where each organisation has their own incoming email address, which they receives emails and creates ticket. So, for N organisation, there are N email, but the catch here is, everything is sent to one single server with all the information.

Do you think, this particular case could possibly fit in the case you mentioned? Or do you know any other services that can fit one?

 

If this is mission critical (which seems it is) I would definitely go with something like Mailgun Routes instead of Zapier. You can setup custom routes for many incoming domains and email addresses, and forward those as POST requests to wherever you need, but you need a paid account on Mailgun to setup and use those routes (they used to be free, but no more).

Unfortunately I do not know any open source project that does something similar to what you need.

I'll try giving it a shot this weekend. Thanks for pointing me there. Meanwhile if I figure out a new thing or learn something from others too, I'll keep this discussion thread updated with that.

I just read your blog post with your setup and is is very nice! You took the time and effort to install, setup, and get postfix working as you needed.

This link will probably be less useful for you but still wanted to share it. I found it yesterday while browsing GitHub. It is a small SMTP server written in Go and it sends everything it gets to a pre-configured webhook. I haven't tried it yet but I want to do some tests probably later today or in the next days.

github.com/alash3al/smtp2http

Wow., thanks for taking time to read the article and sharing your thoughts, Erick 😁

Sure, I'll take a look at the repo as well. If not it serves the current purpose, it will definitely going to be a good learning and might come in handy at some other point of time. Thanks again for the share. :))

 

Where you actually host the email server will have some implications with local law. For example, most consumer ISPs don't want mail traffic over their network, and would have a problem with you hosting an email server from home.

Incoming mail has a lot fewer concerns than sending mail, so your risks are relatively though.

However, what you've essentially created is the same thing as an unauthenticated api. This means there's always a risk for request flooding. Because your input is email, your ability to restrict and control traffic will be a bit harder as well.

I would suggest building some middle process that would work to reject as many obviously garbage requests as possible, so as to not flood whatever software is pushing your POST requests.

 

Thanks @brandinchiu for the inputs. I wasn't aware of the local law and thanks for pointing that. I'll probably look into that.

And on the side of request-flooding, after you mentioned, now, I am thinking of adding SPAM FILTER alongside Postfix to filter (to some extent) and also thinking to add-in ratelimit or a queuing system to validate and then process towards POST request. Your inputs are very helpful, Brandin :))

 

Yeah this is really the only thing to worry about. Any filtering you can do will be helpful.

The last thing you'd want is to be running your server in the cloud and have something send you 2 million fake emails and run up your bill :)

 

The Postmark blog is a great resource for email. It's super helpful for learning about problems that may come up. They often frame it in a "here's what we're doing for you" kind of way which is super useful for learning about the details. Here's an example: postmarkapp.com/blog/monitoring-yo...

Most folks take email delivery for granted. You hit send and assume the recipient will get it. That's usually a good assumption for personal email, but when you move beyond single emails, delivery gets decidedly less certain. Things like IP reputation, domain reputation, or simple configuration mistakes can completely derail your delivery.

 

Wow. This is a wonderful resource!! Looking into it. Thanks Derek 🤩