I quite like email – perhaps mostly not because of design or technical qualities, but because nice tools exist and there's plenty of users, so it can easily be used for communication. Though even the design is not so bad: SMTP by itself is quite usable, OpenPGP is better than plain text messages (though could be much better, and there's plenty of criticizm), it's all open and federated. Some of the email criticizm goes as far as to propose to replace it with something, but without proposing any viable alternative – so it doesn't seem like the time to abolish it yet, and here are some email-related notes.


Here's how one can set a mail server:

  1. Install and configure postfix (or other MTA). There's plenty of guides around, it's pretty simple, and actually that's it: the rest builds around it.
  2. To not look like a spammer to other servers:
  3. To filter spam, set postscreen and regular postfix settings (see Postfix Anti-UCE Cheat Sheet and rob0's postscreen(8) configuration; a local caching DNS server is useful to speed things up a bit). It'll filter most of the spam, while spamassassin (via spamass-milt, for instance) may hog too much memory for a small VM, leading to OOM killer rage. Other options include bogofilter, which would require training, and Rspamd. Postgrey and may also be used.
  4. LE to obtain X.509 certificates for TLS. ACME clients are mostly poor, but certbot is more or less usable.
  5. Dovecot or something else for IMAP or synchronization over SSH (optionally: as an alternative, one can read messages via ssh on a server, retrieve them into a local maildir with rsync, or something like that).

Dovecot can also be used for SASL (for both Dovecot and postfix); see the "user authentication" note.


Both notmuch and mu4e use xapian, which provides fast search. It's also very nice to compose and read messages in emacs, so I'm targeting those.

Option 1: SSH

SSH-only setup allows to use just SSH keys, with no SMTP/IMAP between client and server. Messages can be retrieved with e.g. doveadm sync, and sent with a remote sendmail. An example with relevant mu4e context vars:

(message-send-mail-function   . message-send-mail-with-sendmail)
(sendmail-program             . "/home/defanor/bin/")
(mu4e-get-mail-command        .
 ,(concat "doveadm sync sh -c "
   "\"SSH_AUTH_SOCK=$SSH_AUTH_SOCK ssh doveadm dsync-server\""))


ssh /usr/sbin/sendmail "$@"

Option 2: IMAP + SMTP

mbsync can be used to retrieve messages via IMAP, and postfix can also be set locally to get more flexibility and better SASL options than emacs smtpmail library provides (see the user authentication note).


OpenPGP can be used with mu4e rather easily, doesn't require any special setup.


The Email Worst Practices page provides a few links, though I'm guessing that things like that are mostly read by those who already follow conventions, while others do all kinds of strange things with messages. I'm not even sure whether more than a half of professional programmers managed to master message quotation.

Public providers

Most of the seemingly semi-decent email providers cost like a VPS or more, so it may be desirable to get a VPS at once. As for free ones, there is a few seemingly fine options, though some of them (e.g., openmailbox) don't seem that nice when you're trying to use them, and others don't even provide SMTP or IMAP. Not counting here those where you are the product. A/I looks almost nice (apart from requiring an email address for activation, which it claims to not associate with your mailbox anyway, having a weird design, messing up the terminology, and perhaps being more about politics than ethics), though I haven't tried it yet. And there are ones like

On reliability

My primary concern with using private email for everything has been that regarding reliability, which is actually broader than just email. And if it's set on a single machine that you also use for everything else, that's a single point of failure for many things.

There are potential issues with public services as well: the companies that maintain those can go out of business, usually can do whatever they want with your accounts and data, with the services they provide, etc.

But private ones require regular payments and maintenance. It's not much harder than maintaining your personal machine, and usually cheaper than paying for an internet connection, electricity, and so on, but it is an additional burden. Very small one, but collecting things like that is always unpleasant: there's plenty of other ways to get into trouble simply by staying idle.

Using 2-3 servers instead of one and teaming up with others (for both payments and maintenance) may be helpful to mitigate those issues, but that requires some trust: at least to be sure that the others won't screw you just for fun. I guess that's the hardest part, since very few people even remotely care about service providers, control, etc. Maybe it's even a nice approach: worrying about all the small things and possibilities may be too much, whether one uses a private or a public service.