AW: Self hosting solution for Christmas

[Joachim Lindenberg]

Hello André,
thanks for the explanations, appreciated, and for sure publishing a comparison would help users to make a decision, where to "shop", and maybe also for enthusiast the opportunity to join forces on specific topics. 
I like that you support FDE, but my personal preference is to run *x as virtual machines on Hyper-V with Bitlocker and Bitlocker Network Unlock. I haven´t looked into Clevis & Tang yet in detail, which might be an alternative.
I decided for mailcow early 2018 where it met my requirements, but I am also open to alternatives, especially if they are on par or close w.r.t. functionality, ideally offering high availability via two replicating instances (mailcow does this commercially only and didn´t offer a GDPR compliant contract). 
Thanks,
Joachim

-----Ursprüngliche Nachricht-----
Von: André Rodier <andre at rodier.me> 
Gesendet: Donnerstag, 29. Dezember 2022 08:44
An: dovecot at dovecot.org; Joachim Lindenberg <dovecot at lindenberg.one>
Betreff: Re: Self hosting solution for Christmas

On 27 December 2022 11:39:42 CET, Joachim Lindenberg <dovecot at lindenberg.one> wrote:
>I have to support Marc´s question. And also - what makes HomeBox different from Mailcow (https://mailcow.email/)?
>Thanks, Joachim
>
>-----Ursprüngliche Nachricht-----
>Von: dovecot <dovecot-bounces at dovecot.org> Im Auftrag von Marc
>Gesendet: Dienstag, 27. Dezember 2022 11:25
>An: Andre Rodier <andre at rodier.me>; dovecot at dovecot.org; 
>postfix-users at postfix.org; debian-user at lists.debian.org; 
>users-request at sogo.nu
>Betreff: RE: Self hosting solution for Christmas
>
>> 
>> Here my present for Christmas: a new version of HomeBox, the self 
>> hosted email solution.
>> 
>> Feel free to drop comments, create issues, update the docs, etc.
>> 
>> I released this quickly before going on vacation, so you may find 
>> some issues. However, this is mostly stable, and the code is easy to modify.
>> 
>
>That is why one should not be interested to much risk of lacking future support. What if your wife gets pregnant and there is no update/release for 9 months? ;) Obviously I admire such open source efforts. 
>It is just such a pity to see so many projects initiated seemingly without first trying to bundle forces. This is especially visible in crm all these individual projects are 'shitty', I do not get why none of them try and work together to create a few good ones.
>
>I used to always state that there is only one real distribution you could use, and that is the centos one. Basically because you could always buy a redhat license and get the support of a billion dollar company (now even IBM), but with their stream direction this all becomes questionable. However most projects do not even have an argument other than 'this is the distribution I know'.
>
>The only long term alternative I see, is using containers that hardly have any os dependency and behave more like micro services. So you focus on the direct updates of suppliers.
>
>
>
>

Hello, Joachim.

Perhaps I need to rewrite the doc, and the readme, so I will clarify a few points.

Homebox is a set of Ansible scripts to install and configure an email stack on Debian. Exactly like you would do it manually, but in an automated way.

Once the play book has been run, you still have a Debian installed, without any custom binary.

Therefore, of you need any support, ask the relevant making lists, like postfix, dovecot, sogo, Debian, clamav, rspamd, etc...

Now, to answer your question, I had a look to mailcow, and I still prefer Homebox to hosts my emails.

The security of my primary concern. If you look the code carefully, you will see a lot of decisions in this direction. From the list of authorised ciphers and the enforced encryption, even internally, to the absence of PHP. Also, the non-free and contrib sections are excluded.

I also offers full disk encryption out of the box using Debian preseed with remote drive unlocking.

You will also see a lot of unit tests to ensure the whole stack is running as expected.

Finally, I trust a lot the Debian community security policies. I prefer to use them than another community, especially with the unattended-upgrades package.

In terms of features, again, we're definitely not on the same line.

Homebox does not support multiple domains, and will never.

However, I use an LDAP server for authentication, which is used for other services, like a Jabber server. The solution includes a Jabber server out of the box, with files upload and server to server communication.

Next year, I will start to include a Prometheus stack, with alerts sent by xmpp.

I am also planning to add more features i think can be useful to personal hosting, still using Debian repositories. For instance, a WebDAV server to share files across multiple devices.

I don't pretend creating a better solution than X or Y, and I may add mailcow in the list of other solutions. However, I think some people, like me, just want to deploy a mail / xmpp server on Debian without third party packages. This is why I created this project.

Kind regards,
André.

PS : for Marc's knowledge, I am very happy with the kids I already have. I had a surgery to ensure I won't have more. Maybe an example to follow...