On 29 December 2022 09:10:23 CET, Joachim Lindenberg <dove...@lindenberg.one> wrote: >Hello André, >thanks for the explanations, appreciated, and for sure publishing a comparison >would help users to make a decision, where to "shop", and maybe also for >enthusiast the opportunity to join forces on specific topics. >I like that you support FDE, but my personal preference is to run *x as >virtual machines on Hyper-V with Bitlocker and Bitlocker Network Unlock. I >haven´t looked into Clevis & Tang yet in detail, which might be an alternative. >I decided for mailcow early 2018 where it met my requirements, but I am also >open to alternatives, especially if they are on par or close w.r.t. >functionality, ideally offering high availability via two replicating >instances (mailcow does this commercially only and didn´t offer a GDPR >compliant contract). >Thanks, >Joachim > >-----Ursprüngliche Nachricht----- >Von: André Rodier <an...@rodier.me> >Gesendet: Donnerstag, 29. Dezember 2022 08:44 >An: dovecot@dovecot.org; Joachim Lindenberg <dove...@lindenberg.one> >Betreff: Re: Self hosting solution for Christmas > >On 27 December 2022 11:39:42 CET, Joachim Lindenberg <dove...@lindenberg.one> >wrote: >>I have to support Marc´s question. And also - what makes HomeBox different >>from Mailcow (https://mailcow.email/)? >>Thanks, Joachim >> >>-----Ursprüngliche Nachricht----- >>Von: dovecot <dovecot-boun...@dovecot.org> Im Auftrag von Marc >>Gesendet: Dienstag, 27. Dezember 2022 11:25 >>An: Andre Rodier <an...@rodier.me>; dovecot@dovecot.org; >>postfix-us...@postfix.org; debian-u...@lists.debian.org; >>users-requ...@sogo.nu >>Betreff: RE: Self hosting solution for Christmas >> >>> >>> Here my present for Christmas: a new version of HomeBox, the self >>> hosted email solution. >>> >>> Feel free to drop comments, create issues, update the docs, etc. >>> >>> I released this quickly before going on vacation, so you may find >>> some issues. However, this is mostly stable, and the code is easy to modify. >>> >> >>That is why one should not be interested to much risk of lacking future >>support. What if your wife gets pregnant and there is no update/release for 9 >>months? ;) Obviously I admire such open source efforts. >>It is just such a pity to see so many projects initiated seemingly without >>first trying to bundle forces. This is especially visible in crm all these >>individual projects are 'shitty', I do not get why none of them try and work >>together to create a few good ones. >> >>I used to always state that there is only one real distribution you could >>use, and that is the centos one. Basically because you could always buy a >>redhat license and get the support of a billion dollar company (now even >>IBM), but with their stream direction this all becomes questionable. However >>most projects do not even have an argument other than 'this is the >>distribution I know'. >> >>The only long term alternative I see, is using containers that hardly have >>any os dependency and behave more like micro services. So you focus on the >>direct updates of suppliers. >> >> >> >> > >Hello, Joachim. > >Perhaps I need to rewrite the doc, and the readme, so I will clarify a few >points. > >Homebox is a set of Ansible scripts to install and configure an email stack on >Debian. Exactly like you would do it manually, but in an automated way. > >Once the play book has been run, you still have a Debian installed, without >any custom binary. > >Therefore, of you need any support, ask the relevant making lists, like >postfix, dovecot, sogo, Debian, clamav, rspamd, etc... > >Now, to answer your question, I had a look to mailcow, and I still prefer >Homebox to hosts my emails. > >The security of my primary concern. If you look the code carefully, you will >see a lot of decisions in this direction. From the list of authorised ciphers >and the enforced encryption, even internally, to the absence of PHP. Also, the >non-free and contrib sections are excluded. > >I also offers full disk encryption out of the box using Debian preseed with >remote drive unlocking. > >You will also see a lot of unit tests to ensure the whole stack is running as >expected. > >Finally, I trust a lot the Debian community security policies. I prefer to use >them than another community, especially with the unattended-upgrades package. > >In terms of features, again, we're definitely not on the same line. > >Homebox does not support multiple domains, and will never. > >However, I use an LDAP server for authentication, which is used for other >services, like a Jabber server. The solution includes a Jabber server out of >the box, with files upload and server to server communication. > >Next year, I will start to include a Prometheus stack, with alerts sent by >xmpp. > >I am also planning to add more features i think can be useful to personal >hosting, still using Debian repositories. For instance, a WebDAV server to >share files across multiple devices. > >I don't pretend creating a better solution than X or Y, and I may add mailcow >in the list of other solutions. However, I think some people, like me, just >want to deploy a mail / xmpp server on Debian without third party packages. >This is why I created this project. > >Kind regards, >André. > >PS : for Marc's knowledge, I am very happy with the kids I already have. I had >a surgery to ensure I won't have more. Maybe an example to follow... >
Hello, Joachim. Yes, two replicating instances would be good, many options are available. I will make a few tests next year, using some components, like drbd and gfs2, to name a few. However, I am also looking into an NFS server. For emails encryption, I will try to use dovecot native one, but I want to decrypt the key on user login. However, GPG maybe guys as well. One thing I forgot to mention in the features: DNSSEC is automatically configured as well, using PowerDNS. Kind regards, André.
