Proxy email via VPS
-
-
@robi Yes, it looks like outbound would be pretty straightforward to configure -- it's just SMTP. I'm most curious about how inbound forwarding could be achieved, I'm not sure I've ever seen that before, though I don't know why it wouldn't be possible.
-
@infogulch yes, I have a similar setup.
- All my apps are at home. The Cloudron domain is
my.home.example.com
. I add an extra Domainexample.com
. I installed apps intoexample.com
asapp1.example.com
,app2.example.com
and so on. - My email server is on DO. Domain is
my.example.com
.
For outbound email:
- Create a mailbox called
homeserver
in email server. So, this ishomeserver@example.com
- Enable masquerading in the email server.
- In my home cloudron, go to Email ->
example.com
-> Outbound settings. Set the email credentials forhomeserver@example.com
. This will allow apps to now send email.
- All my apps are at home. The Cloudron domain is
-
@infogulch oh my emails reside entirely on the DO VPS. I have not considered piping incoming mail via the VPS into the home server. I am not sure how this will work because atleast in my ISP incoming mail ports are blocked.
As an aside, I backup the DO VPS into minio installed on the home server. That way emails are backed up at home for me.
-
@infogulch You just IMAP to the outbound server mailbox for any inbound mails.
Otherwise you'd have to set up some sort of private network or tunnel between your home server and the VPS to have the incoming mail work on the right port at the VPS and pass it through to your home server.
-
@robi @girish yeah that makes sense, use the VPS server for all email, apps on the home Cloudron that need to send outbound can use the same server with the setup described above.
Maybe I'm just being unreasonable, but I'd prefer to have email stored on the home server instead. Partially to shift more compute resources locally (the VPS can be cheaper), and partially for digital sovereignty reasons (e.g. a search warrant would be a knock on my front door, not a silent VM snapshot made by the provider under a gag order).
I guess the right term is "inbound email relay", and the more common reasons to use them are to improve uptime and do pre-filtering for spam. I remember setting this up doing local small business IT before everyone just switched to Office 365...
-
@infogulch if you can find an email relay services to relay outgoing messages, then you can have your email server at home just fine. This is the setup I am using for a long time. In my case I use postmark for the relay to send out emails, but maybe there are more privacy focused relays by now. I haven't thought further about postmark after setup, since it has worked flawlessly since then.
-
-
This is a pretty smart idea! By the way, one of the most common mistakes newbies make when setting up a proxy server on a VPS is to leave it open for anonymous authentication.
-
-
I need a similar solution to @girish because my ISP apparently blocks incoming port 25 as well. girish's post is very helpful. My main questions about girish's approach are: (1) Does Cloudron try to overwrite the relevant MX, SPF, and DKIM records? (2) Can I still use Cloudron to easily host a webmail client like Roundcube for
homeserver@example.com
, fetching the emails from the VPS? Or are the email client apps all configured to use local Cloudron-managed mail only? -
Thanks @girish . I have actually already set up an SMTP relay on my VPS and it successfully sends mail out. But only then did I realize that my ISP blocks incoming port 25 as well. I can't receive mail on my cloudron at home. So I think I need to give up on the relay idea and just host the entire mail server on my VPS, just like you described above in post #4. My questions are about your solution in post #4, I hope they make sense.
-
@bwag said in Proxy email via VPS:
(1) Does Cloudron try to overwrite the relevant MX, SPF, and DKIM records?
When you use the setup described in step 4, you don't need to adjust any of these records. This is because the Cloudron at home is like a mail client. The DNS records are not used by mail clients but my mail servers. The DNS records will be set to your VPS mail server.
(2) Can I still use Cloudron to easily host a webmail client like Roundcube for homeserver@example.com, fetching the emails from the VPS? Or are the email client apps all configured to use local Cloudron-managed mail only?
Roundcube has to be installed on the VPS server and not in your home server. You are correct that client apps are all configured to use the local Cloudron mail (which in this is case is in the VPS and not at home).
-
Thank you! I had forgotten that we can turn the Cloudron incoming mail server off, so it won't try to set DNS records. It's working for me now.
Roundcube has to be installed on the VPS server and not in your home server.
It would be fun to be able to run an email client from Cloudron, e.g. with POP to fetch mail from the VPS. That would help with the data sovereignty point mentioned above. But for now, I'll celebrate getting email working at all.
-
@infogulch If you want to deploy your Cloudron instance on a home internet connection, you might consider running it through a Wireguard tunnel to a VPS with a public IP.