I agree with everyone here that self-hosting email is never easy, but if you still decide to go down this route then here are two tips that I personally found very helpful, especially when you decide to host it at home:

The first is to get an SMTP relay server. That’s just another mail server that yours can log into to actually send its mail, just like an email client would. That way you don’t have to worry about your IP’s sending reputation, because everyone will only see the relay’s reputable IP.

Second is to configure a Backup MX. That’s an additional MX DNS entry with lower priority than the primary, and it points to a special mail server that accepts any mail for you and tries to deliver it to the primary server forever (or something like an entire week). So when your primary server is unreachable other sending servers will deliver mail to the backup, and it delivers the mail to the primary as soon as that’s back online.

You can get these as separate services, but some DNS providers (like Strato for example) offer both with the base domain package. It makes self-hosting an email server much simpler and more reliable in my experience.

Welcome to the Linux community. :)

You will probably never understand everything about Linux and all of its included and associated systems. That’s completely fine, no one does! That’s why we are many, and it’s what asking for advice or help is for. You can just learn whatever interests you at your own pace, and know that there will always be interesting things you haven’t seen yet.

I’m transcoding everything to 320kbps MP3s. It’s much much smaller than flac, and I can’t hear the difference even if I try.

Fedora, I usually wait 1-2 weeks for the last bugs to be found+fixed and extensions to catch up, and then just upgrade in-place. Haven’t had a major upgrade problem for years now, it’s mostly as smooth as any other offline update. And I don’t feel like I have to reinstall the OS every few years on Linux either.

One of us One of us One of us! :)

No! I prefer ______, and you are WRONG for thinking otherwise!

I just set up a Vouch-Proxy for this yesterday. It uses the nginx auth_request directive to authenticate users with an SSO server, and then stores the token in a domain-wide cookie, so you’re logged in across all subdomains. Works pretty well so far, you don’t even notice it when you’re logged in to your SSO provider.

But you do have to tell the proxy where you want to redirect a request somehow, either by subdomain (illegal.yourdomain.com) or port (yourdomain.com:8787) or path (yourdomain.com/illegal). I’m not sure if it works with raw IPs as hosts, but you can add additional restrictions like only allowing local client IPs.

In my special case I’m using the local Synology SSO server, and I have to spin up an additional nginx server because the built-in one doesn’t support auth_request.

Just a heads up, trying to buy Uranium for the reactor on Ebay will get you in trouble real fast, so be careful!

I’ve been running Gluetun for a few months now, and just the other day discovered that you can use it to seamlessly proxy Twitch streams (using it as http proxy for ttv lol pro), so they load via countries that Twitch doesn’t show ads for. Setting it up was ridiculously easy, and now I have neither ads nor endless loading anymore. The whole thing was a really nice surprise!

Do Not Track

Such a simple solution for the cookie banner issue. But it prevented websites from tricking users into allowing them to gather their data, so it had to go.

Yes. It makes it much harder to build a profile about you though, because you’re not logged in and they don’t know if those views come from you or someone else using your server. Even if you’re the only one, the website doesn’t know that.

Afaik the stated reasons for moving back were pure BS, or at least blown out of proportion. It mainly came down to the people in charge being very “friendly” with M$. Munich got a new major, he publicly called software-freedom “idiological nonsense”, asked a consulting firm that partners with and sells M$ products to analyse the situation, and everyone was shocked when they recommended M$.

Nope, not if you use the Beeper Bridge Manager. I’m running two bridges right now, without having my own Matrix server.

I started using their Signal and WhatsApp bridges today, probably one of the easiest setups I ever did. You just run a Docker container for every bridge, and login to your Signal/WhatsApp account by chatting in the app with the Matrix bot it creates.

Literally takes like 5 minutes if you’ve used Docker before, and you don’t need a domain or forwarded ports or anything.

You only need to selfhost the bridge, it can use their Matrix server. Makes it much simpler.

Self hosting their bridges is really simple, if you have a device to run the Docker containers on. That way you don’t have to give them your logins, all they get to see are encrypted Matrix messages.

Nothing about what you just wrote has anything to do with closed source software though. You could just as well say that closed source helps them predict the future or draw shinier unicorns. It doesn’t!

Maybe you mean tightly coupled, stripped-down, preconfigured or vertically integrated, but you can do that just as well with open source software. No one is forcing them to make a general purpose chat app or offer the ability to choose a different server. It’s just a matter of being able to see, verify and modify the code.

differentiate above the competition […] charging for it

This is the only thing that comes close imo. But they stated specifically that they don’t want to make money with the chat app itself, so it doesn’t really work as a justification. They could easily offer server-side premium features or create a closed source premium-only version or extension, it’s no reason to make the base app closed source.

security theatre

They don’t have to do that, and they don’t afaik. Matrix itself can do proper e2ee just fine, and Beeper is pretty open about the fact that bridges hosted by them have to break e2ee to translate between platforms. They’d only need theater if their closed source app actually has some bad code in it, which is kind of my point.

Expanding to selling some user metadata, or sniffing the bridges, would be an extra

Again: Their Matrix server and bridges are open source right now, and it wouldn’t stop them from doing what you’re describing.

Too pedantic 😉

I just can’t help it. 😜

the connecting with a majority of people using the same closed source platform

The platform is open, including the part that connects to other closed source platforms. It’s just Matrix and open source bridges after all. And making the client app closed souce doesn’t help with any of that.

I’m sorry if I’m a bit pedantic about this, but it seems like you’re describing an upside to closed source software that’s just not there.

You’re definitely right that people are a bit too doom-and-gloom about it, Beeper did do a lot of good over the last few years!

But I also find it a bit odd that they talk so much about the importance of open source in messaging, and then release a closed source client without at least adressing the topic. Add the fact that they’ve been aquired by another company on the same day, and it starts to smell like another instance of openwashing.

Idk, we’ll have to see how it plays out I guess.

I can answer that: it’s the “I don’t care about security as long as I can send memes and inappropriate messages to most people” experience.

Closed source doesn’t help with that though, you don’t have to care about privacy in open source.

except you do know that the bridges are decrypting all messages anyway

They are working on on-device bridges that preserve e2ee, but making the client closed source kind of defeats the purpose here.