Neo

Why is that? (genuine question, thanks!)

You may have already read this but I always think back to this blog post about self hosted email:

TLDR;

• Mail is not hard: people keep repeating that because they read it, not because they tried it
• Big Mailer Corps are quite happy with that myth, it keeps their userbase growing
• Big Mailer Corps control a large percentage of the e-mail address space which is good for none of us
• It’s ok that people have their e-mails hosted at Big Mailer Corps as long as there’s enough people outside too

https://poolp.org/posts/2019-08-30/you-should-not-run-your-mail-server-because-mail-is-hard/

Yeah, Microsoft are the worst. Even after doing all the proof of work (reverse DNS, DKIM, SPF, …) and registering for their spam prevention postmaster tools equivalent, I still found myself randomly blocked for delivery sometimes.

Amazon SES is good for this too. I use it in combination with postfix for the outbound mail. Granted it feels a bit like cheating on the whole self hosting part, at least for outbound. And I only started doing it in the past year of self hosting for 20 years. MS (Hotmail, Outlook, Office 365) was by far the biggest asshole in randomly denying delivery from my (well maintained reputation wise and well configured) outbound IP before switching to an SES relay. Fuck em, seriously. It’s not just about preventing spam, it’s clearly a strategy towards email dominance. Other big players are guilty of this too though.

I believe the ISPMail tutorials I was following during my rebuild recommended it as the successor to self hosted anti spam. Touting better performance, written in C vs. Perl for spamassassin iirc. The tutorials may have indicated that SA was no longer actively maintained, but that may be a figment of my imagination. Better fact check all of this. But I’ve been very happy with rspamd’s web interface to see what’s going on with the process. There’s a great history view in the dashboard that helps you better understand why a message got flagged as spam. It helped me better fine tune white and blacklists for example. Supposedly it also has a rich module system to enable more advanced filtering techniques like LLM’s and whatnot. But I haven’t looked into that yet. Granted rspamd is also used by ISPs that have massive throughput. I’m definitely not in that category :p

Great blog post, always nice to read about other people’s experiences. I was curious if you’d switch back to NixOS, but that’s not the case. Cubes OS looks interesting, I checked it out a few years ago. I should give it another look.

Great plan! We need more independently hosted email. I’ve been self hosting email for 20 years. Still running Postfix and Dovecot, but don’t have all the features you’d like though. I just wanted to chime in that I’ve moved from spamassassin to rspamd. And I’m happy about that. Given your experience in the hosting business I think you’ll like rspamd. One thing I have changed since a few months is have outgoing mail go through Amazon SES. I moved hosting from Linode to Hetzner and that turned out to be not so great for outbound delivery reputation. I didn’t want to migrate back to Linode so I bit the bullet and compromised with SES. That has been really working well, but I admit it is a bit of a step back from fully self hosting.

I’m on Hetzner too. You’re right, it is a bit of a hassle. I wish they’d just include a native image into the interface. I use infect and it works quite seamless though https://github.com/elitak/nixos-infect?tab=readme-ov-file#hetzner-cloud

Try it! Here’s a proof of concept that I’ve made that shows NixOS could even be used as a base for a very simple OS that abstracts the Nix away almost completely. Maybe the source code is of interest to you.

https://github.com/nixup-io/desk-os

Technically NixOS is all compiled from source too (if you disable the binary caches). It has since taken away Gentoo’s raison d’être a bit in my head. Debian still holds a special place in my heart too, for its simplicity and stability!

Interesting. I’ve using NixOS many years on servers but recently also started using it as a base for docker hosts. Before that I used Ubuntu or Debian for docker hosts, but I figured out I still like the declarative approach even for simple servers like docker hosts. There’s your basic security config, ssh keys and monitoring setup that I used to do imperatively, but I much rather have declaratively now, no matter how small. And enabling docker on NixOS is just a virtualisation.docker.enable = true; anyway.

Tell me about it.

Do you have more information? Haven’t looked into it for a while. What happened?

“It’s an older meme, Sir. But it checks out!”

Since I started using the Nix package manager and switched to NixOS, the notion of a “Linux distribution” faded into little more than “A bootloader + the Linux kernel + some userspace programs”.

OP mentioned a Minecraft server, iirc that can be pretty noisy in the logs.

If it’s running off an SD card then it’s very likely the SD card is broken. It’s better to run a pi off a USB SSD drive. Hope you have backups. Good luck either way.

Edit (more context):

https://hackaday.com/2019/04/08/give-your-raspberry-pi-sd-card-a-break-log-to-ram/

https://hackaday.com/2022/03/09/raspberry-pi-and-the-story-of-sd-card-corruption/

I’m building a batteries included desktop OS based on NixOS. A bit like ZorinOS, ChromeOS or Mint but with NixOS as a base. It’s a bit ambitious and still in an early stage, but it’s been great fun for me using the Nix package manager as a solid tool to build stuff. Check it out at https://nixup.io/ or https://github.com/nixup-io/desk-os if you’re curious. Anyone with the nix package manager installed and flakes enabled can just execute nix run github:nixup-up/desk-os to spin up a VM with a demo.

NixOS enters the room wearing a “/nix/store” t-shirt.

I checked it, it’s true. Side note: it’s “the saté of AI.” FTFY. From what I’ve heard it’s even better than 🍿to sit back and watch this farce unfold.