R. Diez
2020-Oct-26 15:11 UTC
Looking for a guide to collect all e-mail from the ISP mail server
>> I would not advice any company that is continuously being fined for breaking the law.> This is not only an overstatement, it is completely irrelevant.? Given the OP problem > statement (small business, part-time admin, newbie to mail > servers), I do not think there is a better solution > A small server already costs 20 USD / month, running a mail server consumes a significant amount > of resources, and as the OP mentions running a mail server also represents a high security risk.Guys, this kind of advice is not helping me either. First of all, I want to learn how to do it, just for fun. Even if paying for a hosted solution is an economically better solution. It's not for me to decide anyway. I will not recommend Google. Ever heard of data protection and data confidentiality? And then you are completely dependent. Your are nothing for a huge company like Google. If they lose your complete e-mail database, they will tell you that they are awfully sorry. If at all. And no, running a mail server does not "consume a significant amount of resources". Any 10-year-old laptop can easily cater for a small business. Besides, paying $6/user/month is actually very expensive for some small organisations. If you have 20 volunteers coming to the help in a small public library once a month, that would be $1440 a year just for e-mail services. Most such people would continue to use private Hotmail addresses. I would rather install a Synology NAS and use whatever e-mail service it comes with it. An on-premise mail server is, and should be, virtually free, at least for a basic e-mail service. No need for cloud. No need to expose any ports. No need to configure the firewall. No need to ask anything from your ISP. I have seen it running like that on existing small businesses with Microsoft Exchange and the POP Connector. It is just that Microsoft wants you to pay a subscription now, probably because the old licence fees are way cheaper than $6/user/month. If Linus had been reading this mailing list, we would all be paying lawyers to contract professional Sun/Oracle consultants to run our software on certified Solaris servers! Regards, rdiez
Gregory Heytings
2020-Oct-26 15:24 UTC
Looking for a guide to collect all e-mail from the ISP mail server
> > First of all, I want to learn how to do it, just for fun. >Okay, that was not what you initially said. Some comments below, nonetheless.> > I will not recommend Google. Ever heard of data protection and data > confidentiality? >Your data is stored confidentially by Google, obviously. Otherwise nobody would use their services.> > And then you are completely dependent. Your are nothing for a huge > company like Google. If they lose your complete e-mail database, they > will tell you that they are awfully sorry. If at all. >The likelihood that Google loses your email is far less than the likelihood that your server has a disk failure, gets hacked and rm -rf'd, is stolen, burns in a fire, and so forth.> > And no, running a mail server does not "consume a significant amount of > resources". Any 10-year-old laptop can easily cater for a small > business. >I meant human resources, obviously.> > Besides, paying $6/user/month is actually very expensive for some small > organisations. If you have 20 volunteers coming to the help in a small > public library once a month, that would be $1440 a year just for e-mail > services. >I'll say it again: Google is _free_ for nonprofits. Free: $0/user/month, for as many users as you want.
Dave McGuire
2020-Oct-26 15:30 UTC
Looking for a guide to collect all e-mail from the ISP mail server
On 10/26/20 11:24 AM, Gregory Heytings wrote:> Your data is stored confidentially by Google, obviously.? Otherwise > nobody would use their services.My keyboard is now COMPLETELY saturated with coffee. Some hit my display this time, too. -Dave -- Dave McGuire, AK4HZ New Kensington, PA
Gregory Heytings
2020-Oct-26 21:25 UTC
Looking for a guide to collect all e-mail from the ISP mail server
> > First of all, I want to learn how to do it, just for fun. >If you want to do this yourself for fun, here is what I believe a good way to do it: 1. install and configure Dovecot with one account for each user; see for example https://doc.dovecot.org/configuration_manual/quick_configuration/ 2. install and configure OfflineIMAP to synchronize the IMAP folders between your ISP IMAP server and your Dovecot server; see for example http://www.offlineimap.org/doc/quick_start.html At this point you should have a functional IMAP server, and your users can use your ISP SMTP server to send their mails. If you want to go one step further, and want your users to send their mails through your server, install and configure Postfix; see for example http://www.postfix.org/SOHO_README.html or https://www.howtoforge.com/how-to-relay-email-on-a-postfix-server If you want to go another step further, and want to remove the mails from your ISP IMAP server (instead of just mirroring it in Dovecot), install and configure Fetchmail; see for example https://www.linode.com/docs/guides/using-fetchmail-to-retrieve-email/
R. Diez
2020-Oct-26 22:20 UTC
Looking for a guide to collect all e-mail from the ISP mail server
> 2. install and configure OfflineIMAP to synchronize the IMAP folders between your ISP IMAP server and your Dovecot server; see for example > http://www.offlineimap.org/doc/quick_start.htmlOfflineIMAP is not the way to go. Many ISPs have very low size limits for the mailbox sizes. The one I am looking at right now does have this problem (unless you pay extra). From what I have gathered now, your hints about Postfix and fetchmail are correct. The trouble is that those doc pages are not real-life, complete examples with Dovecot of the two possible ways: 1) multidrop/catch all, and 2) one mailbox per user. Yes, I should be able to piece it all together. I will probably try. I just find it surprising that there is no such a complete guide yet. Because I am sure that there are a few gotchas along the way. > see > https://blog.sys4.de/abholdienst-fur-mail-de.html Yes, getmail is an alternative, and that looks like a good way too. But it's the same problem: the article is not complete. It states "how you could arrange it". It would be nice that you did not have to manually write a getmail config file per user. And an example for multidrop is missing. There is a note at the end that you should carefully plan the transport ways, but I wouldn't know yet what to do in that respect. It's just not a guide that I can follow from top to bottom to get a first working mail server to play with. That makes it pretty hard for me at this time. I will need much more time to learn and test every little detail myself. I'm not promising anything, but I may actually invest the time if I don't find anything else more interesting in the meantime. 8-) In any case, thanks for the hints. I know now what the way to go is. Those pesky port 25 people are not going to get me! ;-) Regards, rdiez
@lbutlr
2020-Oct-27 15:31 UTC
Looking for a guide to collect all e-mail from the ISP mail server
> On 26 Oct 2020, at 09:11, R. Diez <rdiezmail-2006 at yahoo.de> wrote: > >>> >>> I would not advice any company that is continuously being fined for breaking the law. > >> This is not only an overstatement, it is completely irrelevant. Given the OP problem >> statement (small business, part-time admin, newbie to mail servers), I do not think there is a better solution >> A small server already costs 20 USD / month, running a mail server consumes a significant amount of resources, and as the OP mentions running a mail server also represents a high security risk. > > > Guys, this kind of advice is not helping me either. > > First of all, I want to learn how to do it, just for fun. Even if paying for a hosted solution is an economically better solution. It's not for me to decide anyway.If you want to do it for fun and learning, setup a private mail server for yourself and maybe some friends. You do not have "fun" with a company's emails, not even a non-profit. ESPECAILLY since you have rather sepcific legal restrictions and requirements on that email. Doing it yourself is possible IF you already know what you are doing very well. Doing this yourself as a "fun learning experiment" is irresponsible.> I will not recommend Google. Ever heard of data protection and data confidentiality? And then you are completely dependent. Your are nothing for a huge company like Google. If they lose your complete e-mail database, they will tell you that they are awfully sorry. If at all.You are still confusing two very different things, the paid Google hosting service and the free gmail service. They are not the same thing. You paranoia is based on ignorance. You do not, obviously have to go with Google. There are many other choices. Hundreds. Your government may even have a list of companies that comply with German and European laws.> And no, running a mail server does not "consume a significant amount of resources". Any 10-year-old laptop can easily cater for a small business.That depends. You need to find an 18yo laptop that can run a current OS with current security libraries, so that's a stretch right there. And while it may not consume a lot of CPU resources, it consumes a lot of human/brain resources. It takes knowledge which takes time. Your idea that you can just setup a mialserver and walk away and never look at it again is laughable.> Besides, paying $6/user/month is actually very expensive for some small organisations.Depends on what the cost of, for example, having all your email ransomwared or published to some website costs. If your non-profit gets funding, your country and the EU have very strict laws on the security of email and the requirement to keep it archived and to ensure the data cannot get out. You may be facing serious fines or even jail time if you setup an mail server badly that results (as it almost surely will) a third party accessing that mail.> If you have 20 volunteers coming to the help in a small public library once a month, that would be $1440 a year just for e-mail services.If you feel the need to give 20 volunteers individual, personal email addresses, sure. $1500 a year for any sort of business, even a non-profit, is not a significant cost.> Most such people would continue to use private Hotmail addresses. I would rather install a Synology NAS and use whatever e-mail service it comes with it.You have to pay for that too.> An on-premise mail server is, and should be, virtually free,It is not. You need someone to admin it. You need someone to be vigilant and see when things are going wrong, or when an intruder has gained access, or when your DNS has expired, or your certificates need to be renewed, or a major system update is required. You also need (well, should have) a backup server, UPS systems (check those batteries!) and a whole host of other things that need to be done.> at least for a basic e-mail service. No need for cloud. No need to expose any ports. No need to configure the firewall. No need to ask anything from your ISP.You cannot send or receive any email if all your ports are closed. In order to communicate with anyone else, you must have the ability to connect to them. But it sure sounds like you've made up your mind to make the worst decision and are ignoring the advice of many people who do this all day, everyday. Good luck with that. Please check with your legal counsel first, you may be shocked as to what the EU and Germany actually require and what penalties you face when you decide to ignore those requirements. For example, are you aware that Germany requires TLS encryption on all email? And has more stringent E2EE requirements on many emails? -- "Let's get back to syntax of procmail and forget the syntax of fools." Don
Sebastian Nielsen
2020-Oct-27 16:03 UTC
SV: Looking for a guide to collect all e-mail from the ISP mail server
>>EU have very strict laws on the security of email and the requirement tokeep it archived and to ensure the data cannot get out. No. GDPR is very organization-specific, meaning that a small organization or non-profit with 5 employees, don't need the same security as a 100 employee multi-million dollar organization. They were going to require small companies and even private persons processing data outside of the "personal space" limitation, to have the same sort of physical and digital security as any multi-billion dollar corporation, and require those that cannot cash up for such security, to only use hosted cloud services and rented centrally-managed computers without any own IT department. Of course, they dropped that idea, because it was not fair against small companies. They changed the ruling so the amount of security you need, is dependant on how much people is at risk if the emails leak, and what type of content the email has (if it has sensitive data, requirements are higher). But also, export of data to third-world countries is not permitted at all, regardless of organization size, due to the data losing legal protection (if someone outside EU leaks the data, you cannot hold someone responsible), unless specific requirements are met. This means, a somewhat maintained mail server, physically located at a company, is much better than using a hosted cloud service, as the cloud services usually take extra payment to keep the data inside EU. Same with the rulings on security bulletins - if you have a multi-billion dollar company then you are expected to apply security fixes and patches, even on a Saturday night. They are obliged by EU law to have alarms that wake them up on any major security bulletin regarding any of the server software. For a small non-profit or family company - its OK to wait until business hours with that - if that leads to the server being hacked - its okay. You did what you could. Novody expects you to be available 24/7 to patch 0-days. So its totally dependand on what type of organization you run, and the size - that govern how much security you need. And no, you don't need an UPS or backuped ISP connections, unless you run something mission critical. Most mailservers will queue mails for several days, so if your mailserver disappear for 1-2 days, it don't matter. The "availability" requirements of GDPR only applies to society-cricical services where it can actually cause harm to end-users if a service is down. If its just a small non-profit with 5 employees, GDPR is not gonna care because the email server was down for a day or two. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5715 bytes Desc: S/MIME Cryptographic Signature URL: <https://dovecot.org/pipermail/dovecot/attachments/20201027/af08eb1a/attachment-0001.p7s>
Possibly Parallel Threads
- Looking for a guide to collect all e-mail from the ISP mail server
- Looking for a guide to collect all e-mail from the ISP mail server
- To what extent does/will Dovecot depend on systemd? was systemd changes...
- questions about maildir to mdbox migration
- Looking for a guide to collect all e-mail from the ISP mail server