Mail-in-a-Box lets you become your own mail service provider in a few easy steps. It’s sort of like making your own gmail, but one you control from top to bottom.
Technically, Mail-in-a-Box turns a fresh cloud computer into a working mail server. But you don’t need to be a technology expert to set it up.
Here’s how you can get a Mail-in-a-Box running:
Each Mail-in-a-Box provides webmail and an IMAP/SMTP server for use with mobile devices and desktop mail software. It also includes contacts and calendar synchronization.
The box also includes automatic DNS configuration, spam filtering, greylisting, backups to Amazon S3, static website hosting, and free TLS (SSL) certificates from Let’s Encrypt. Your box can host mail for multiple users and multiple domain names.
It implements modern mail protocols (SPF, DKIM, and DMARC) and the latest security best practices, including opportunistic TLS, strong ciphers, and HSTS. When enabled, DNSSEC (with DANE TLSA) provides a higher level of protection against active attacks. Exchange ActiveSync is also available as a beta feature.
The setup guide walks you through getting your own box set up. Users report it taking just a few hours to get to a fully operational system. And see the video above!
If you are an expert and have a domain name and a completely fresh Ubuntu 14.04 machine running in the cloud, you basically just run on that machine:
curl -s https://mailinabox.email/setup.sh | sudo bash
Please note that the goal of this project is to provide a simple, turn-key solution. There are basically no configuration options and you can’t tweak the machine’s configuration files after installation. If you are looking for something more advanced, try iRedMail or Modoboa.
Note: Mail-in-a-Box’s maintainer works on Mail-in-a-Box in his limited free time. Your mileage may vary.
Mass electronic surveillance by governments revealed over the last several years has spurred a new movement to re-decentralize the web, a movement to empower individuals to be their own service providers again.
Although the core protocol of email, SMTP, is inherently decentralized, in practice email has become highly centralized because it is so damn difficult to implement the dozens of modern protocols that surround it. Mail-in-a-Box takes care of all of that, and no more.
This is important not just for privacy, but for the ability for the web to evolve and improve as it always has: through the ability of everyone to see how it works, tinker, and propose innovative changes.
If you need help, please check the maintenance guide and then ask on the forum. If you think you have found a problem in Mail-in-a-Box or don’t get a response on the forum, then open an issue on github.
Do not tweet questions: Always start on the forum so others can benefit from seeing your question too.
Reporting spam/fraud/abuse: Mail-in-a-Box actually isn’t a mail service at all. It is more like a cooking recipe for how to create a mail service — therefore, we have no way to know who is following the recipe and have no control over people baking our cake to hide a poison. Like cake, there are many recipes for creating email servers besides Mail-in-a-Box (Microsoft Exchange Server being one of the most popular), and we are just unlucky when sometimes someone with bad intentions choses ours. In other words, we don’t control how people use Mail-in-a-Box and have no technical or legal means to disable other people’s services. You may want to check out the Mail-in-a-Box discussion forum and coordinate with anyone that has reported a similar situation recently.
Mail-in-a-Box is based on Ubuntu 14.04 LTS 64-bit and uses very-well-documented shell scripts and a Python management daemon to configure the system. Take a look at the system architecture diagram and security practices.
Development takes place on github at https://github.com/mail-in-a-box/mailinabox.
Note that the goals of this project are to . . .
Additionally, this project has a Code of Conduct, which supersedes the goals above. Please review it when joining our community.
Mail-in-a-Box is dedicated to the public domain using CC0.