Would you pay for this? For the last 3 years I've been creating a platform for this kind of servers for a small spanish ISP. It has grown to 15 Openvz hosts. A rails app connects to the host to create the virtual machine. Centos is installed and configured with puppet. A rails app is installed in every server and used to configure the accounts, domains, etc.
Postfix, Cyrus, IMAPS, SMTPS, POP3S, HTTPS, Sieve for filters on the server, roundcube as webmail (on a new product I would pay for @mail), decent spam filter (right now we run our own system based on commtouch and spamassasin), etc. You can export the whole cyrus mail storage folder or export mail to other server with imapsync, same thing with the database that contains the account, domains and aliases, so you are not locked. Billing can be done by hard drive space or accounts. They are also good as outgoing mail servers because you are on your own ip.
I run everything by myself, right now we have 126 servers with about 12300 accounts and thanks to puppet it's really easy to admin. I've always thought that I should try to do it by myself.
The primary reason I won't outsource this service is trust. I don't trust anyone with that data.
Access to my email allows for resetting all my passwords, seeing all my contacts, and tracking literally everything about my day-to-day business and personal life.
I hope all your email is encrypted, because otherwise every hop the email traveling to/from your server takes has access to all the data you hold so dear.
Actually most SMTP now talk SSL to each others, so while the hops (generally, just 2: sender and receiver) could also be compromised, the attack surface is smaller than one would think.
Not to dispute your claim, but how do you know this? Is there some sort of global, internet-wide survey of SMTP servers somewhere that supports what you say?
It's easy to tell which mail servers are using SSL by looking at your mail server logs. He probably only cares that most of the mail servers talking to him use SSL (which is also true for every mail server I have administered).
This is a much smaller attack surface than a centralized data store holding static e-mail archives and accounts for a large number of users, open to at-will offline browsing.
DNSSEC and SSL further reduce this attack surface.
yes, it's pretty stupid but it's the product that the commercial team sells (your own small managed private mail server). Some of the servers have more than 2000 accounts but others have 6 or 10... A few years ago, until 2006, the servers where small appliances installed on the client's office. Now they work the same way but mostly virtual and since most of the clients are small bussiness.. some have really few accounts.
On our shared mail system we have about 40k accounts in 2 cyrus servers (with 2 more for HA)
What happens when Google suspends your account and you loose all your email, docs, etc? Your online identity (you no longer have your main email address) gone?
That's what I do, and it gives you a portable email address, but doesn't address the other concerns. Ultimately, email is a communication medium, not a filesystem. Using IMAP folders for long-term storage is tempting, but it's off-label.
Total number of times I have accidentally lost my own data: Way more than 0
Total number of times Google has in any way caused me harm by having "access" to my e-mails: 0
Total number of times I've been glad Google used intelligence gathered from my e-mails: Many (pre-populating Google+ circles, training a great spam filter, Priority Inbox, great search, decently appropriate and well-targeted ads)
Postfix, Cyrus, IMAPS, SMTPS, POP3S, HTTPS, Sieve for filters on the server, roundcube as webmail (on a new product I would pay for @mail), decent spam filter (right now we run our own system based on commtouch and spamassasin), etc. You can export the whole cyrus mail storage folder or export mail to other server with imapsync, same thing with the database that contains the account, domains and aliases, so you are not locked. Billing can be done by hard drive space or accounts. They are also good as outgoing mail servers because you are on your own ip.
I run everything by myself, right now we have 126 servers with about 12300 accounts and thanks to puppet it's really easy to admin. I've always thought that I should try to do it by myself.