Using Mailpit as a Personal Email Server for Privacy and Independence

[nickiv]

I recently came across an interesting thought:
modern email is something between a dumpster and a safe.

On one hand, it’s full of spam and promotional messages from every store or service I’ve ever signed up for.
On the other hand, it holds password-reset emails, bank reports, and even medical test results.

All of this lives unencrypted on an email provider’s servers, allowing them to build a detailed profile about you.

It’s clear that to improve privacy and reduce dependency on Big Tech, one needs to host their own mail server under a personal domain.

I decided to do exactly that — and I used Mailpit to make it happen.

So far, I really like the setup and wanted to share my experience.

Has anyone else tried something similar?

---

🧩 My setup

I run Mailpit on port 25 with Let’s Encrypt certificates, on the domain mail.example.com.
(example.com is just a placeholder — imagine it’s your own domain.)

Then I added an MX record for example.com pointing to Mailpit and updated my email address across all my accounts.
For instance, on GitHub I now use github@example.com.

When I register somewhere new, I use addresses like amazon@example.com —
the service name becomes the username.

All emails arrive successfully — I haven’t yet seen a single message that didn’t reach Mailpit
(which is one of the reasons I love it).

To read messages, I use both the web interface and the built-in iOS Mail client.
Access to web and POP interfaces is routed through WireGuard, minimizing the risk of brute-force or unauthorized access.

---

⚙️ Automation and integrations

I also added a few handy automations via the API, webhooks, and Node-RED (n8n would work too).

• If an important email arrives → I get a messenger notification
• If it’s spam → it’s deleted automatically
• You can even run messages through an LLM to classify importance

---

💡 Why I like this setup

Mainly for peace of mind — I’m no longer oversharing my data with third parties.
It also gives me a stronger sense of control over my online identity.

The main limitation, as you might guess, is that sending replies is tricky.
I rarely need to, but sometimes it matters — for example, one of my banks only accept messages sent from the original registered address.

As I understand it, outgoing mail is a whole different story —
running your own outbound mail server is complex, and messages are often flagged as spam.
I haven’t looked deeply into this yet, since I rarely need to send emails.

---

🧠 Things to keep in mind

You still need to renew your domain, maintain hosting, and take all possible precautions to protect it from hijacking.
That’s true for any self-hosted setup.

I expected bots to start spamming immediately — and yes, there’s some suspicious activity in the logs —
but so far it hasn’t been an issue. Just a few unwanted emails over several months.

---

❓Open questions

Maybe there are risks I’m not seeing?
What could go wrong with this kind of setup?
I’d really appreciate any feedback or criticism of the approach.

---

P.S. Mailpit is fantastic — a real pleasure to use, both for its intended purpose and beyond.

[axllent]

Hey @nickiv. Wow, that's an interesting read / concept, thanks for sharing!

So as you've noted, Mailpit is useful for receiving emails, to a certain degree storing them, and finally allowing you to either browse them via the web UI and/or download them using POP3. What it's not designed to do is to send emails, at least not in the manner you require (eg: new message or replying to existing messages. Given that Mailpit is here really just a catch-all mailbox for you, it's similar to any other hosted POP3 mailbox, whereby you still need a SMTP server to send your emails. I understand your (valid) concerns about running your own SMTP server (getting blocked etc), so given that your emails would be coming from the same "example.com" domain, it may pay to have a look at professional SMTP service such as Mailtrap or Mailgun which both have free tiers for the volumes of emails you would be sending (eg: Mailtrap has up to 150 free emails a day, Mailgun 100). This would also take care of DKIM/SPF/DMARC as these services usually allow you to set that up (you just need to set a few records in your DNS). The only "downside" I am aware of with Mailgun is that is changes the bounce email to its own servers so they can "unsubscribe" the email address to prevent future errors - if you were sending to an invalid address you wouldn't be notified if you used the wrong address (ie: bounced message), it would just silently fail in the background (although they do have some logs). You would also have to use your own mail client to compose those messages (eg: Thunderbird configured to use Mailpit for POP3, and one of those other services as SMTP).

Maybe there are risks I’m not seeing?

I don't think any big risks, but let's go over a few things:

1. Your emails aren't being scanned for viruses (although you mention integrating it with Node-RED, so that may provide some of that in addition to scanning for spam?). By the sounds of it you already have that sorted though, or at least have the know-how.
2. How is Mailpit configured with regards to accepting emails? If you haven't already, I would restrict it to accepting messages send to "@example.com" (see --smtp-allowed-recipients / MP_SMTP_ALLOWED_RECIPIENTS in Mailpit). Do not leave it wide open (accept any mail sent to any address), else you will heavily spammed at some stage as it will be seen as an open SMTP proxy. Spammers usually test first and check to see if it got relayed, however they will continue to try, so best not to entertain them.
3. You have blocked outside access to the web UI / API which is good. Mailpit does provide basic authentication for the web UI, but your approach is far safer.
4. You have added TLS to the SMTP server which is good.

What could go wrong with this kind of setup?

Good question - assuming my understanding above is correct, then I don't actually think there is much which can really go wrong, other than maybe receiving viruses (which won't affect Mailpit, but may affect your computer depending on which OS you are using). If your mail client leaves messages on the server indefinitely, and Mailpit is set to never delete automatically, then you may end up with a very large database file - although in saying that I have a copy of all my work email from the last 20 years sitting my internal Mailpit instance (142K messages, 4.1 GB), so Mailpit can handle that without an issue. Just a note that POP3 will only give you the latest 100 messages.