Free idea because I don't know if I'll get around to actually testing it to do a proper writeup about it.

Self hosting email at home without dynamic dns.

Editor's note: Running your own mail server can be annoying. Proceed with an abundance of caution.

Step 1) Get yourself a small computer that you want to host your email on. You can probably do this with a raspberry pi, but you will probably want a fair amount of storage. Samsung SD cards are cheap. https://www.amazon.com/Samsung-MicroSDXC-Adapter-MB-ME128GA-AM/dp/B06XWZWYVP

Step 2) Get yourself a cheap cloud server. I regularly use Digital Ocean's $5/mo offering for this type of thing. I know you're probably thinking "I thought you said self hosting email!" but don't worry, we'll get there. This server is what we call a "redirector"

Step 3) Point your MX record for your domain to the IP address of your redirector from step 2. While you're at it, also set your SPF record up so that only this IP can send mail for your domain. Doing this step now gives DNS time to propagate.

Step 4) This is the part that sucks. You need to install dovecot and postfix on your computer from step 1. Let me reiterate. Install postfix and dovecot on the computer that is in your home. Setting up these services is well documented so I won't cover that here.

Step 5) Now that you have postfix and dovecot installed, reconfigure them to only listen on localhost. That's right, localhost only. This is where the magic is about to happen.

Step 6) Setup autossh to establish an ssh connection to your redirector from step 2. Configure this to only use keys, and you can also configure it to only be used for port forwarding, it doesn't need a whole shell.

Step 6.5) You'll want to port forward your smtp and imap ports from your local machine to the redirector. From the redirector you should be able to send mail to localhost:<some ports you defined> and the mail should travel back to your home computer via the magic of ssh tunnels.

Step 7) Login to your redirector and install nginx. I know, I know. We're talking about setting up email and I just told you to install nginx, which is what you might call "a web server". It's about to all become clear.

Step 8) Setup nginx to listen publicly on your smtp (587) and imap (993) ports using the ngx_stream_core_module.

This module lets you listen on an arbitrary port and proxy the connection back to the port forwards you established in step 6.5.

https://nginx.org/en/docs/stream/ngx_stream_core_module.html

Step 9) You're going to need a TLS certificate, but we don't trust no redirector to decrypt our top secret mememails. You'll need certbot on your home computer and you'll want to follow a guide something like this https://upcloud.com/community/tutorials/secure-postfix-using-lets-encrypt/

Step 9.5) The guide in Step 9 probably won't work directly out of the box, you'll probably need to setup another temporary port forward to your redirector on port 80 so that certbot standalone can check on you.

Step 10) Congratulations for making it past the magic handwavey steps I just covered. Now you need to update postfix to use your letsencrypt tls certificates, which is also covered in the guide from step 9.

Step 11) Send yourself some dank memes to confirm that everything is working*

Disclaimer: If things are not working, please don't ask me. Email sucks.

BONUS ROUND: As of Postfix 2.10, PROXY protocol support is available. This means you can use the Nginx stream redirector with proxy_protocol to pass along the source-ip information to postfix

postscreen_upstream_proxy_protocol = haproxy

Anyways, I haven't set this up personally but I think this thread conveys the gist of the steps needed.

Then you can hate being a sysadmin, too.

Because running a mail server kinda sucks.

But at least you'll be happy knowing that your mail is in your house.