Overview

Email is where many FOSS enthusiasts draw the line. Most mainstream email providers — Gmail, Outlook, iCloud — are free in exchange for your data. The alternatives are scattered, and the tradeoffs are complex.

This guide surveys the practical FOSS-friendly email options: from hosted services with ethical stances to fully self-hosted solutions.

The FOSS Email Landscape

Email is notoriously difficult to self-host well. Deliverability (getting your emails past spam filters), MX record management, TLS, and DKIM/DMARC setup are all nontrivial. The options below range from “nearly zero effort” to “full sysadmin”.

Hosted FOSS-Friendly Services

Disroot

What it is: A nonprofit, community-driven email and productivity service.

• Pricing: Pay what you want (recommended €12/year or more)
• Storage: 1 GB (flexible based on donation)
• Features: Email, cloud storage (Pydio), Etherpad, PDF collaboration
• Privacy: No tracking, no advertising, based in the Netherlands
• FOSS: Fully FOSS stack — they host their own instances of open source tools

Why consider it: Disroot is one of the few truly nonprofit, community-run email providers. Their values align with FOSS principles, they publish transparency reports, and they use open source software throughout.

Caveats: Storage is limited compared to Gmail. No native mobile app (use any IMAP client). Small operation means limited redundancy.

Proton Mail

What it is: End-to-end encrypted email with a strong privacy focus.

• Pricing: Free tier available; Plus at €4/month, Unlimited at €10/month
• Storage: Up to 500 GB (Unlimited)
• Features: End-to-end encryption, Proton Calendar, Proton Drive, VPN
• Privacy: Zero-access encryption (even Proton can’t read your mail)
• FOSS: Mobile apps are open source; web app is partially open source

Why consider it: Proton Mail’s encryption is genuinely strong — messages between Proton users are end-to-end encrypted by default. Good if privacy from the provider matters to you.

Caveats: Proton Mail’s server-side code is not fully open source. Their encryption only works for Proton-to-Proton emails by default; external emails are encrypted with a password but not seamlessly. They’re Swiss, which is good for privacy, but they’re a for-profit company.

Mailbox.org

What it is: German email provider focused on privacy and sustainability.

• Pricing: €3/month (standard), €6/month (plus with more storage)
• Storage: 2 GB to 100 GB depending on plan
• Features: Email, calendar, contacts, tasks, office suite (OnlyOffice)
• Privacy: No advertising, German GDPR compliance, green hosting
• FOSS: Uses open source components; server-side code not fully open source

Why consider it: Germany’s privacy laws are strong, and Mailbox.org is a respected, established provider. They’re transparent about their infrastructure and have a strong reputation.

Caveats: Not fully open source. German hosting may not suit everyone. UI is functional but not modern.

Mail-in-a-Box (Self-Hosted)

What it is: A one-click mail server setup script that turns an Ubuntu VPS into a fully functional mail server.

• Pricing: Free (just VPS cost, ~€4-6/month)
• Stack: Postfix, Dovecot, Roundcube, SpamAssassin, Nginx, Let’s Encrypt
• Features: Webmail, IMAP/SMTP, calendar (Radicale), contacts (CardDAV), DNS configuration
• License: MIT (FOSS)

Why consider it: Complete control over your email. No third party sees your mail. One script sets up everything including proper DKIM, SPF, and DMARC.

Caveats: Deliverability is challenging — spam filter reputation for new self-hosted mail servers can be poor. Requires ongoing maintenance. If your server’s IP gets blacklisted, fixing it is your problem. Not recommended for beginners.

Self-Hosted Email: What You Need to Know

Self-hosting email is technically accessible but operationally demanding. Here’s what’s involved:

Infrastructure Requirements

• VPS with proper SMTP ports: Most cloud providers block outbound port 25 by default. Hetzner and some others allow it.
• Dedicated IP: Shared IPs for mail are problematic — if a neighbor gets blacklisted, you suffer too.
• Reverse DNS (PTR record): Must match your mail server’s hostname.
• Reputation: New mail servers have no reputation. It takes time to build trust with major mail providers.

Essential Records

# SPF: Authorize your server to send mail for your domain
v=spf1 mx a:mail.yourdomain.com ~all

# DKIM: Cryptographic signature proving the mail came from your server
# (Generated by your mail server software)

# DMARC: Policy for how receivers should handle SPF/DKIM failures
v=DMARC1; p=quarantine; rua=mailto:dmarc@yourdomain.com

The Deliverability Problem

Even with perfect technical setup, major providers (Gmail, Outlook) may filter your self-hosted email into spam because:

1. Your server has no reputation history
2. Your IP may be on blocklists from previous tenants
3. You lack the signals (user engagement metrics) that Google uses

Many self-hosters solve this by using a “mail relay” — a transactional email service (like Mailgun or Sendgrid’s free tier) that sends your mail but keeps your domain branding. Your self-hosted server receives mail; a relay handles outbound delivery.

Comparison Table

Recommendation

For most people moving away from Gmail/Outlook:

1. Start with Disroot or Mailbox.org — zero setup, immediate privacy improvement, ethical operation
2. Consider Proton Mail if end-to-end encryption for Proton-to-Proton communication matters
3. Only self-host if you have the skills and time, and understand the deliverability challenges

Don’t self-host email as your first Linux project. The consequences of misconfiguration (spam reputation damage, data loss) are high. Use a trusted hosted provider until you’re comfortable with Linux administration.