I feel like most commenters here haven’t understood what you’re proposing.

I’ve thought about doing this, I’ve seen other commenters say they’re doing it. It’s not a terrible idea. I haven’t done it myself because … it’s just not a priority and I’m not sure it ever will be. Anyway …

If you’re willing to set up and self host your own email stack like mail-in-a-box or whatever, then configuring a separate outbound SMTP server is fairly trivial in comparisson.

If you already had your own stack set up to be self hosted you would ordinarily be using the SMTP server there-with to send emails.

Firstly configure your client to use whatever other SMTP server you have access to. I think it’s possible to use mailgun or one of those API transactional senders. You could get a cheap plan with mxroute or any other email host and just use the SMTP server.

Suppose your client is Thunderbird and you set up your account like smtp.mxroute.com for outbound and imap.myserver.com for email storage. When you send an email tbird transmits it through mxroute and then stores it on your imap server at myserver.com in your sent folder.

The potentially complex part is configuring spf & DKIM records on your domain.

SPF

I’m not sure if I’ll be able to explain this clearly but… suppose a recipient’s spam service receives an email purportedly from marauding_giberish@myserver.com but transmitted by smtp.mxroute.com. That spam service will look up the DNS records for myserver.com and inspect the records for the spf record. This record pretty much lists which servers are authorised to transmit email from addresses ending in myserver.com. So with a more typical set up an spf record might be:

“v=spf1 include:myserver.com -all”

This would indicate that only the smtp server at myserver.com can transmit email from your domain.

You would edit that to include the mxroute smtp server like this:

“v=spf1 include:mxroute.com include:myserver.com -all”

This way, recipients can confirm that the owner of myserver.com domain has formally designated mxroute as an authorised recipient.

DKIM

Your SMTP server will have a public & private key pair which it uses to sign outbound messages. Recipients can use the public key to confirm the signature and thereby confirm that the message has not been altered in flight.

Whatever SMTP server you use will tell you the public key and instruct you to add that to the DNS records of your custom domain.

That’s the one that looks like this:

“v=DKIM1; k=rsa; p=MIIBIj [ … it’s a long key … ] op3Nbzgv35kzrPQme+uhtVcJP”

Once this is in place recipients of your emails can query the DNS for myserver.com and find this public key, and use it to confirm that the signature on the email they received is authentic.

Sorry to be that guy but replicating / syncing isn’t really backing up.

You need snap shots or versioning.

It looks like there’s several distinct components to gpodder which confuse things.

Firstly gpodder seems to be a desktop podcast client.

Secondly there’s the sync service / protocol. Gpodder.net provides this for free but according to antennapod doesn’t have adequate resources and causes errors in your client (which I can confirm). There are other containers available which are not from the gpodder team but emulate the protocol.

Finally there’s the recommendation / discovery service apparently provided by gpodder.net. I haven’t been able to get this to work because my client hasn’t been able to sync yet, despite 12 hours of trying.

In my own case, I already have a client (antennapod) and I’m not really interested in sync because I only use the one device. The recommendation / discovery service would’ve been cool but it seems broken for the moment.

Oh wow. I’d seen the gpodder thing in antennapod subscriptions but never realised it was a kind of discovery / recommendation service.

I wonder if the recommendation stuff works with a self hosted instance?

I’ve heard this analogy before but I don’t really care for it myself.

It creates a mental image but isn’t really analogous.

In the case of a firewall on a server behind a NAT, ports forwarded through the NAT are holes through the first several slices.

This. It’s unnecessary but it’s another layer.

I don’t think the SPF / DKIM / DMARC stuff is overly complex nor the core of the problem.

In my case it was recipients with bonkers microsoft exchange servers that just had weird ideas about who should be sending them emails.

For example, one thing that tripped me up forever ago was grey listing. Apparently the receiving server just wouldn’t acknowledge the sending server for an arbitrary period of time, say 12 hours or so. Spam senders would usually give up long before then, while a legit server would keep trying because it’s legitimately trying to deliver an actual email.

So my email-in-a-box type self hosted set up was fine really. Compliant you might say. But to send emails to this one in a thousand recipient I had to investigate what was going on and reconfigure things to ensure their server would interact with mine.

Another thing that can happen is that spammers just put your email address in the “from” field and fire off a few million emails. Obviously the DKIM signatures and SPF won’t match but it still just makes your future legitimate emails look spammy. Having the credibility of a larger organisation goes a long way in this type of instance.

I’m absolutely in the “don’t self-host email” camp. That said, I think it could be done reliably if you wanted to use someone else’s SMTP server and let them worry about deliverability. As in, have your mx records on your domain route to your MTA and dovecot, but set your DKIM and SPF records to match a third party SMTP server. You could use mxroute as an SMTP server very cheaply. There are others like the email API type services. I still can’t think of why I’d want to self host with all this drama but just an idea I’ve heard.