Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
You're trading one security issue (profileration of app passwords) to another one (an unauthenticated relay). Is it worth it?
An unauthenticated relay isn't a security problem when it can only send to certain addresses in 365, and isn't even accessible outside the local network.
Having an unauthenticated relay imposes the responsibility to configure it correctly (the "only certain addresses" part) and protect it (the "accessible outside the local network" bit). Are you sure it's not accessible? Did you remember to test with IPv6 too? Will it remain protected after the next time you mess around with your firewall for some totally unrelated reason?
If it works - good for you, but be mindful of all the baggage that comes with a new service.
Well…it is a potential risk that links back to you pretty much directly. What is stopping some rogue sw from sniffing out smtp and then going bananas?
I would look for other ways tbh. Running smtp locally is imo asking for trouble.
It's behind a firewall for one. But even so, you should configure it to only accept connections from the local network, only send via 365, and only to your own address, then the scope is vastly reduced.
threat & impact is essentially identical => "so for SMTP on all my devices at home"; the home environment is a bit swampy, a mix of protected and unprotected network.
A worm/bot sending out mass emails from Business 365 would be perceptually damaging to the business; would advise against SMTP and instead look at other secure methods of provisioning identity that are not quite as labor intensive as sticking credentials in each nook and cranny. Or...simply don't utilize O365....