PROJECTS
- Progress: Completed! 100%
Introducing Searxng, the hidden gem of search engines! While it may not be as widely recognized as other options, Searxng offers a unique opportunity to take control of your privacy. By hosting your own open-source search engine, you can rest assured that everything is in your hands – from the source code to logging settings and private data. No need to trust unknown administrators. The best part? With Searxng, you can customize the default settings and say goodbye to cookies resetting your preferences. Plus, as long as your endpoint remains uncompromised, your settings will stay securely stored and inaccessible to others. Embrace the power of Searxng and experience the privacy of a random profile per search. Give it a go on Roth The IT Guy’s hosted search engine by visiting https://search.rothitguy.pro you can also add my hosted search engine to your browser!
Configuring custom search engine in FireFox
We first enable a hidden Firefox feature that improves how custom engines behave.
-
Open Firefox.
-
In the address bar, type: about:config
-
Accept the warning: “Proceed with caution”
- In the search box at the top, type: browser.urlbar.update2.engineAliasRefresh
- Double-click the entry to set its value to True
- Go to Firefox Settings
-
Open Firefox.
-
Click the menu icon (☰), then click Settings.
-
Go to the Search tab.
-
-
Scroll to “Search Shortcuts”
-
Click “Add”
-
Fill in the fields:
-
Name: RothITguy Search
-
Search URL: https://search.rothitguy.pro/search?q=%s
- Leave other fields default.
- Click Add Search Engine.
-
-
- Set It as Default
- Go back to Firefox > Settings > Search and select
RothITguy Searchunder the Default Search Engine dropdown. - You can optionally choose to “remove” the other search engines.
- Progress: Completed! 100%
SimpleX Chat is a privacy-focused messaging platform that operates without any user identifiers, making it highly secure and private. Unlike traditional messaging services, SimpleX Chat does not store user accounts or personal data on servers. Instead, all user data is stored locally on client devices in an encrypted format, ensuring that only the intended recipients can access the messages.
The platform uses end-to-end encryption for all communications, including messages, images, videos, and files. It employs a double-ratchet encryption protocol and out-of-band key exchange to prevent man-in-the-middle attacks and ensure communication integrity. SimpleX Chat also features temporary anonymous pairwise identifiers for each user contact or group member, providing strong metadata privacy.
Additionally, SimpleX Chat supports decentralized groups, encrypted voice messages, disappearing messages, and audio and video calls.
The platform can be accessed via Tor for added anonymity. The combination of these features makes SimpleX Chat a robust choice for users seeking secure and private communication. I am now hosting my own services.
“Messages, files & calls are protected by quantum resistant e2e encryption with perfect forward secrecy, repudiation & break-in recovery.”
- Progress: Completed! 100%
Currently hosting my own email server using Mailcow. https://mail.rothitguy.pro
Mailcow is an all-in-one email server solution that leverages a variety of well-established and widely-used components to create a reliable, secure, and feature-rich email platform.
Each container represents a single application, connected in a bridged network.
Core Components and Their Functions
| Component | Function |
|---|---|
| Postfix | Mail Transfer Agent (MTA) that handles sending and receiving emails via SMTP. |
| Dovecot | IMAP and POP3 server responsible for storing and retrieving email. It supports full-text search, Sieve filtering, and quota enforcement. |
| Rspamd | Spam filtering system with DKIM, DMARC, SPF, greylisting, and rate-limiting support. Learns from spam/ham feedback. |
| ClamAV | Antivirus scanner that scans incoming/outgoing mail for malware. |
| SOGo Groupware | Webmail interface with calendar, address book, and ActiveSync (mobile sync). Alternative front-ends like Roundcube are not included by default. |
| MariaDB | SQL database to store Mailcow configuration data like domains, mailboxes, aliases, etc. |
| Redis | In-memory key-value store used for caching and session management (e.g., for Rspamd and Dovecot). |
| PHP-FPM | Executes PHP scripts, required for the Mailcow admin panel and web interface. |
| Nginx | Reverse proxy and web server for the admin UI, webmail (SOGo), and ActiveSync. |
| ACME/Let’s Encrypt Companion | Automates SSL/TLS certificate generation and renewal. |
| Netfilter/Fail2Ban |
Optional tools for blocking malicious IPs and brute-force attempts. |
| Watchdog | Mailcow’s custom watchdog script for container health checks and automatic restarts of failed services. |
| Dsync/Dovecot replication | Optional: for multi-node setups with email syncing across servers. |
User Interface
There are two main user interfaces
1. Admin UI
| Feature | Description |
|---|---|
| Dashboard | Overview of mail system health, queue size, spam/ham stats, watchdog status, and service uptime. |
| Domain Management | Add/remove email domains, configure limits (mailboxes, aliases, quota). |
| Mailbox Management | Create/edit/delete users, assign passwords, quota, send limits, Sieve scripts, etc. |
| Alias & Forwarding | Set up aliases and forwarders per user or domain. |
| DKIM Key Management | Generate and rotate DKIM keys. TXT records are shown for DNS configuration. |
| Relay Settings | Configure domain-wide or global SMTP relays (e.g., for SendGrid, SES, etc). |
| Blacklist/Whitelist | Rspamd integration for managing sender/recipient rules. |
| Quarantine Viewer | Manages spam/junk quarantines with preview and release functions. |
| Rspamd Charts | Real-time stats and analytics via Rspamd UI. |
| System Logs | Syslog, mail logs, dovecot logs, and postfix queue visibility. |
| TLS/SSL Settings | Status of Let’s Encrypt or manually managed TLS certs. |
| Configuration Export/Import | Backup settings and domain/mailbox configuration via JSON. |
| 2FA for Admins | OTP-based two-factor login for the admin panel. |
2. User UI (Self-Service Panel)
| Feature | Description |
|---|---|
| Password Change | Users can securely change their mailbox password. |
| Sieve Filters | Create rules to sort, forward, reject, or auto-reply to mail. |
| Out-of-Office (Vacation) | Set start/end dates and auto-reply messages. |
| Alias Management | View aliases or redirect targets (if permitted by admin). |
| Spam Training | Some setups allow users to mark email as spam/ham, feeding Rspamd. |
| ActiveSync Device Control | Users can wipe or block connected mobile devices (via SOGo). |
Advanced Features
Advanced Features
Authentication & Security
-
2FA Support for admin panel (TOTP-based)
-
Fail2Ban and Netfilter rules to block brute force and spam bots
-
Per-user and per-domain TLS policy enforcement
-
Submission port 587 and SMTPS on port 465 with authentication
-
Mail rate limiting (outbound limits per mailbox/domain)
Mail Delivery Features
-
Sieve scripting for advanced mail filtering and actions
-
Greylisting to reduce spam by delaying first-time senders
-
Rspamd pre-filters with custom Lua rules
-
Sender reputation-based throttling
Relaying and Routing
-
Outbound relays: Configure SMTP relay per domain or globally (e.g., Gmail/SES integration)
-
Inbound filtering: Can route incoming mail through 3rd-party services before delivering
-
Recipient verification before relaying (anti-spam measure)
Backup & Restore
-
helper-scripts/backup_and_restore.sh: Easy full system and mailbox backup/restore
-
Works with rsync, rclone, or direct tarballs
-
Can exclude virus quarantine and logs to save space
Mail Sync and Replication
-
Dovecot dsync (experimental): Allows mailbox replication across nodes
-
Useful in HA or DR scenarios
Monitoring & Metrics
-
Rspamd Web UI: Live filtering stats, Bayesian database, reputation score, etc.
-
Netdata (optional): Real-time system resource monitoring
-
Prometheus/Grafana integration: Community-built exporters available
Mobile & Client Integration
-
Autodiscover/autoconfig for automatic email client setup (Outlook, Thunderbird, iOS)
-
ActiveSync via SOGo, including support for contacts and calendars
-
CalDAV/CardDAV support for cross-device syncing (Nextcloud, Thunderbird, iOS)
Developer/Automation Features
-
REST API: Manage domains, mailboxes, aliases, DKIM, etc.
-
Swagger UI available under
/api
-
-
Hooks: Execute scripts on specific mail actions (e.g., quarantine, delivery)
-
LDAP integration: (Experimental/community) for user management