I was trying to deploy Ghost on a DigitalOcean droplet and found that DO and many different VPS services have started to block the default SMTP ports to try to combat the various types of abuse they get. To actually configure my app, I had to hack together a Postfix relay.
In another project, I had a static site which had a contact form, but my free Formspree account was occasionally hitting usage limits and I desperately wanted some of the anti-spam features they had gated behind their paid accounts so I put together a caddy module to catch HTTP POSTs and bounce them to my provider.
I kept bumping into these same email issues. Many of the services I wanted to host (Gitea, Mastodon, Umami, Comentario) ran into the same limitations. This felt like a really common issue that had no good solution.
Posthorn is what I built to solve this. It's a small Go binary (or 10 MB docker image) that sits between your self hosted apps and your transactional email provider of choice (shipping with support for Postmark, Resend, Mailgun, Amazon SES or an outbound SMTP relay). It also accepts POSTs from HTML forms to support static site needs while adding security layers such as honeypot fields, origin checks and IP rate limiting. There's also a JSON HTTP API that supports Bearer auth for backend scripts or cron jobs that just want a /send endpoint.
I now use this personally in multiple scenarios and I've spent a lot of time beating this up and testing against what I can validate. I'd love to hear how this might be useful for you, what breaks and any feedback you might have. It's open source under Apache 2.0 and I'd love contributions. I'm planning to support and grow this for the long haul.
Code: https://github.com/craigmccaskill/posthorn
Docs: https://posthorn.dev/
Longer write up: https://craigmccaskill.com/introducing-posthorn/
Previous HN discussion on the exact issue I'm trying to solve: https://news.ycombinator.com/item?id=43620318
Title: "Linux Memory Had One Maintainer for 26 Years. He Just Quit. Now What?"
Subtitle: "One person held the code that runs every Android phone, cloud server, and supercomputer for 26 years. On April 21, he posted one message and then was silent."
Last non-paywalled sentence: "Two weeks later, at a developer summit in Zagreb, the memory management team tried to figure out how to replace him. They couldn’t."
This sounded very alarmist so I did a quick search (note: I'm not a Linux kernel expert or enthusiast by any measure). What I found seemed fairly tame:
Andrew Mortan's transition announcement: https://lwn.net/ml/all/20260421094216.8dfe14a8c62f2420fa5aace1@linux-foundation.org/
May 7 announcement of new maintainer: https://lwn.net/Articles/1070994/
Can someone familiar with the matter confirm that I was right to dismiss the original article as alarmist engagement bait, or is there reason for worry?
So, instead of becoming a 100x engineers, you (including me) simply become a multi-window-enter-clicker
I build a tool to solve this. It works locally, using OCR finds the "run" (or any other label you put e.g. accept, allow, fetch etc. ) and just clicks this button.
Originally this was a tool for me and my team, but people seamed to love it so much, they encouraged me to share with you.
I do understand that workflows in each bigtech company is different, so what worked for us !-> will work for you. So if you are interested in using this or have any question, please feel free to reach out, open issues and prs.
lets make AI slop inevitable! https://github.com/Alcray/SlopeAutoAcceptor