Schleswig-Holstein completes migration to open source email

Original Article ↗ Hacker News Discussion ↗

Article/site issues

  • Several readers report popups/redirects on the original site; others say it works fine with Firefox + uBlock or on mobile Chrome.
  • An archive.ph mirror is shared as a workaround.

What Schleswig-Holstein actually deployed

  • Rough scale: ~30k users, ~40k mailboxes, ~100M emails/calendar items migrated.
  • Backend: Open-Xchange groupware suite on top of Dovecot Pro (not Cyrus), with IMAP/SMTP/CalDAV/CardDAV; operated by Dataport, a state-owned IT provider.
  • Clients: primarily Open-Xchange web UI, plus Thunderbird and thousands of mobile devices.
  • Some emphasize Open-Xchange is a long‑standing, substantial Exchange‑like suite, not just “Postfix + IMAP” glued together.

Open-Xchange code and bot pressure

  • Source appears on a self‑hosted GitLab; the GitLab “explore” page is restricted, but direct project URLs work.
  • Restriction is attributed to aggressive crawling by bots (including AI scrapers); small self‑hosted repos reportedly get hammered with thousands of requests per second.

Email deliverability and the M365/Gmail duopoly

  • Concern that operating outside Microsoft/Google ecosystems makes deliverability harder, especially for smaller providers.
  • One MSP recounts Gmail silently refusing their corporate mail with no meaningful diagnostics or human contact; they pay a 3rd‑party relay just to reach Gmail.
  • Others counter that a government domain has leverage: if recipients don’t get state emails, that’s “their problem,” and most traffic is intra‑government anyway.
  • Hope that more government‑run email will pressure big providers to make blocklisting more transparent and appealable.

Digital sovereignty, security, and WhatsApp dependence

  • Strong support for governments moving off foreign, closed stacks: seen as reducing US tech and political leverage, and improving strategic autonomy.
  • Counterpoint: Europe still depends on US security guarantees; real autonomy would require higher military and economic costs.
  • Broader worry about national infrastructure running on foreign platforms (e.g., Latin America’s deep dependence on WhatsApp for tickets, healthcare, and government services).
    • One side calls this a national‑security risk and “soft power conquest.”
    • Another argues the core issue is governments choosing to make WhatsApp the only channel, not WhatsApp’s dominance per se.

Comparisons: other government moves

  • France’s “Suite numérique” and the German federal “openDesk” also use Open‑Xchange; seen as part of a wider European push.
  • Some regret this isn’t an EU‑wide platform; others argue multiple national projects are healthier and more resilient, with EU optionally offering a non‑mandatory reference stack.
  • Contrast with:
    • Dutch and Swedish tax authorities moving to Office 365/Azure; Dutch tax office reportedly budgets millions yearly for manual backups in case US access is cut.
    • Indian government migrating from Microsoft to Zoho (closed‑source but domestic); discussion about Zoho’s affordability, security track record, and lack of open‑source commitment.

FOSS vs proprietary, and realism of migrations

  • Many frame FOSS as the only sustainable path to digital sovereignty: inspectable code, no single‑vendor kill switch, easier to fork if a supplier is sanctioned or collapses.
  • Skeptics note:
    • Most major FOSS institutions and infra (e.g., Linux Foundation, GitHub) are US‑based and subject to US policy; GitHub sanctions already locked out some countries.
    • Corporates rely heavily on Excel macros and other Office‑specific features; breaking one critical sheet can outweigh license savings. Munich’s partial reversal is cited as a warning, though its backend reportedly stayed open‑source.
    • Europe has had decades and ample money to build its own stack but repeatedly doubled down on US clouds; some doubt this time will be different.

Funding and sustaining the ecosystem

  • Suggestions that public bodies migrating to FOSS should redirect a substantial fraction of former license spend (e.g., 50%) into upstream projects like Thunderbird/Mozilla.
  • Others propose contributing engineering time rather than (or in addition to) money.
  • Underlying concern: without strong, ongoing institutional support, critical FOSS components may stagnate, undermining the promise of sovereignty.

Outlook

  • Many expect more European administrations to follow, driven less by cost or “software freedom” rhetoric and more by concrete sovereignty and trust considerations.
  • Some argue sovereignty, not AI, will be the defining IT theme to 2030; FOSS is seen as the most plausible way for multiple blocs (EU, China, others) to share code without mutual political dependence.