Mailcow vs Microsoft Exchange: Self-Hosted Email on Your Own Terms

Microsoft Exchange: The Enterprise Standard

Microsoft Exchange has been the backbone of corporate email since the mid-1990s. In its on-premises form, Exchange Server provides email, calendaring, contacts, and task management through a tightly integrated stack that pairs with Outlook, Teams, and the broader Microsoft 365 ecosystem. For large organisations already invested in Microsoft's platform, Exchange is the path of least resistance.

Over the past decade, Microsoft has aggressively pushed customers towards Exchange Online - the cloud-hosted version included in Microsoft 365 subscriptions. Exchange Online removes the infrastructure burden entirely: no servers to maintain, no updates to apply, automatic scaling. The trade-off is the same as with any managed service: your email flows through Microsoft's infrastructure, you pay a recurring per-user fee, and you operate within Microsoft's terms of service and data retention policies.

Exchange Online pricing starts at around €4/user/month for the standalone plan and rises to €10–€22/user/month for full Microsoft 365 Business plans. For a 20-person team, that's €960–€5,280 per year - before any additional Microsoft 365 licences for Office apps.

Mailcow: The Open-Source Docker Mail Server

Mailcow (mailcow-dockerized) is an open-source mail server suite that runs entirely in Docker containers. It bundles every component a production mail server needs - Postfix, Dovecot, Rspamd, ClamAV, SOGo, Nginx, MySQL, and Redis - into a single Docker Compose stack managed through a polished web admin interface.

The result is a self-hosted mail server that competes directly with Exchange Online on features, at a cost of a single VPS rather than per-user licensing. A well-specced server handling 50 mailboxes costs €15–€25/month in infrastructure - a fraction of the per-seat alternative.

Mailcow is actively maintained, has a large community, and releases monthly updates. The admin UI covers domains, mailboxes, aliases, DKIM, spam policies, two-factor authentication, and more - without requiring any command-line knowledge for day-to-day operations.

Feature Comparison

Feature	Mailcow	Exchange Online (M365)
Email (IMAP/POP3/SMTP)	Yes	Yes
Webmail	Yes (SOGo)	Yes (Outlook Web)
CalDAV / CardDAV	Yes (SOGo)	Via connector (not native)
Spam filtering	Yes (Rspamd)	Yes (EOP / Defender)
Virus scanning	Yes (ClamAV)	Yes (Defender)
DKIM / SPF / DMARC	Yes (built-in)	Yes
Two-factor authentication	Yes (TOTP)	Yes (MFA)
ActiveSync (mobile)	Yes (SOGo)	Yes (native)
Outlook client support	Via IMAP / CalDAV	Native MAPI/EWS
Full-text search	Yes (Solr optional)	Yes
Data sovereignty	Full - your server	Microsoft's infrastructure
Open source	Yes (MIT/GPL)	No
Cost model	VPS only (~€15–25/mo)	Per user (~€4–22/user/mo)
Maintenance required	Yes (low with Docker)	None (managed)

Key Differences

Cost at Scale

The economics shift dramatically depending on team size. A single Mailcow instance on a €20/month VPS (4 vCPU, 8 GB RAM) comfortably handles 50–100 mailboxes. The equivalent Exchange Online Business Basic plan for 50 users costs around €200/month. At 100 users the gap widens to €400+/month - over €4,800/year saved for a comparable feature set.

The caveat: Mailcow requires someone with the skills and time to manage it. If your team has no technical capacity for server maintenance, the cost of that labour closes the gap. For teams with existing Linux/Docker expertise - or an IT partner - it's a straightforward calculation.

Data Sovereignty and Privacy

With Exchange Online, all email - including metadata, attachments, and search indexes - resides on Microsoft's servers, subject to Microsoft's data retention policies, US cloud legislation, and law enforcement requests. For most businesses this is accepted practice. For law firms, medical practices, agencies handling client NDAs, or any organisation operating under strict data protection requirements, it can be a compliance issue or a genuine risk.

Mailcow runs on a server you choose in a jurisdiction you control. Backups go where you send them. No third party has structural access to your mail data.

Outlook Integration

This is Exchange's clearest advantage. Outlook connects to Exchange via MAPI/EWS - a deep, proprietary protocol that enables shared calendars, meeting room booking, delegate access, and other enterprise collaboration features that don't translate cleanly to IMAP/CalDAV.

Mailcow supports Outlook via IMAP and CalDAV. Basic email and calendar sync work well. Complex Exchange-specific features - delegate mailboxes, shared inboxes with full Exchange semantics, resource booking - require workarounds or aren't available. If your workflows are built around advanced Outlook/Exchange integration, this matters. If you primarily use email clients that speak IMAP/CalDAV (Thunderbird, Apple Mail, mobile apps), it doesn't.

Spam Filtering Quality

Mailcow uses Rspamd, one of the most capable open-source spam filtering engines available. With proper DKIM, SPF, and DMARC configuration and a short learning period, Rspamd's accuracy rivals commercial solutions. Microsoft's Exchange Online Protection (EOP) and Defender have the advantage of processing billions of messages for threat intelligence, which gives them an edge on zero-day phishing campaigns - but in practice, both solutions perform comparably for typical business email.

Maintenance Overhead

Running a mail server is not trivial. Email has a reputation as one of the more demanding self-hosted services because deliverability depends on a chain of configuration details - rDNS, SPF, DKIM, DMARC, TLS, reputation - all of which need to be correct for your email to land in inboxes reliably. Mailcow handles most of this well out of the box, but initial setup requires attention and occasional maintenance.

Monthly updates take a few minutes (git pull && docker compose pull && docker compose up -d). Monitoring, backups, and occasional Rspamd tuning are part of the ongoing responsibility. Exchange Online requires none of this. The question is whether the cost savings justify taking that responsibility on.

Installing Mailcow

Mailcow's installer automates most of the complexity. You need a Linux server (Debian, Ubuntu, Rocky Linux, or Alpine), a domain with DNS control, and Docker.

⚠️

DNS before everything. Set up your MX, A, and PTR (reverse DNS) records before starting. Mailcow's installer needs a correctly resolving hostname. Your VPS provider's control panel usually lets you set rDNS - this is critical for deliverability.

Server Requirements

RAM: 6 GB minimum, 8 GB recommended (ClamAV alone uses ~1 GB)
CPU: 2 vCPU minimum
Disk: 20 GB+ for the OS and Docker images; email storage depends on usage
OS: Debian 11/12, Ubuntu 22.04/24.04, Rocky Linux 9, or Alpine 3.22
Open ports: 25, 80, 110, 143, 443, 465, 587, 993, 995, 4190

Step 1 - Install System Packages

Install the required dependencies for your distribution:

Debian / Ubuntu:

apt update
apt install -y git openssl curl gawk coreutils grep jq

Rocky Linux / RHEL-based:

dnf install -y git openssl curl gawk coreutils grep jq

Alpine Linux:

apk add --no-cache --upgrade sed findutils bash git openssl curl gawk coreutils grep jq

Step 2 - Install Docker

Use the official Docker install script - do not use the distribution's packaged version, as it is typically outdated.

Debian / Ubuntu:

curl -sSL https://get.docker.com/ | CHANNEL=stable sh
systemctl enable --now docker

Rocky Linux / RHEL-based:

dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
dnf install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
systemctl enable --now docker

ℹ️

Docker Compose version. Mailcow requires Docker Compose v2.0 or later. With the plugin installation above this is satisfied automatically. Verify with docker compose version - the command uses a space, not a hyphen.

Step 3 - Clone and Configure Mailcow

su -
umask 0022
cd /opt
git clone https://github.com/mailcow/mailcow-dockerized
cd mailcow-dockerized

Run the configuration generator. It asks for your mail hostname (e.g. mail.example.com) and timezone, then writes mailcow.conf:

./generate_config.sh

Review and adjust the generated config if needed:

nano mailcow.conf

Key settings to verify in mailcow.conf:

MAILCOW_HOSTNAME - must match your DNS A record and PTR record exactly
TZ - your server's timezone (e.g. Europe/Berlin)
HTTP_PORT / HTTPS_PORT - change if ports 80/443 are already in use
SKIP_CLAMD - set to y on servers with less than 6 GB RAM to disable ClamAV and save ~1 GB RAM

Step 4 - Start Mailcow

docker compose pull
docker compose up -d

The first startup takes several minutes as Docker pulls all images (~1.5 GB total). Watch progress with:

docker compose logs -f

Once all containers report healthy, navigate to https://mail.example.com. Log in with the default credentials:

Username: admin
Password: moohoo

⚠️

Change the admin password immediately after first login. Go to Access → Edit administrator in the admin UI.

Step 5 - Add Your Domain and First Mailbox

In the admin UI:

Go to Configuration → Mail Setup → Domains and add your domain (e.g. example.com)
Copy the DKIM public key shown and add it as a TXT record in your DNS at dkim._domainkey.example.com
Go to Mailboxes and create your first mailbox
Verify your SPF, DKIM, and DMARC records are in place using a tool like MXToolbox

Updating Mailcow

Mailcow ships a built-in update script. Run it monthly to stay current:

cd /opt/mailcow-dockerized
./update.sh

The script pulls the latest code, checks for config changes, rebuilds containers, and restarts only what changed. A typical update takes under five minutes with no mail downtime.

Troubleshooting: Non-Standard MTU

On cloud providers that use overlay networks (OpenStack, some Hetzner configurations), the default MTU of 1500 may cause packet fragmentation. If you experience connectivity issues, add the following to docker-compose.yml under the network definition:

networks:
  mailcow-network:
    driver_opts:
      com.docker.network.driver.mtu: 1450

When to Choose Exchange / Microsoft 365

Your workflows depend on advanced Outlook features - delegate access, resource booking, Exchange-native shared mailboxes
You're already standardised on Microsoft 365 and the bundled Office apps justify the per-seat cost
You have no technical capacity or appetite for server management
Compliance requirements mandate a specific Microsoft certification or audit trail
You need Microsoft Teams deeply integrated with your email calendar

When to Choose Mailcow

You have 5–200 mailboxes and want to eliminate per-seat licensing costs
Data sovereignty is a hard requirement - GDPR compliance, client NDAs, or sector regulations
Your team uses IMAP clients, webmail, or apps that speak CalDAV/CardDAV natively
You want full control over spam policies, retention, and data export
You already run a Linux VPS and are comfortable with Docker maintenance

Recommendation

For SMBs with technical capability: Mailcow is the clear choice. The feature set covers the needs of the vast majority of business email users, data stays on your infrastructure, and the ongoing cost is a fraction of per-seat licensing. The initial investment is a half-day of setup; the ongoing maintenance is an hour per month at most.

For Microsoft-centric enterprises: Exchange Online makes sense when you're already deep in the Microsoft ecosystem and the per-seat cost is justified by the bundled tooling. The managed service trade-off - no maintenance, no control - is acceptable in this context.

For regulated industries: Evaluate both options carefully. Mailcow gives you full data sovereignty but shifts compliance responsibility to you. Exchange Online has Microsoft's compliance certifications but places your data under Microsoft's governance. Neither answer is universal - it depends on what your specific compliance framework requires.