[PLUG] Whether to host one's own email these days?

Mark Allyn allyn at well.com
Mon Sep 21 17:54:19 UTC 2020


Folk:

I have a server on Linode for my web server, which is www.allyn.com

I then rented another Linode server to try to do my own email (just me, allyn at allyn.com) no one else as this is for me, not a business or group. I used Linode DNS to call that machine mail.allyn.com and then set up the reverse DNS so that it's IP would point back to mail.allyn.com and not to the Linode issued name. Linode allows me to do this for both IPv4 and IPv6. I am guessing the Digital Ocean, AWS, OVH and the others are most likely similar in handling DNS for their customers. 

Note that for new customers, Linode will block port 25 to reduce risk of outgoing spam. You need to file a support ticket for your server to enable the mail ports.

I then install Postfix and Spamassasin (no listservs, though). And then I tried to follow all of the suggestion to lock this down. No POP or IMAP. I would log in using ssh and use the text based email client on the machine.

I set up the certification and thoroughly checked the emails coming from me to another email address that I had and saw that all of the headers SPF, DKIM, etc were there and looked okay.

Everything went well until Spamhouse, or whatever their spelling blocked me. It turns out that Spamhouse gets mad at you if you use and IPv6 address on Linode because Linode gives each of us one Ipv6 address and not an IpV6 block.

Then I found out that Comcast apparently blocks anything from Linode (I don't have Comcast email, so I had to find that out from someone on Reddit). I am guessing they got made at Linode because one Linode customer did not set up thing right and ended up being what's called an email relay.

Opinions on Reddit go through the entire range of Linode has a bad spam reputation to Comcast does not know what it's doing.

So, I decided that the effort is not enough. I shut down email and then signed up with Google's gmail. 

So far, since this is just me for my personal email, Google does fill the bill.

This has been my experience.

Thank you

Mark Allyn
Bellingham, Washington

----- Original Message -----
From: "Paul Heinlein" <heinlein at madboa.com>
To: "Portland Linux/Unix Group" <plug at pdxlinux.org>
Sent: Monday, September 21, 2020 10:26:19 AM
Subject: Re: [PLUG] Whether to host one's own email these days?

On Sun, 20 Sep 2020, Eric House wrote:

> And so the question: what are those of you who have the expertise to
> run an email server doing? Do you handle your own mail, or do you pay
> a service to do it for you?

I run my own, and have ever since I registered by domain in the late 
90s.

Pros:
- easy to control aliases, forwards, etc
- access to raw log files useful for troubleshooting
- nice way to experiment with new features, software, etc
- easy to backup whole mail store natively rather than via IMAP
- server-side filtering via procmail, sieve, etc
- easy to set up temp accounts or accts for friends/family
- can set access restrictions (ex: require VPN for IMAP)

Cons:
- spam control is difficult and requires attention
- patching, monitoring, maintenance never disappear
- need to maintain SSL certs, probably
- IP blacklists**

**Concerning IP-based blacklists. I run my mail services on a VM at 
Digital Ocean. When I upgrade servers, which admittedly is not all 
that often, and get a new IPv4 address, I need to endure this period 
where my outbound messages are blocked. So I need to go cap in hand to 
Google, Microsoft, etc. and ask pretty-please would you not block 
messages from www.xxx.yyy.zzz.

Digital Ocean is now offering floating IP address (ala AWS) so my next 
upgrade will get an address that won't change from then on. Still, 
it's a hassle.

> If the former, what are the leading choices on a Debian server? If 
> the latter, services to be recommended?

I use CentOS, but I suppose the key software packages are all 
available on Debian:

- Sendmail
- Dovecot
- OpenDMARC
- SpamAssassin (and spamass-milter)

I stick with sendmail due to familiarity and inertia, but it hasn't 
been subject to a major vulnerability in a long time. I'd probably use 
Postfix if I were starting from scratch, if only because it seems like 
there's better community support for it these days.

There's no free lunch here. I pay for my VM in part for reasons other 
than mail hosting, but it's still a monthly charge. I don't mind 
paying for it, but it's still a monthly bill. On the other hand, I get 
to stay somewhat current with FOSS mail tools, even though I no longer 
maintain mail services at work.

-- 
Paul Heinlein
heinlein at madboa.com
45°38' N, 122°6' W
_______________________________________________
PLUG: https://pdxlinux.org
PLUG mailing list
PLUG at pdxlinux.org
http://lists.pdxlinux.org/mailman/listinfo/plug
-- 
Mark Allyn
Bellingham, Washington
www.allyn.com



More information about the PLUG mailing list