Email is one of the bastions of the decentralised Internet and we should hang on to it.
Every day more and more people are moving to Gmail/Hotmail/Outlook and while I do understand the reasons, it also puts more and more power into the hands of these providers and the little guy (us) gets more screwed (like marked as junk by default by them :< )
Having said that, here's my check list for successfully delivering email:
- make sure your IP (IPv6) is clean and not listed in any RBL, use e.g. http://multirbl.valli.org/ to check
- make sure you have a correct reverse dns (ptr) entry for said IP and that ptr/hostname's A record is also valid
- make sure your MTA does not append to the message headers your client's IP (ie x-originating-ip), messages can be blocked based only on "dodgy" x-originating-ip (see eg https://major.io/2013/04/14/remove-sensitive-information-fro... )
- set up SSL properly in your MTA, there are so many providers giving away free certs nowadays
- SPF, DKIM, DMARC - set them up, properly, this site can come in handy for checking yourself https://www.mail-tester.com/
- do not share the IP of your email server with a web server running any sort of scripting engine - if it gets exploited in any way usually sending spam is what the abusers will do
- last but not least - and while I loved qmail and vpopmail - use Postfix or Exim, they are both more fit for 2016, more configurable and with much, much larger user bases and as such bigger community and documentation.
I hope someone will eventually create an "E-mail server in a box" package for Ubuntu LTS, so that more people can run their own E-mail. I'm not saying it has to be super-easy for everyone, just that it should avoid unnecessary chore work (like configuring postfix to always use TLS, or plugging postgrey into postfix).
Everything is configured with a single docker-compose, read about it here: https://news.ycombinator.com/item?id=11748036
> What is it if anything that happens if my internet cuts
> out at my home,
> should I instead use some sort of hosting provider
> for my mail server?
Mail was written to be resilient against network downtime.
The sender MUST delay retrying a particular destination after one
attempt has failed. In general, the retry interval SHOULD be at
least 30 minutes; however, more sophisticated and variable strategies
will be beneficial when the SMTP client can determine the reason for
Retries continue until the message is transmitted or the sender gives
up; the give-up time generally needs to be at least 4-5 days. It MAY
be appropriate to set a shorter maximum number of retries for non-
delivery notifications and equivalent error messages than for
standard messages. The parameters to the retry algorithm MUST be
Thanks though, I learned something :)
Regardless of what we call it - the sender would get a copy back with a message not containing the word 'bounce' that says it failed to send, right?
It has a decent web admin panel built-in to the box and also a copy of RoundCube Webmail. It'll even automatically set-up LetsEncrypt SSL for you.
You might want to set-up rainloop manually though because RoundCube isn't the best.
I'm especially delighted with it's self monitoring and the status change email messages it sends me.
That it includes webmail and gives me a nicely featured DNS server only makes it a touch more awesome.
I run it at Digital Ocean for ten bucks a month. I support family and friends. My email does not pass through google or microsoft servers and that makes me very happy.
There are a lot of moving parts, and being an email admin requires some maintenance like being vigilant about not allowing spam. An automated script to set it up for people who wouldn't know how to run it would be doing those people a disservice.
Some of this may be able to be automated, but that's the hard part; not installing and configuring a few software packages.
I'm sorry I'm not sure I quite understand what you say the problem is and how it relates to the unencrypted nature of email.
It's such an easy-to-use email system. Been working great on a home static-IP address for me for a couple years now.
Your time is valuable, right?
accept for domain "example.com" virtual <users> relay via relay.example.com
PS. maybe that's one of the vulnerabilities mentioned in the report (1). Anyway it's an argument for me to run Qmail/qpsmtpd instead.
I just wish we had something that wasn't written in C.
I'd feel nervous about doing this at home. For one thing, my ISP is a residential cable internet provider, and not 100% guaranteed uptime as a result. I'd hate to miss mail or worry whether I did.
This way you can still receive email from IPv6 servers.
I run an smtp server from home with a static IPv4 address (for which the ISP lets me configure the PTR), but their IPv6 is "beta" and they don't yet support delegation, which is rather frustrating, but different topic.
ITYM federated Internet, agreed though.
Better yet, opensmtpd.
Btw, everybody still has email and SMS like in the 90s. For me SMS are a fallback when IM won't work for a given person; email is my primary mean of communication for business. Furthermore I can archive and search email much more than IMs.