Hacker Newsnew | comments | show | ask | jobs | submit login

Can you elaborate on the blacklisting part? I've had my mailserver for a little over a year now and never had any issues with my mail going to spam, but my uses for that mailserver only revolve around 2-3 email accounts.



Sorry, I was a little unclear - the setup is easy, it's the maintenance that's annoying. (I've run mail servers in one way or another for ~15 years. I use Google Apps for my personal email now but still maintain some servers that do about 10,000 emails a day.)

Even if you have DKM/SPF setup, someone can decide to start spoofing email from your domain to send spam, especially if your domain has been around a while and is relatively clean. Since you don't send a lot of real mail, all of a sudden 99% of the email marked as coming from your domain is spam.

It's not always even obvious that you've been blacklisted; mails may simply be significantly delayed (AOL does this, I guess so they can check for similar messages to other users), etc.

This is an issue for email providers as well, but they have people on staff paid to deal with it.

Even if you only have to deal with this once every 2-3 years, that's still generally going to be worse than simply paying someone $5 a month for a managed email service, not to mention to you have to deal with backups, etc.

-----


"someone can decide to start spoofing"

What kind of spoofing are you talking about? Attempting to spoof the headers is common, but no blackhole list looks at that - they blacklist based on the IP of the machine the spam is coming from.

-----


You may be right on this ... spoofing is still an aggravation because of the bouncing. Most of the time I haven't been able to find out exactly _why_ a particular provider has an issue (not blacklists), only ask for them to change their mind.

-----


AOL, as far as I'm concerned, is a lost cause. They will block on rDNS alone, and no amount of calling or emailing will convince them otherwise. Recently, Verizon has gotten pissy about domain names matching the sending server, without even checking SPF.

-----


Since rDNS is one of the simplest things to fix, and absent or inconsistent rDNS one of the most obvious signs of spam, I'm with AOL on that one.

If fact, every email server setup I've seen explicitly rejects emails simply due to absent or inconsistent rDNS records.

-----


In my 10+ years of running an SMTP server for SOHO use off of first business DSL (where Verizon refused to change rDNS), then cable modem, AOL was the sole server I encountered rejecting on mismatching rDNS alone.

-----


Managing black lists is definitely a pain in the ass. If you can do outgoing spamassassin it definitely helps. I also use MXToolbox's free plan to monitor my two outgoing mail servers for blacklist. Alternatively, you can use Nagios to monitor blacklists.

-----


You've been lucky so far; I have been running my own personal SMTP server(s) for quite some time, and while it's usually setup and forget, it can be an all-nighter headache.

First and foremost, static IPs are a must. Second, make sure those static IPs haven't been misclassified as dynamic or dialup. Then get reverse DNS setup properly (some providers won't do this). Then setup SPF. On top of all this, make absolutely 100% sure you don't run an open proxy. Then keep an eye on blacklists and your logs, and be ready to call and deal with obstinate tech support for hours on end. DKIM, and having some way to reject emails at the envelope stage (to save bandwidth, avoid double bounces, and punish the guilty rather than bouncing to innocent parties being Joe-jobbed) are also good ideas.

It's not horrible, IMHO, but it's not necessarily a cake walk either. You might need to have an understanding employer so that you can take off for half a day to deal with things.

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: