In my experience (10+ years of running my own mailserver) some problems have gone away. With SPF/DKIM/DMARC, getting blacklisted because of the IP address being at a hosting company is not happening the way it did, say 5-7 years ago.

I just moved my mail server from hosteurope to OVH. And I was ready to find myself blacklisted. But, now, weeks later, zero problem. Mails flow from and to gmail, microsoft etc. I get DMARC reports and no blacklisting at all thus far. Fingers crossed :)

Follow

My mail server runs all mails for 20+ domains. Not a lot of traffic, though. And no mailing lists newsletters. Really just mostly my private e-mail. I also don't get a lot of SPAM, surprisingly, even though I have no spam filter set up ATM.

@jwildeboer this is great to hear. I want to do this sometime this year

@mnw I'll post some blog entries on my setup of postfix/dovecot with DKIM, DMARC, SPF, multi-domain, mail-crypt in the next few days. If you're used to some Linux and config stuff, it should work.

@jwildeboer @mnw GMX/web.de tend to be the most unreasonably aggressive at blacklisting. Try them.

@jwildeboer @mnw They're the only ones regularity refusing email from me. But I worked at those spam factories, so I'm not really seeing much of a downside.

@jens @mnw Proof: I just sent an e-mail to my mum at web.de. From my mail-server at OVH. Convinced? ;)

@jwildeboer @jens very cool. Yes please on a write up on how you did it :-)

@jens @mnw Not even grey listing. Went through immediately, no questions asked.

@jens @mnw And because I know my mum, she immediately replied. Which also made it back to my mailserver without any problem.

@jens @mnw And thanks to the dovecot mail-crypt plugin, that mail is stored encrypted on my mailserver, so even if you get a dump of my machine, no dice in reading my mails ;)

@jwildeboer @mnw you might want to review mailinabox.email/ and mailcow.email/ for that too.

Mail has a *lot* of moving parts, and doing one tiny thing wrong might breach security and/or get you blacklisted forever. So it really pays off to piggyback off communities who automated all those best practices into a single script or setup.

Contrary to most other self hosted tools, mail is the pivot point of all your online security. So must be solid

@berkes @mnw Ive been doing Linux since 1993 and am lucky to have all those years of experience and knowledge so I can do this myself. And I will blog about all details. But for those who don't have that, your proposals are helpful too.

@jwildeboer @mnw I've been running my Linux servers since '95. Back then SUSE, though, sorry😋

But mailservers are hard, and eve moving. Today there is SPF, tomorrow DKIM, then DNSSEC. Hard to keep up with this year's best practice. So for mail I've moved to mailinabox, exactly because of that.

@mnw @berkes it took me 2 days to get DNS, SPF, DKIM, DMARC, mail-crypt, letsencrypt for my mailserver working. I‘ll blog all details. It’s not that complicated, when you know the basics of a linux box.

Sign in to participate in the conversation
social.wildeboer.net

Mastodon instance for people with Wildeboer as their last name