I've been wondering if it'd be possible to make an easy/light-weight e-mail server for people who host on a VM. I'm using SendGrid for e-mail right now (even receiving using mailhooks - it's horrible), but I'd like to have a simple docker/lxd instance with postfix that:
Allows my apps to send authenticated e-mails.
Allows me to forward addresses to my gmail.
Allows me to reply from gmail (gmail has support for this).
Is secure.
POP/IMAP I don't care too much about.
Huh, all this time, I thought LetsEncrypt didn't work for mail servers, but just looked it up and it appears they do!
Anyway, I wonder how obtainable this is. Would the mail server just be blacklisted, or is the DKIM/SPF enough to make it valid as long as you're a responsible netizen?
That being said, I just use the HostGator shared hosting email server they provide, it works well enough in my case as I mostly use it to receive emails and respond to support queries, not to send newsletters or mass emails.
Totally get it. My first job was in web hosting (in 2002). We were constantly on blacklists from spammers using our servers, hacked accounts being used to spew more spam, etc.
Shared hosting for e-mail sounds cool, but I'm a Linux guy and I love having my own virtual machine :)
From what I've heard before, email is really, really hard. Servers and email adresses have to get reputation. Each email address and server has a score, and if it's too low, most emails will just reach spam. You have to make sure that your users are not using your service to send spam emails, otherwise your mail servers will be blacklisted.
Yeah, that was kind of my assumption, but I thought DKIM/SPF might be making it easier since it's more domain-based than IP-based.
I would be using it for myself, not users, but I think you're right that e-mail is just too hard to make this worth it. Maybe AWS SES or something would be best for me.
The setting that will really help prevent others from abusing your domain name is the SPF and SPF is useless if your SMTP server is vulnerable to open mail relay - should check for that too if you using custom SMTP server. The rest is for you to pass spam filters and let rcv validate the authenticity of the sender.
Two days ago I had an issue with someone randomly contacting me on Twitter saying that someome from my company sent her a ransom email asking for bitcoins. Initially I didn't pay too much attention and actually blocked her, thinking it was just a scam attempt, but upon further inspection I realized my email DMARC settings were not correct.
I spent a few hours looking into it and improving my email authentication, so today I wrote a quick summary of what I learned while doing so. It's just a technical overview of what I had to do to fix my DMARC policy.
I posted this for those who didn't know this was an issue, never considered setting up DMARC for their business domains or just want a very short summary of what setting it up means.
I am by no means an expert in the domain, but it took longer than it should finding examples of DMARC/DKIM/SPF TXT records and understanding how to set the correct values.
This is great!
I've been wondering if it'd be possible to make an easy/light-weight e-mail server for people who host on a VM. I'm using SendGrid for e-mail right now (even receiving using mailhooks - it's horrible), but I'd like to have a simple docker/lxd instance with postfix that:
POP/IMAP I don't care too much about.
Huh, all this time, I thought LetsEncrypt didn't work for mail servers, but just looked it up and it appears they do!
Anyway, I wonder how obtainable this is. Would the mail server just be blacklisted, or is the DKIM/SPF enough to make it valid as long as you're a responsible netizen?
That being said, I just use the HostGator shared hosting email server they provide, it works well enough in my case as I mostly use it to receive emails and respond to support queries, not to send newsletters or mass emails.
Totally get it. My first job was in web hosting (in 2002). We were constantly on blacklists from spammers using our servers, hacked accounts being used to spew more spam, etc.
Shared hosting for e-mail sounds cool, but I'm a Linux guy and I love having my own virtual machine :)
From what I've heard before, email is really, really hard. Servers and email adresses have to get reputation. Each email address and server has a score, and if it's too low, most emails will just reach spam. You have to make sure that your users are not using your service to send spam emails, otherwise your mail servers will be blacklisted.
Yeah, that was kind of my assumption, but I thought DKIM/SPF might be making it easier since it's more domain-based than IP-based.
I would be using it for myself, not users, but I think you're right that e-mail is just too hard to make this worth it. Maybe AWS SES or something would be best for me.
The setting that will really help prevent others from abusing your domain name is the SPF and SPF is useless if your SMTP server is vulnerable to open mail relay - should check for that too if you using custom SMTP server. The rest is for you to pass spam filters and let rcv validate the authenticity of the sender.
Two days ago I had an issue with someone randomly contacting me on Twitter saying that someome from my company sent her a ransom email asking for bitcoins. Initially I didn't pay too much attention and actually blocked her, thinking it was just a scam attempt, but upon further inspection I realized my email DMARC settings were not correct.
I spent a few hours looking into it and improving my email authentication, so today I wrote a quick summary of what I learned while doing so. It's just a technical overview of what I had to do to fix my DMARC policy.
I posted this for those who didn't know this was an issue, never considered setting up DMARC for their business domains or just want a very short summary of what setting it up means.
I am by no means an expert in the domain, but it took longer than it should finding examples of DMARC/DKIM/SPF TXT records and understanding how to set the correct values.