Anyone run their own Linux-based mail server? What do you use? Are you happy with it?

Anyone run their own email server? Any wisdom to share about doing that?

I have a couple of mail domains, which I manage with ISPconfig. This provides a web-based frontend to Postfix. I’m pretty happy with it, and I’m grateful to have a web-based management interface whatsoever.

One custom tweak I did was to set the web-based admin interface to listen to a Wireguard network address only (in the respective nginx conf file), not the public IP address. This effectively created a second factor of authentication to get into the ISPconfig web interface at all (namely, a successful Wireguard tunnel connection).

2 Likes

An internal relay with Postfix, yes. I don’t really think about it much, it does it’s work without issue.

Having dealt with web-facing mailservers in years past, they are awful to set up and maintain. Mostly because if you do not have agreement with the big mail providers, you frequently have to fill out forms to get your IP removed off blacklists, it’s a never-ending uphill battle.

All it seems to take is 1 user doing a select all in their inbox > blindly mark everything as spam and some of these lists punish you for it.

If you’re hosting with a big data center or VPS provider, often their blocks will get slapped and if you happen to fall within the same CIDR, your mail deliverability suffers even though it was an IP neighbor and not even your IP, sending out crap.

3 Likes

I’ve been thinking about running Postfix for some time, I appreciate the input @perkele I didn’t know the spam flagging problem was that aggressive.

1 Like

I’ve totally had this happen to me. When I send email to gmail recipients, the emails can show up in their inbox with a warning above it, about how this might be a phishing scam, or worse yet, the mail goes into the spam folder. I sometimes have to make sure, out-of-band (say, over WhatsApp) that the recipients have received my email!

And I’ve truly never been a spammer, nor phished anyone, ever. I’m not a hacker, and have never sent anyone anything even remotely malicious. My domains have never been used as an open relay, or been hacked, and used to send bad things, to the best of my knowledge. My servers have been squeaky clean so far.

My only “crime” was trying to self host my own email domains.

I also bent over backwards to set up very conservative, ultra-harmless SPF1, DMARC1, and DKIM1 DNS records, which were a huge pain to understand, and debug. I even set up DNSSEC.

The likes of Google still turn up their noses at my efforts to play as fair as humanly possible. Google, please quit being such a bunch of snobs, and play fair!

1 Like

@perkele @Ulfnic

Yep. I’ve run my own mail server for 20+ years. It is my opinion that in the last 5-7 years, the giants have been aggressive at pushing you out. Fifteen years ago it was once or twice a year from AOL. Then, when google gained dominance, things really got bad. I got so tired of blacklisted email addresses that I finally gave in to their pressure and started using gmail accounts for work and mission critical emails.

As you point out, you can do everything right on your end, but then a guy that has a gmail account can flag you and suddenly, emails that worked last week, don’t work this week – across the board.

Added to this is the problem of how widely published your email address is. I’ve had the same email address for 20+ years. My address was a staple on every spammer’s list. At one point, during the height of spam, I was getting 1M+ emails per year into my inbox on that one address.

To try to get some sanity, I turned to client side fixes like spamarrest and server side scripts like boxtrapper. These programs send a challenge to every email in an effort to weed out the bots and identify real humans trying to reach you. This is a working solution if you get 25 emails a week – but to my hosting providers it looked like I was sending 5K emails a day – I, then, became the “spammer.”

I still run the mail server but I know it can blow up at any time without notice.

3 Likes

I find these sorts of threads really interesting, where unexpected social dynamics emerge over time, which you would have never expected back when the technology was in its infancy, and nobody could predict all the perverse ways the technology would be used later on.

There’s also the problem where even if you run your own server near 100% of your Email will still reside in Gmail, Yahoo, Microsoft servers on the recipient side. Depending on the objectives that’s a tough hurdle.