"Run Your Own Mail Server" by M.W.Lucas

[gotnull]

Hi,

I don't remember having read a word about this around here so I share the information, Michael W Lucas will release in August 2024 his next book called "Run Your Own Mail Server".
The kickstater campaign has been successful, it reached more than 10 times the primary objective, I am glad for him.
As a hobbyist, I am clearly not the target but I do not exclude giving it a go one day just to see how hard it is ^_^

https://www.kickstarter.com/projects/mwlucas/run-your-own-mail-server

 

[covacat]

you can read 45 books and whatnot when msft and others will blacklist your ip and your isp will fuck up your reverse mapping
LE: i still run some mail servers but it sucks

 

[Emrion]

My use of mail for FreeBSD is simple. I have one server and I need to have each day reports from periodics(8). For that, I use the SMTP service of my ISP but...

One day they decided the origin domain needs to exist. Ok, that's fair.
Another day, they decided it must be a domain they own. I find this questionable.
Finally, recently, they decided that the sender must be one of the mail adress you registered with your account.

Each time without warn and each time, I have been obliged to modify several config files, not only in FreeBSD but also on other OSes that run as bhyve VMs... Not to speak the time needed to realize where the problem initially comes from.

To say it mildly, that sucks. What's next? Should I show my fingerprints or my passport to send a mail? I know well it's to fight against spam but, is there no others solutions?

This is why, a home mail server may not be useless for an amateur. That said, it's not a small business and I will do this only when I won't have other choice at all.

 

[covacat]

various orgs use various blacklists where your ip or block might get listed for whatever reason
then users will complain that they cant send to whatever domain
then users will try to send videos and multigb files and complain they are rejected (but it works for them at home or something)
if you run a vps then you can control (somewhat) your ptr record but if you have a static ip assigned by your isp you usually dont control it
a day will come and they will fuck up the reverse mapping and your server will send "fsck all" when you are in vacation
then try to go thru the isp support and explain them what a reverse mapping is and why is important and they will tell you that your problem is that your mx is called ns.domain.tld instead of mail.domain.tld and they did nothing wrong
no ammount of books and RFCs will fix this

 

[hruodr]

others will blacklist your ip and your isp will fuck up your reverse mapping

My ISP allows me to give a domain for reverse mapping, till now works.

A had to ask a mail provider not to filter mails from my server to spam in their folders.

But all is experimental, I do not really use the mail server.

 

[covacat]

My ISP allows me to give a domain for reverse mapping, till now works.

A had to ask a mail provider not to filter mails from my server to spam in their folders.

But all is experimental, I do not really use the mail server.

yes, "they" allow me too. the problem is when they mess it up and everything* you send is rejected because you no longer have reverse.
also my isp is very big and you can't really reach the right people to fix unusual stuff and they will try to bullshit their way out
i had to contact RIPE to get the problem fixed and it took more than a month. meanwhile i had to route the mail through another box that still had a reverse mapping
(the reverse zone had 3 nameservers and only one was fucked) 2 were operated by my isp and the third by RIPE
*) about 1/3 of the mails were blocked because 2 ns out of 3 were good

 

[pming]

Thanks for letting me know, it's a book I have been looking forward to. Too bad I don't really have the time to read and the only way for me to get his books here is through amazon which I don't like. But I still prefer actual paper instead of digital

 

[ralphbsz]

yes, "they" allow me too. the problem is when they mess it up and everything* you send is rejected because you no longer have reverse.
also my isp is very big and you can't really reach the right people to fix unusual stuff and they will try to bullshit their way out
i had to contact RIPE to get the problem fixed and it took more than a month. meanwhile i had to route the mail through another box that still had a reverse mapping
(the reverse zone had 3 nameservers and only one was fucked) 2 were operated by my isp and the third by RIPE
*) about 1/3 of the mails were blocked because 2 ns out of 3 were good

(Not picking on you, but on all the people who think they can do mail delivery and receiving as an amateur)

I think today, there are only two practical ways of handling mail. One is to use an outside mail provider (who is the MTA and hosts = stores the mail). Examples of that are Google's gmail, Apples mac.com and me.com, the big ISP (where I mean connectivity providers, like your cable TV or phone company), and a few specialized ones. If you are using a GUI only (that includes tablets/phones), get any of the many mail programs that can be configured to work with that mail provider. If you are using a shell-based machine or need outgoing mail from a Unix-style server, configure a bare-bones MTA that sends all mail to a smartest at your mail provider. The disadvantage of this is that not all mail providers are willing to serve custom domains, in particular not for free.

The other one is to use a very competent ISP who provides well managed services such as DNS, reverse DNS, and all the crazy stuff required to run mail servers (DKIM, SPF, DMARC and all that). If you try to do this at an incompetent ISP, then all hell will break loose. Historically I have recommended sonic.net, but they are trying to get out of the ISP business, and become only a bandwidth (fiber to the house) provider, so I don't know what their future outlook is.

Trying to run a mail server as an amateur, without a staff that is very knowledgeable and can monitor/manage things 24x7 is pretty silly.

People will complain that I am pushing users to give money to the big evil cloud companies. Let them complain. The reality is that mail has become very complex, due to the spam abuse of the internet, which for real users needs to be controlled, and that is hard and complex. Free mail service just makes no economic sense any longer. Remember, if something is free, then you are the product; in the case of free mail (and that includes the internet's TCP/IP infrastructure transporting port 25 for free), the end goal today is either to show you ads or spy on you to hack into your bank account. The days when the internet was a friendly group of a few computer science researchers helping each other is gone.

 

[msplsh]

You'll get sent straight to spam because you won't have any IP or domain reputation and then wonder why nobody got your application to whatever.

I deal with it, but it's not for people who can't put up with having their stuff go to spam.

 

[covacat]

Trying to run a mail server as an amateur, without a staff that is very knowledgeable and can monitor/manage things 24x7 is pretty silly.

People will complain that I am pushing users to give money to the big evil cloud companies. Let them complain. The reality is that mail has become very complex, due to the spam abuse of the internet, which for real users needs to be controlled, and that is hard and complex. Free mail service just makes no economic sense any longer. Remember, if something is free, then you are the product; in the case of free mail (and that includes the internet's TCP/IP infrastructure transporting port 25 for free), the end goal today is either to show you ads or spy on you to hack into your bank account. The days when the internet was a friendly group of a few computer science researchers helping each other is gone.

i pretty much agree with this
thats why i said its pretty pointless to learn all the stuff to set up a private mail server because you'll have to deal with things you can't control no matter how well you understand your stuff

 

[msplsh]

This is kind of funny, I might back this... Boo, funding time over

 

[hruodr]

The reality is that mail has become very complex, due to the spam abuse of the internet, which for real users needs to be controlled, and that is hard and complex.

I think also complex due to its age, to the amount of historical layers it contains, constructed with patch over patch.

 

[Cath O'Deray]

… the only way for me to get his books here is through amazon …

Elsewhere:

 

[richardtoohey2]

HIs books are (in my opinion) always a good read and educational and I've got most of them. So no doubt I'll be getting this one to learn a bit more!

But sadly this one likely to be more educational than practical, as everyone is saying.

 

[Jose]

i pretty much agree with this
thats why i said its pretty pointless to learn all the stuff to set up a private mail server because you'll have to deal with things you can't control no matter how well you understand your stuff

Well, I've been running my own email for 25 years now. Maybe my IPs got grandfathered in. I guess I'll find out when I finally move to a new provider.

 

[covacat]

Well, I've been running my own email for 25 years now. Maybe my IPs got grandfathered in. I guess I'll find out when I finally move to a new provider.

I do it too so its clearly possible but in my opinion it's not worth the trouble only if you run it for non critical stuff.

 

[tanis]

What is non-critical stuff?

I consider all my mail communication critical, as writing an mail takes time.

Non-critical stuff is handled using Signal.

 

[RypPn]

Will welcome this book into my library and will read it to see what is the current ethos. Even though I've been running my own email server for over 30 years it's always good to stay abreast of the latest thinking.

 

[hruodr]

Even though I've been running my own email server for over 30 years it's always good to stay abreast of the latest thinking.

This test proved that, in spite of all my efforts, I do not stay abreast of the latest thinking:

Email Delivery Test

 

[dbdemon]

I've been running my own mail server for over a decade on a Linux VPS, and I've recently set one up on my FreeBSD VPS. Yes, it hasn't been without challenges. But for the most part I have overcome them, and it's been working quite well.

I use it mostly for sending email notifications for an Internet forum, like this one, receiving email from a contract form, and replying to the contact form requests.

I signed up to support RYOMS soon after it was announced (although only for the electronic version because I'm skint).

 

[RypPn]

This test proved that, in spite of all my efforts, I do not stay abreast of the latest thinking:

Email Delivery Test

Went from 3/10 to 6/10, will work on the rest cheers.

 

[hruodr]

Went from 3/10 to 6/10, will work on the rest cheers.

Well, my first and last score was 7/10

My negative points among other few:

- Not IPv6 ready
- No Dane and no DNS Sec
- No MTA STS

Dane and DNS Sec are in my plan, but I wanted to do it with an own DNS server when I have time.
I do not even know what is MTA STS.
And with IPv6 I am not the only lazy one.

 

[Jose]

Test ran afoul of my greylisting daemon and timed out You're not the only one hruodr. They'll pry my IPv4 addresses from my cold, dead hands.

 

[hruodr]

Test ran afoul of my greylisting daemon and timed out

I think the test will detect the graylisting and not really time out.
Or it lies in the time your greylisting expect the resend?

I have no greylisting implemented. It seems me to be a too radical measure.

 

[cracauer@]

greylisting sucks