Firstly, thank you to everyone who replied. I am absorbing all the options.
Good question Dmitriy - what do I want it for?
I originally set up an email server (e-smith server and gateway 1999 I
believe - before it was bought by Mitel). It worked fine for a while,
but this was before SPF and DKIM, so I started receiving 20,000 emails a
day, as my domain was being used as a spoofed reply-to address. It was
my first linux machine, and was a 386 - or maybe even a 286. I abandoned
that, and used my ISP email (XS4ALL - which the Dutch thought sounded
like "access for all", but it never did, and I was never really
comfortable sending emails from "excess for all dot NL")
I set up PGP (thunderbird using my gmail account), but emails sent from
my PC could not be read on my phone, and emails sent on my phone were
not encrypted. The idea of having my email server, and email web client
running from my home server still appealed. Storing PGP keys centrally,
and not having to sync multiple machines - worse still, private keys on
phones leading to possibility of compromising private keys.
Most email I receive comes from registering for services. I like to use
one email per registrant, so I can see if email addresses are shared /
leaked. Mostly just for personal use.
My experience of using 3rd parties is that they always end up changing
something that worked fine for me, so I prefer to own what I can.
I will pursue using the teksavvy smtp relay, and see if that can work.
In the mean time I can still receive emails.
I will definitely want to use dovecot (installed but not working),
roundcube (installed but not working), and spamassassin (I expect I'll
install once I start getting oodles of spam)
I thought about my original concern that my others on teksavvy.com
spoofing my domain, but as my server is the ONLY place DKIM can be
generated, it should not be a problem (unless the recipient is not
checking DKIM, but that would be their problem).
Having (allegedly) understood SPF and DKIM, I will add a DMARC record if
it all flies.
Finally - I don't get why self-signing should be a problem? By all means
don't trust some-dodgy-domain.com, but trust that it comes from
some-dodgy-domain.com. Paying for a certificate seems about as
trustworthy as paying for a checkmark on nee-twitter.
Then I expect I will probably listen to everyone's advice and pay for
something...
On 1/30/25 19:17, Dmitriy Korovkin via linux wrote:
Hi Tug,
The answer depends a lot on what do you want e-mail server for. If all you
want is just a reliable e-mail service, I would look at Proton Mail or
malibox.org.
If you want, let's say, better spam filter, the combination of
dovecot/spamassassin/fetchmail with mentioned earlier mail services could be
an option.
Just my two cents.
Regards,
/Dmitriy.
On Thu, Jan 30, 2025 at 10:46:03AM -0500, Tug Williams via linux wrote:
Good morning all.
I finally got the motivation to set up my own email server at home.
Specifically, I didn't notice godaddy abolished their catch-all email, until
I needed a security code emailed to the ether. (scoff here as applicable)
I can now receive external email using mutt, and send internal mail. Dovecot
/ roundcube broken, but not relevant at this time. Receiving external email
was my urgent goal, and the crisis has gone.
I can't send outgoing email. I set up SPF and DKIM records (I believe
correctly), but it turns out teksavvy blocks outgoing port 25, whilst
allowing incoming.
TSI do offer a relay at smtp.teksavvy.com, but then I get rejected for SPF.
I was going to add teksavvy into SPF, but worry I would be exposed to anyone
using the teksavvy relay being able to spoof my domain?
TSI allegedly might, or might not, open 25 outgoing on request, I've not
asked yet. I'd be interested in knowing if it makes sense to go down this
route.
I have cable internet, so I cannot get a static ip, That said, I've been
running a webserver for years, and not had problems, as the ip address
doesn't change (I think only when I've changed it, moving house, changing
modem?).
I update it manually as needed. I used to have automated dynamic dns, but
that service seems also to have been retired.
I assume not having a guaranteed static ip is really bad for an email
server, as all my email would go to whoever has my former ip address, even
if only briefly (and assuming they run an email server).
I assume they wouldn't be able to send emails (mismatching DKIM), and I'd
have to use a different domain and/or two factor authentication to update
the DNS records, or the new user of the ip address could take over the
domain.
If the new user could receive emails, I shouldn't use the domain for
anything important, at which point, what's the point?
So - Without a static ip, should I abandon the idea of running my own
self-hosted email server?
Thanks for any thoughts from the wise out there.
Tug
To unsubscribe send a blank message to linux+unsubscribe [ at ] linux-ottawa [ dot ] org
To get help send a blank message to linux+help [ at ] linux-ottawa [ dot ] org
To visit the archives: https://lists.linux-ottawa.org
To unsubscribe send a blank message to linux+unsubscribe [ at ] linux-ottawa [ dot ] org
To get help send a blank message to linux+help [ at ] linux-ottawa [ dot ] org
To visit the archives: https://lists.linux-ottawa.org
To unsubscribe send a blank message to linux+unsubscribe [ at ] linux-ottawa [ dot ] org
To get help send a blank message to linux+help [ at ] linux-ottawa [ dot ] org
To visit the archives: https://lists.linux-ottawa.org