It should be noted that email servers, no matter the setup, require you to follow strict standards to achieve proper delivery. It’s very easy to get blacklisted, and it’s next to impossible to get off of said blacklist once you’re on it.
I used to host my own mail server with this, but it got to be too much to get my emails to actually send. I was always wondering if my email was actually delivered or if it was silently bounced or sent to spam. Email is the only thing I’m not willing to self host.
I’m absolutely in the “don’t self-host email” camp.
That said, I think it could be done reliably if you wanted to use someone else’s SMTP server and let them worry about deliverability. As in, have your mx records on your domain route to your MTA and dovecot, but set your DKIM and SPF records to match a third party SMTP server.
You could use mxroute as an SMTP server very cheaply. There are others like the email API type services.
I still can’t think of why I’d want to self host with all this drama but just an idea I’ve heard.
So is that why send mail won’t work for sending myself emails about a system? Once upon a time you could do that, but now no more is what I’m reading between the lines, sans a proper mail server??
Yep, pretty much. It used to be doable, but these days it’s very difficult. It’s certainly not impossible, but one slipup and you could get on the deny list forever. It’s just not worth it, since emails are usually pretty mission critical, imo.
Yea, if you are not willing to be meticulous about learning/understanding all the DNS stuff (SPF/DKIM/DMARC), and plan to host this at home, don’t.
I ran this same system for a very long time on a VPS and had no problems with blacklists, but I’m also a career systems engineer that maintained enterprise systems and exchange servers.
Also note how I am speaking of MIAB in the past tense…
I think the better option is to try and avoid email as much as you can, just like SMS. Outdated tech and not secure. At that point, any ol’ existing email service is good enough.
I don’t think the SPF / DKIM / DMARC stuff is overly complex nor the core of the problem.
In my case it was recipients with bonkers microsoft exchange servers that just had weird ideas about who should be sending them emails.
For example, one thing that tripped me up forever ago was grey listing. Apparently the receiving server just wouldn’t acknowledge the sending server for an arbitrary period of time, say 12 hours or so. Spam senders would usually give up long before then, while a legit server would keep trying because it’s legitimately trying to deliver an actual email.
So my email-in-a-box type self hosted set up was fine really. Compliant you might say. But to send emails to this one in a thousand recipient I had to investigate what was going on and reconfigure things to ensure their server would interact with mine.
Another thing that can happen is that spammers just put your email address in the “from” field and fire off a few million emails. Obviously the DKIM signatures and SPF won’t match but it still just makes your future legitimate emails look spammy. Having the credibility of a larger organisation goes a long way in this type of instance.
I don’t think the SPF / DKIM / DMARC stuff is overly complex nor the core of the problem.
It’s not the core of the issue, but the average joe that is a hobbyist self-hoster it will be.
IMO, the core issue is that there is no standard whatsoever. People just do whatever the hell they want with these records, pretty much. Microsoft and Google do it differently than each other, even.
The only solution for me is that we move on from email as a society.
It should be noted that email servers, no matter the setup, require you to follow strict standards to achieve proper delivery. It’s very easy to get blacklisted, and it’s next to impossible to get off of said blacklist once you’re on it.
I used to host my own mail server with this, but it got to be too much to get my emails to actually send. I was always wondering if my email was actually delivered or if it was silently bounced or sent to spam. Email is the only thing I’m not willing to self host.
I’m absolutely in the “don’t self-host email” camp. That said, I think it could be done reliably if you wanted to use someone else’s SMTP server and let them worry about deliverability. As in, have your mx records on your domain route to your MTA and dovecot, but set your DKIM and SPF records to match a third party SMTP server. You could use mxroute as an SMTP server very cheaply. There are others like the email API type services. I still can’t think of why I’d want to self host with all this drama but just an idea I’ve heard.
So is that why send mail won’t work for sending myself emails about a system? Once upon a time you could do that, but now no more is what I’m reading between the lines, sans a proper mail server??
Yep, pretty much. It used to be doable, but these days it’s very difficult. It’s certainly not impossible, but one slipup and you could get on the deny list forever. It’s just not worth it, since emails are usually pretty mission critical, imo.
Yea, if you are not willing to be meticulous about learning/understanding all the DNS stuff (SPF/DKIM/DMARC), and plan to host this at home, don’t.
I ran this same system for a very long time on a VPS and had no problems with blacklists, but I’m also a career systems engineer that maintained enterprise systems and exchange servers.
Also note how I am speaking of MIAB in the past tense…
I think the better option is to try and avoid email as much as you can, just like SMS. Outdated tech and not secure. At that point, any ol’ existing email service is good enough.
I don’t think the SPF / DKIM / DMARC stuff is overly complex nor the core of the problem.
In my case it was recipients with bonkers microsoft exchange servers that just had weird ideas about who should be sending them emails.
For example, one thing that tripped me up forever ago was grey listing. Apparently the receiving server just wouldn’t acknowledge the sending server for an arbitrary period of time, say 12 hours or so. Spam senders would usually give up long before then, while a legit server would keep trying because it’s legitimately trying to deliver an actual email.
So my email-in-a-box type self hosted set up was fine really. Compliant you might say. But to send emails to this one in a thousand recipient I had to investigate what was going on and reconfigure things to ensure their server would interact with mine.
Another thing that can happen is that spammers just put your email address in the “from” field and fire off a few million emails. Obviously the DKIM signatures and SPF won’t match but it still just makes your future legitimate emails look spammy. Having the credibility of a larger organisation goes a long way in this type of instance.
It’s not the core of the issue, but the average joe that is a hobbyist self-hoster it will be.
IMO, the core issue is that there is no standard whatsoever. People just do whatever the hell they want with these records, pretty much. Microsoft and Google do it differently than each other, even.
The only solution for me is that we move on from email as a society.