Christopher Allan Webber is a user on octodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Should I run my own mail server, or should I not?

(Mostly incoming mail)

@algernon I run my own email server. It's definitely good for preserving email as an actually federated, decentralized system. It's kind of a pain these days though. Major kudos to you if you do it, and good luck!

@cwebber I suppose the biggest hurdle is other servers not accepting mail from a self-run one, or marking it as spam, right?

I could, in theory, have a send-only address... but that feels wrong.

Christopher Allan Webber @cwebber

@algernon Yeah, there's several things you have to do... DKIM and all that... LetsEncrypt at least makes the ssl part easier... it's also just IME a lot of small pieces to hook together to get a good system. I use Dovecot + Postfix + SpamAssassin's spamd + mu4e.

ยท Web ยท 0 ยท 2

@algernon The main frustration is that when you get dropped in the spam folders of the major players it's totally opaque as to why, so that feels kinda helpless.

I haven't been having problems this last year, though the year prior was pretty bad.

@cwebber Sweet. My stack's similar (notmuch instead of mu4e, but otherwise the same), and I already did DKIM at one point. Nothing terribly surprising then!

Thanks!

@algernon @cwebber I found others servers tend to be good at accepting email from independent mail servers. What you need to watch out is that your server doesn't get hijacked for sending spam. That will put you on blacklists.

Owning your own mail server is great fun. You learn a lot and realise that internet is not just HTTP.

@orbifx @cwebber I used to run my own between ~1998 and ~2010, then spam overwhelmed me, and I switched to a hosted solution. I have better tools to combat spam now, so hence the renewed interest. I've ran enough mail servers (one for an ISP with 10k+ users in the early 2000s) in the past to have a rough idea how they work. Wasn't great fun the last time.

But, owning my own data, having more control over what gets accepted and what does not, may worth the trouble. (ATM my host is being annoying)

@algernon @orbifx What "tools to manage spam" are you using / looking at?

@cwebber @orbifx greylisting, Spamassassin, CRM114, along with using throw-away addresses. This last part is the new thing this time: for every service, place, whatever that wants my email, I'll use a unique one. If it is a one-off thing, I'll make the address time-limited, and start rejecting it afterwards. If it is something I plan to use later, a unique address allows me to figure out which service leaks my address.

Been using this method for the past two years, surprisingly effective.

@cwebber @algernon I check incoming recipients against blacklists. Works pretty well. I get the odd spam mail.
I use them: spamhaus.org/

@orbifx @cwebber Blacklists are something we used to use at the ISP back in the day. Our relationship didn't end well... had too many false positives at times, or was too slow to add new spam hosts, or they went out of business and started returning positive for everything.

Things may have improved since, but seeing as most spam that gets through to me now is from hosts that are a few hours old, and which don't last long, I'm sceptical about their effectiveness.

@algernon @cwebber for that I check that their reply-to domain matches the senders domain and IP of the mail servse. Most valid mail servers should be correctly setup for that.