"Michael" == Michael Voorhis via WLUG <wlug@lists.wlug.org> writes:
Michael> On 6/15/21 12:13 PM, Mike Peckar via WLUG wrote:
[quoted text] For an email server to send and receive email with other servers on the internet, they need port 25 to be open. Unfortunately, ISPs in the U.S. block port 25 by default [...] ISPs also typically assign dynamic IPs to residential internet connections. Large email service providers block residential dynamic IPs en masse also due to the issue raised above. [...]
Michael> Port 25 access is not blocked by Charter in central MA, anyway. Perhaps Michael> it is blocked elsewhere. Michael> My IP address has changed about 4 times in the past 7 years Michael> or so. When it changes a script of mine warns me, and I go Michael> edit my DNS to change the MX and SPF information there. This Michael> all takes perhaps 5 minutes. If you don't want to watc hyour Michael> home IP as carefully, you could run a backup MX server in Michael> some more IP-stable location, i.e., a VM off in Amazon EC2. Michael> Certain domains will flat-out refuse to accept email which Michael> originates from a RESIDENTIAL network block. The only one Michael> I've encountered though is Comcast. Email sent to addresses Michael> @comcast.net are refused, even when the email passes all the Michael> tests (SPF, DKIM, DMARC etc). Mail sent to GMAIL, YAHOO, Michael> various microsoft/azure addresses etc, all work. I presume Michael> that if you want your mail to be accepted from everywhere, Michael> you should get a business plan from your ISP. I run my own domain on a Linode Droplet and it works well, except for when I get on a spam list for some reason. I used to run on a Digital Ocean Droplet, but charter.net would just refuse to accept my email, so I had to move. I've not got a company blocking my emails, which is frustrating since I'm such a small outgoing email system. Michael> Depending on what you'd like to add on top of your mail Michael> service things can get more complicated, but email itself Michael> isn't too bad. Test out your setup before exposing it to the Michael> internet, and make sure it doesn't accept email for domains Michael> other than your own. If you run an open relay email server Michael> that's a very good way to get shut off. In my experience, setting up postfix/dovecot on a system in the cloud isn't too hard, but both Mike and I are IT people at the $WORK job, so it's something we do anyway. I haven't made the jump to doing DKIM yet, if only because it's painful to do so, and I'd probably have to spring for a larger node with more memory at Linode to handle that overhead. In general, it's not too bad, and could be made even simpler if there was an Ansible playbook to do all the setup for you. So I pay $7/mo for my Linode host, plus te $60/year for my DNS hosting elsewhere. So if Helm is $10/month for 10 addresses/mailboxes, then maybe it's not worth doing it yourself. But I also like the control and I like to learn new things. John