I've been running mail servers and writing email software since the dialup days of 1995. I guess by today's trends, that could brand me a holdout.
-
I've been running mail servers and writing email software since the dialup days of 1995. I guess by today's trends, that could brand me a holdout.
But we're still hosting mail for hundreds of company domains across dozens of mail servers, all in a nicely packaged system that's always just an "apt install" away.
The landscape has changed over time, and, yes, it is annoying dealing with the imbalance that the behemoth mail providers represent these days.
But there's a lot to be said for not bargaining away your digital autonomy.
I saw @mwl selling his "Run Your Own Mail Server" book and jumped to pick up a copy. Not so much because I had a need for it (though it'll be interesting to compare notes!), but because I strongly support the idea that email is still a shared ecosystem and love that Michael is sharing the knowledge to encourage folks to continue to participate.
Long live the open Internet.
-
Pope Bobreplied to Autumn Mahoney :sparkletrans: last edited by
-
Autumn Mahoney :sparkletrans:replied to Pope Bob last edited by
@bobdobberson @mwl This is very true. A static IP outside the common residential blocks, plus proper reverse DNS, is pretty much a necessity these days.
Though in a pinch I have set up on-site servers that receive mail directly but route their outbound mail through a very small virtual machine in the cloud acting as a relay. The cloud VM doesn't need significant storage or computing power at all, as it's just being used to make traffic appear to be coming from its IP address.
-
cyberveganreplied to Autumn Mahoney :sparkletrans: last edited by
@autumn @mwl I have to say that it's being made increasingly hard to do this yourself, in the name of security and spam prevention. Time was (not *that* long ago) that all you needed was Sendmail/Exim/Postfix, a static IP, and a forward and reverse domain and mx record, but now there is a plethora of extra hard to configure things you need - certs, SPF, DMARC, and I don't know what else, or nobody else will talk to you. I assume this book will cover all that stuff...
-
Autumn Mahoney :sparkletrans:replied to cybervegan last edited by
@cybervegan @mwl It has definitely required keeping up with over the years. Fortunately the DMARC situation feels a lot more stable now than it did for quite a while, so it's less of a dark-art pile of chaos.
Getting all of our clients moved over to fully DMARC-authenticated email — with all their third-party mailer services too — was a long process. I ended up updating our mail software to be able to automatically ingest and summarize DMARC reports, and that helped a lot with making sure everything was accounted for.
But now that it's all done, we're seeing lots fewer instances of blatant forgery of mail from folks' domains, so it seems like it was a necessary shift.
Kind of wild how the whole ecosystem was able to ease through that process together, and now we're at the point where it's effectively required. It took carrots and sticks from those big providers (who are prone to abuse that power as well), but the DMARC authentication itself seems to be a net gain now that the dust is settling.