You may look at a problem and think "Aha!
-
@evacide I don't get this. I've had multiple sysadmins look at me in abject forror when I tell them about the mailserver I've run at home for several years, and yet the only time I've ever had an issue, the receiving host responded with what I was doing wrong -which was a misconfigured dmarc. My emails do not go to spam. Gmail, Hotmail, all the others are happy to receive my electronic scratchings. I have rDNS properly configured. In fact, my own hosted email has been vastly more reliable than the email provided for me by several reputable domain providers.
There's so much fud about hosting email out there, it's really not that hard to do.
@northernscrub How many activist organizations that can expect to be targeted by court orders are you hosting on your mail server?
-
@northernscrub How many activist organizations that can expect to be targeted by court orders are you hosting on your mail server?
@evacide none, but I *am* hosting part of a community that has refused to enact the new OSA requirements, which runs both a revolt/stoat instance, and a bridge between that instance and our discord, two IRC rooms, and matrix room on a connected domain, for which the primary domain manages email. Perhaps small potatoes, but given my governments authoritarian stance on anything internet...
-
@evacide none, but I *am* hosting part of a community that has refused to enact the new OSA requirements, which runs both a revolt/stoat instance, and a bridge between that instance and our discord, two IRC rooms, and matrix room on a connected domain, for which the primary domain manages email. Perhaps small potatoes, but given my governments authoritarian stance on anything internet...
@northernscrub So none, then? Ok.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide@hachyderm.ion the answer is never run your own mail server. God that’s a pain in the ass.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide I've been running my own server for years. (I used to operate the mail for a tier-3 ISP.)
I can't recommend the practice lightly.
The main reason I can't recommend it has nothing to do with security - that's much easier to do these days than it's ever been.
It's exactly as you say: Gmail and the other secret email police don't want you to run your own stuff. Nevermind that the majority of my spam is coming in from G and O365 validated domains these days.
-
@evacide I don't get this. I've had multiple sysadmins look at me in abject forror when I tell them about the mailserver I've run at home for several years, and yet the only time I've ever had an issue, the receiving host responded with what I was doing wrong -which was a misconfigured dmarc. My emails do not go to spam. Gmail, Hotmail, all the others are happy to receive my electronic scratchings. I have rDNS properly configured. In fact, my own hosted email has been vastly more reliable than the email provided for me by several reputable domain providers.
There's so much fud about hosting email out there, it's really not that hard to do.
@northernscrub I hope you have some wood around to knock on. If your emails really get delivered reliably then this is just incredible luck, particularly for a server on a residential IP address. Having rDNS configured was sufficient a decade ago, maybe two. Now you need SPF, DKIM, and even then your emails may be dropped silently. I’ve got into the habit of emailing my own Gmail account with important mails first, just to see whether these would go to spam – they normally would, so I’d pull them out, and it increased the chances of the actual recipient seeing the email. Microsoft would just randomly blacklist my server with no way to appeal. And in case you are wondering: no, my server wasn’t sending any spam and in fact no bulk mail at all. Eventually I just had to give up: there is no way a low volume mail server can function today, so I started using my hosting provider’s email server as sending relay. Getting the server off blacklists is now their concern.
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide Gmail will do whatever it wants under the pretense of helping the user, while Gmail originating spam will happily reach my inbox
-
@evacide@hachyderm.io
Problem: Google is marking all my e-mail as spam
Solution: I don't want to talk to people using gmail. -
Also, this isn’t supposed to be my full time job.
Also, also I have a hard enough time just getting through my inbox.
@CptSuperlative @evacide getting through your inbox isn't a problem anymore when Big Email
stop delivering to your server. -
@CptSuperlative @evacide getting through your inbox isn't a problem anymore when Big Email
stop delivering to your server.Is this the One Simple Trick to productivity I keep hearing about?!
-
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
@evacide
It's not that hard, but then I've been running my own mail server for over 20 years. You just have to keep on top of the latest demands such as DMARC and DNSSEC. -
@evacide I've been running my own server for years. (I used to operate the mail for a tier-3 ISP.)
I can't recommend the practice lightly.
The main reason I can't recommend it has nothing to do with security - that's much easier to do these days than it's ever been.
It's exactly as you say: Gmail and the other secret email police don't want you to run your own stuff. Nevermind that the majority of my spam is coming in from G and O365 validated domains these days.
@jhaas I tend to enter any sort of self-hosting carefully since I know how the sausage is made and don't like the idea of having to do urgent tech support for my own critical services for free after having to do it all day long. years ago a friend offered to host a VM for me to run my own mail server as he does for a number of other friends. I declined because, "then I'd have an idiot running my mail server"
-
@jhaas I tend to enter any sort of self-hosting carefully since I know how the sausage is made and don't like the idea of having to do urgent tech support for my own critical services for free after having to do it all day long. years ago a friend offered to host a VM for me to run my own mail server as he does for a number of other friends. I declined because, "then I'd have an idiot running my mail server"
@wesgeorge I'm deeply sympathetic with this viewpoint. I'm running on antique mail server builds with a new one 95% ready to deploy that's been waiting on the 5% and cutover for months due to lack of "copious free time".
Annoyingly the last prior hiccup was because my chosen provider had put me on a subnet that the secret mail police had decided was "bad".
I'd happily buy service these days. However, no one would sanely sell me the filtering I do.
-
E em0nm4stodon@infosec.exchange shared this topic
