From owner-freebsd-questions@freebsd.org Sun Feb 28 19:17:12 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6C94C53E14D for ; Sun, 28 Feb 2021 19:17:12 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: from h2.pinyon.org (h2.pinyon.org [65.101.20.170]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4DpY6v31tXz4lRf for ; Sun, 28 Feb 2021 19:17:11 +0000 (UTC) (envelope-from rcarter@pinyon.org) Received: from [10.0.10.15] (unknown [10.0.10.15]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by h2.pinyon.org (Postfix) with ESMTPSA id E215C48A22 for ; Sun, 28 Feb 2021 12:17:02 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pinyon.org; s=dkim; t=1614539822; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QC4bbJ2wYm71pV4Ik8sxAaj05oFVtAIZL8ZNNp3nX9A=; b=uqtUQ+RYainJ6I4u359kdgedMQXcyNTfZaTVx5EqOY2VPq+ticTGer4T5bKcDTRTdHpkzU aJ7EBzDNVfPnU8KA8cxF+qo9z0YMBXZ5GQ84zancgJRFP6M7Za9NX+Ao/qBwRYuUrF/JK9 RbZ5CQqupk81IxmTk4te+1WLAQM+ID4= Subject: Re: Somewhat OT: Mail Relay Services To: freebsd-questions@freebsd.org References: <877d08ef-d533-69f6-4c44-f2cbbe39ba31@tundraware.com> From: "Russell L. Carter" Message-ID: Date: Sun, 28 Feb 2021 12:17:02 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Firefox/78.0 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: <877d08ef-d533-69f6-4c44-f2cbbe39ba31@tundraware.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-5.67 X-Rspamd-Server: h2 X-Rspamd-Queue-Id: 4DpY6v31tXz4lRf X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=pinyon.org header.s=dkim header.b=uqtUQ+RY; dmarc=none; spf=pass (mx1.freebsd.org: domain of rcarter@pinyon.org designates 65.101.20.170 as permitted sender) smtp.mailfrom=rcarter@pinyon.org X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[pinyon.org:s=dkim]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[65.101.20.170:from:127.0.2.255]; DMARC_NA(0.00)[pinyon.org]; DKIM_TRACE(0.00)[pinyon.org:+]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[65.101.20.170:from]; ASN(0.00)[asn:209, ipnet:65.101.0.0/18, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Feb 2021 19:17:12 -0000 On 2/28/21 11:01 AM, Tim Daneliuk wrote: > For many years, I've run a mail system built on FreeBSD for my own small business. > It's been as flawless as any mail server ever can be, requiring only periodic > maintenance and updates. > > The primary server runs in a 3rd party cloud environment. We are starting to > see parts of their network blacklisted by the various UCE blackholing services. > Unfortunately, they don't just blackhole a single IP, but an entire subnet at > a time, which catches us in the mix. > > The big mail hubs like outlook.com no longer have a mechanism for removing the block > for a single ip and kick you back to your ISP or hosting provider for resolution. > > So ... we are contemplating using a smart host to do all our outbound email for us > via relays from our own mail servers. Presumably, such a smart host would be better > equipped to deal with bad blacklisting and delivery issues. > > So ... does anyone have experience or recommendations as to who would be a good > provider for a low volume, small business mail relay? I'm all ears and appreciative of any pointers on this topic as well. I have been running my own mail servers for two domains for > 20 years. The volume is so low and I try to stay "mainstream" in configuration so I've never been blacklisted (that I know about, I watch). However, my current last mile ISP is centurylink, from whom I lease 5 static ips. And they just up and deleted my ptr records for over a month, and didn't fix it, even after hours on chat, until I shamed them with an analysis on dslreports, showing how their tech support was flat out stupid or lying. It happens, but it made terrified of being reliant on them. So I've decided to put my dovecot+rspamd+postfix system up on some popular VPS. I am leaning toward vultr, haven't had any problems with them for years, but I've never needed to ask them to open port 25, and they require you to ask. But I hadn't thought that my co-tenants might cause me a problem with blacklisted subnets! Anybody know of a successful strategy here? Maintaining your own servers can occasionally be a pain, but I really like managing my own servers exactly how I want them. Thanks, Russell > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >