[166785] in North American Network Operators' Group
Re: Email Server and DNS
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Fri Nov 8 12:04:41 2013
Date: Fri, 8 Nov 2013 17:02:21 +0000
From: bmanning@vacation.karoshi.com
To: William Herrin <bill@herrin.us>
In-Reply-To: <CAP-guGWuSxzr8YxUoYzRUcu1yWtX29EyXc6YWxSiRG6KnB=EvQ@mail.gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Nov 08, 2013 at 08:37:32AM -0500, William Herrin wrote:
> On Sun, Nov 3, 2013 at 11:39 AM, <rwebb@ropeguru.com> wrote:
> > I am looking for some info on current practice for an email server and SMTP
> > delivery. It has been a while since I have had to setup an email server and
> > I have been tasked with setting up a small one for a friend. My question
> > centers around the server sending outgoing email and the current practices
> > requirements for other servers to accept email Things like rDNS, SPF
> > records, etc...
>
> Hi Robert,
>
> Current best practices are: don't run your own email server unless
> you're willing to spend the ongoing time and effort it takes to keep
> up with the current solutions to the spam, hacking and abuse problems.
> Corollary: when you get bored of doing so for a tiny mail server, stop
> running it and buy a service.
and yet, at the IETF this week, in the technical plenary, a call to
diffuse the target space by running your own services. much harder
to have your mail scrapped from your servers than from your providers.
/bill
>
>
> Other than that, the _changes_ of note in the last decade are:
>
> 1. The blacklist aggregators and IP reputation services have changed
> so you have to find the new ones,
> 2. There are email whitelist services now, some free others for a
> nominal cost. Use them.
> 3. Phishing and spear phishing are relatively sophisticated now, so
> your spam solution has to deal reasonably with it.
> 4. Relay from and to an external address without changing the envelope
> sender no longer functions reliably due to things like SPF enforcement
> and no mail servers I've noticed have such a translator built in.
>
>
> Regards,
> Bill Herrin
>
>
> --
> William D. Herrin ................ herrin@dirtside.com bill@herrin.us
> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004
