Date: Fri, 4 May 2018 20:43:44 +0000 From: FBUser <freebsd@t41t.com> To: Mayuresh Kathe <mayuresh@kathe.in>, freebsd-questions@freebsd.org Subject: Re: email service for a private domain! Message-ID: <20180504204344.GA26824@dot.t41t.com> In-Reply-To: <20180504083711.GB10324@wolfman.devio.us> References: <20180504083711.GB10324@wolfman.devio.us>
next in thread | previous in thread | raw e-mail | index | archive | help
Mayuresh Kathe <mayuresh@kathe.in> said (on 2018/05/04): > i own a domain (kathe.in) which i would like to setup for mail services. > essentially, i should be able to log-in over ssh and work through my > emails using mailx. > ... > could i be pointed in the right direction? > > also, how do i evaluate hosting service providers? > i only know of rootbsd and digitalocean. As others have mentioned, it's a nontrivial amount of setup, that a third party would be happy to do for you. I would recommend FastMail. At its simplest, receiving email is easy. You need to configure an MTA (sendmail, postfix, exim, ...) to know it should receive email for your domain, then you need to point the MX record in DNS to that server. A small domain might even manage adequately without spam filtering, but setting up ClamAV and SpamAssassin is well covered by online tutorials. (Search for "setting up spamassassin" plus the name of the MTA you're using.) You may use the default local delivery agent, which will probably drop messages into /var/mail. Or you might want something more featureful like procmail or sieve. If you want to be able to retrieve email remotely (e.g. via IMAP) that's another set of things to configure, but you only asked about local access. Sending email is more work (if you want it to be read). In today's environment you will need to set up SPF, which advertises in DNS who can send mail for your domain. SPF is not enough anymore, though. You also need to set up DKIM, which cryptographically verifies certain headers in your outgoing email against a public key published in DNS. You also need to ensure you have "sender alignment", which matches MAIL FROM with From: with your SPF and DKIM records. Then you need to publish a policy called DMARC in DNS to describe your mail practices. You probably want that policy to include reporting of failures, at least initially. All that effort will be for naught if you do not restrict who can send mail through your server to just authorized users by appropriately configuring your MTA. You might look at packaged do-it-yourself solutions like https://mailinabox.email/, for guidance if not also actual implementation. As for where to host, reputation matters. In my experience reputation and cost are proportional. Lots of email providers outright block email from all of DigitalOcean's IP space, because they're the lowest-cost provider and therefore the largest source of problems, with high IP turnover. Similarly, residential IPs -- or things providers sometimes mistakenly think are residential IPs -- are blocked. I've not heard of too much trouble with RackSpace/RootBSD. Good luck!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180504204344.GA26824>