Hashemian Blog
Web, Finance, Technology, Running

Does It Make Sense To Self-Host Mail Server?

by @ 9:51 pm
Filed under: email,internet — Tags: ,

I have operated hashemian.com for over 2 decades now, earlier on hosted servers and eventually on my own server. During that time the domain has also been email capable, accepting and delivering emails sent to/from addresses such as [email protected] This was also originally hosted but was eventually ported to my own server. The product of choice for hosting my own mail server (MTA) has been Sendmail. At one time Sendmail was the king of the hill. It's still in use today, albeit vastly eclipsed by other products such as Exim and Postfix, as can clearly be seen here.

Years ago I would use email clients such as Squirrelmail to read emails but eventually for the sake of convenience I configured Sendmail to forward all @hashemian.com emails to my Gmail account. With Gmail I also gained great spam detection but there are also potential adverse effects in forwarding emails. One drawback is Gmail could and in fact does block access from my server, especially if a few too many emails are forwarded. Gmail does not recognize that the forwarded emails are from various original senders and instead assume all the emails originate from my server and takes punitive measures against what it perceives to be an abusive server. This periodic blacklisting has been happening for years now and I’m sure it doesn’t bode well for my server’s reputation.

421 4.7.28 [XXX.XXX.XXX.XXX] Our system has detected an unusual rate of unsolicited mail originating from your IP address. To protect our users from spam, mail sent from your IP address has been temporarily rate limited. Please visit https://support.google.com/mail/?p=UnsolicitedRateLimitError to review our Bulk Email Senders Guidelines. - gsmtp

There are steps I can take to correct or at least mitigate this issue. One would be to identify and block spammers from my server and I do that from time to time when I find egregious activities. It helps, but it’s a manual chore and hardly efficient. Another would be utilizing products such as Fail2ban and SpamAssassin to combat spammers at network and application levels. But that would mean more work for me in terms of configuring, tweaking, updating and patching, and I’m too lazy for that. Also instead of pushing emails to it, I can have Gmail pull emails utilizing IMAP or POP. But that means maintaining another product such as Dovecot and opening ports on my server inviting additional exploit activity. No thanks, not at this time, even if those ports can be restricted to Gmail’s IP addresses only.

Recently I undertook the effort to build from source and update Sendmail to its latest available version 8.15.2 on my ancient but functional Fedora 14 server. As can be imagined it wasn’t a simple task, especially since I wanted to bring as many features of ESMTP aboard as possible, including support for STARTTLS on TLS 1.2. In some cases that meant hunting around for newer library source codes to build into Sendmail. The effort was an eventual success, specially after I installed and started the service and mail began to flow. Then to build on that momentum, I also added DKIM authentication to Sendmail by building and installing dkim-milter.

I must admit that even though the effort was successful it wasn’t really cause for celebration. The latest version of Sendmail, while stable and rock solid, is nevertheless 5 years old now, not as ancient as the kernel it’s running on but still pretty aged as software goes these days. Still doubtful I would have felt any better had I switched the MTA to the more modern Exim or Postfix.

Fact is times have changed and with cloud services maturing and prices falling, there’s little reason to maintain a server. Sure, there’s the educational aspect to it and some pride and autonomy, but it can be exhausting to keep up with all the updates and patches when you can spin up a fully loaded droplet on Digital Ocean for $5 or get cheap domain email service on G Suite or Office 365 (soon called Microsoft 365).

And with that in mind, I am slowly warming up to moving my domain’s email setup to my G Suite account. It’s an account I registered for years ago and thankfully Google has kept it free so far. It’ll be a bittersweet moment when I shut down Sendmail for the last time (although I may continue to use it for a bit longer for outbound messages) handing over the reigns to G Suite. I suppose one concern would be if on that same day Google will flip the existing free G Suite accounts to paid versions.

To be continued…

No Comments »

 

* Comments are subject to Akismet and manual approval.

Powered by


Read Financial Markets  |   Home  |   Blog  |   Web Tools  |   News  |   Articles  |   FAQ  |   About  |   Privacy  |   Contact
Donate Bitcoin: 1K9TzBvQ2oaEb4tX9t2vKDtZouMcpfV6QF
paypal.me/rhashemian
© 2001-2020 Robert Hashemian   Powered by Hashemian.com