[kwlug-disc] So, I took the plunge... Mail In A Box

[Chamunks]

@doug
Seems that this IP is 99.997% okay the only problem was that I
missconfigured something in my previous attempt at a mail server on this
domain and it apparently got caught by some fringe DNSBL.  As for IP's my
machine is a VPS hosted at OVH and all of their edgerouters include some
fancy email spam filters to keep their IP's all pristine generally.  They
also don't tend to allow you to end your lease of an IP that is on the
blacklist and hold you responsible for clearing up any misdoings before
your obligations are released.

@Andrew
I'll try to answer as best as I can granted MIAB basically takes a lot of
the hard work away and reduces a lot of it down to a we're going to do the
basic stuff for you to get you to a point where you're at internet modern
standards.

You could run a MIAB at home if you have a company like Teksavvy which will
give you a DSL based Static IP which is the only chance you'll have to run
a SMTP/POP/IMAP/etc server at home.

I don't know anything about the ISP mail relays but maybe?  It would fall
outside of my scope though because I would imagine that my ISP's email
relay would cost more money and I'm already renting this VPS for a OpenVPN
instance.

As for the scope of MIAB, it basically tries to make it impossible for man
in the middle attacks between you and others by handling DNS Sec all the
way up to the mail server and does things with TLSA(I believe) records and
SSHFP (SSH FingerPrint) in your signed zone.  Plus using LetsEncrypt and if
you're feeling feisty you can enable RainLoop in the included NextCloud
install and have GPG enabled.  The only downside with MIAB is that its
installing NextCloud version 12 which doesn't support pre internet
encryption so I wouldn't use it for a dropbox alternative until they
release whatever they do when 18.04 comes out.

On Mon, Feb 19, 2018 at 10:52 PM Andrew Sullivan Cant <
acant at alumni.uwaterloo.ca> wrote:

> (caveat: I have not tried to do email over anything other than
> SMTP+IMAP+Gmail/corporate for a long time. I have the urge to run my own
> mail server, but have never made the time for it.)
>
> > Yeah, it really seems more about finesse and magic than math and
> > science.  They tell you SPF and DKIM records are enough then they tell
> > you that you need to check against blacklists.  Then they say you have
>
> Does Mail-in-a-Box handle the SPF and DKIM out of the box?
>
> Could you use your ISPs mail relay to send email, and then receive mail
> directly to your own server? It partially defeats the point of running
> your own server I know.
> Could you filter out going email addresses? Send gmail/etc through your
> ISPs relay, and send everything else though your own server directly.
>
>
> Actually, I wonder if this could be a mail-in-a-box feature:
> 1. configure it with an existing SMTP relay (e.g., from your ISP)
> 2. by default send emails through this relay
> 3. send to emails which you communicate with often through your own SMTP
> server
> 4. slowly send more emails over your own SMTP server, as it hopefully is
> gaining more trust in the eyes of gmail/etc
> 5. and make it easy to fall back to the SMTP relay, if you get blocked
>
> For anyone with more email experience than I, would this help at all?
> Or just be overly complicated?
>
> Andrew
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180219/a67b78a6/attachment.htm>