Hello,
I started to use my own mail server two years ago, but a few years ago I tried
it unsuccessfully.
So yes it will take you some time to set it up with all options.
Now for your needs I would advice you openbsd+opensmtpd, you don't especially
need performance just a one box solution.
The only drawback I see is that roundcube is less sexy and less good than gmail.
I also had a hard time to install the calendaring/invite functionality on my
mail server. And also added prosody as an xmpp server (chat).
Maybe your children will like less the look of roundcube.
Really it will take time, here are the components I installed for this to work:
opensmtp, dkimproxy, clamav, clamsmtp, nginx, roundcube, prosody, dovecot,
let's encrypt, bind
I'm using imapsync for the migration and plan to use openldap and bogofilter.
You'll need to set it up just for yourself first and make your family to use it
when you're sure it will really work otherwise your family won't want to use it.
Le vendredi 14 septembre 2018 à 13:41:44 UTC+2, Craig Skinner
<skin...@britvault.co.uk> a écrit :
On Thu, 13 Sep 2018 09:24:18 +0200 Peter N. M. Hansteen wrote:
> The part about getting a static IP address with correct reverse
> lookup is truly essential.
Yes, this hostmaster work is more important for deliverability than the
*optional* TLS & DKIM stuff, which I still don't bother at all with...
Along with correct DNS PTR records (and matching SMTP HELO hostname),
basic SPF & DMARC DNS records are almost essential to send.
With almost all inbound connections being spam, fighting that is the
main task of the postmaster. Aggressive spamd settings are needed here.
After that, the MTA needs to be able to check the DNS validity of the
sender's SMTP HELO hostname, and check their DNS PTR record is valid,
and both the mail's envelope and address from domains have MX records.
Most spam is sent by infected consumer devices, which do not have valid
reverse DNS, nor a valid HELO hostname. After greylisting, bad DNS is
the biggest indicator of spam. An MTA needs a lot of DNS knobs to tweak.
Following that, the sender's IP address needs to be checked against
multiple reliable DNS black and lists, and a cumulative score being
totalled up to decide to reject or pass on to the next stage of tests.
TLS & DKIM have very little value. The postmaster instead needs to work
closely with the hostmaster and concentrate on good DNS practice/tests.
Cheers,
--
Craig Skinner | http://linkd.in/yGqkv7
