Setting up an email server once sounds awesome. Coding an email server system from scratch also sounds awesome. But running an email server indefinitely doesn't sound super fun.
I ran email servers for my personal domains in the 90s and early 2000s. What eventually caused me to move everything to gmail was the massive pain of dealing with spam and trying to keep up with the latest spam filtering, which is essential.
You don't need to keep up with anything if you use bogofilter, or similar statistics based methods, to classify it. You can do server side filtering based on other non-content things like DNS lookups, or IP blacklists, but that's just adding needless failure modes on the receive side. I don't do any non-content filtering, to keep things simple for the senders and latency down. Statistical methods are just that effective on a personal mail server level.
I've been running my own mailserver for the last ten years and I must say that nowadays I'm not even running an antispam filter anymore because I basically don't get spam.
What I do instead (instead of running an antispam server) is checking all stuff that a proper mail admin would do, that is:
- greylisting (postgrey)
- reject hosts not listed in spf records for the sender (spf-policyd)
- verifying dkim signatures, if present (opendkim)
Also f#@k spamhaus and those people, they will mark you as a spam host on pure prejudice.
Wonder how it works for you... I've been running my own mail infrastructure for 10+ years. hosting tens of domains with hundreds of thousands of messages daily.
That's said, most of my spam senders match SPF and have proper DKIM records. Only few absolutely outrageous spammers ignore it.
Setting DKIM and SPF is not a rocket science and I'd be extremely surprised if spammers wouldn't do that.
Uh ... Your dkim settings are for your recipients to validate your emails.
You should ALSO be checking dkim signatures on incoming e-mails (opendkim does that IIRC).
Also, I forgot to mention that I REQUIRE tls for incoming smtp connection. That's another thing rising the bar for spammers.
If you're using postfix, it's very open by default, in the sense that it doest not come with spf and/or dkim/dmarc tooling and it's not going to, for example, require (or even allow) ssl/tls for incoming smtp connections (and won't use it for outgoing smtp connection).
One last thing: a little bit of spam leaks trough... But it's like less than a single spam email per two weeks.
Spam is basically a non-issue these days. Just run your favorite bayesian filter locally and it's taken care of. On my mail server I don't do any silly blocking, simply pass everything through spamprobe and my spam rate is so close to zero that I don't notice. Maybe like once a month.
Same here. I started running my own mail servers back in 1994. Through the years, I've run smail, sendmail, qmail. My current stack is postfix, dovecot, rspamd running on FreeBSD.
Sure, you and many people. I'm saying there's an in-between level of enthusiasm where you do want to learn new things and experiment but without getting yourself into any long-term commitments.
I'm sure you'd agree that it's also easier to scale your experiments/interest if you only do small experiments rather than go all the way in every dimension.
