[Cialug] Email server

khamil8686 at gmail.com khamil8686 at gmail.com
Fri May 12 19:34:17 UTC 2017


Thank you. Anyone know how I set the rev dns up, and if I get some domain names with a business account? Tier 2 webhosting, but I don’t need it since I will host it myself. Wondered if that included domain names.

From: chris rheinherren
Sent: Friday, May 12, 2017 2:32 PM
To: Central Iowa Linux Users Group
Subject: Re: [Cialug] Email server

If you have a static IP from Mediacom you shouldn't have any problems with
the IP being rejected as a dynamic IP block. Just make sure you get the
reverse DNS setup on it so it doesn't get rejected for that reason. The
only other potential problem would be if someone else had the IP in the
past who abused it and therefore it's blocked on someone's blacklist. That
can happen with any IP as someone has always used it in the past now days.



On Fri, May 12, 2017 at 2:19 PM, <khamil8686 at gmail.com> wrote:

> Ah, ok. I was not aware of that. I was thinking the only thing was if your
> reverse lookup resolved to anything except www.x.com it would discard it.
> Thanks guys. I will have to check with them. Ha, so many annoying little
> nuances it seems…
>
> From: Matthew Nuzum
> Sent: Friday, May 12, 2017 2:17 PM
> To: Central Iowa Linux Users Group; David Champion
> Subject: Re: [Cialug] Email server
>
> What he means is that the blocks they assign your IP address from can be
> tagged as dial up, dynamic, etc. So your static IP address probably won't
> be tagged as dynamic, but it never hurts to be certain.
>
> On Fri, May 12, 2017 at 2:08 PM <khamil8686 at gmail.com> wrote:
>
> > I won’t be, I’ll have a static IP with a business account. Can it be
> > dynamic even if they said it would be static?
> >
> > From: David Champion
> > Sent: Friday, May 12, 2017 2:05 PM
> > To: Central Iowa Linux Users Group
> > Subject: Re: [Cialug] Email server
> >
> > Yes, you should also verify (with the tools mentioned above) that you're
> > not in a "dynamic" or "dial-up" network block.
> >
> > -dc
> >
> >
> > On Fri, May 12, 2017 at 1:58 PM, Matthew Nuzum <newz at bearfruit.org>
> wrote:
> >
> > > Then you should be well situated. The nice thing about having a
> business
> > > account is that you get an SLA and Mediacom will watch the blocklists
> for
> > > you. Also, malicious spammers aren't going to sign up for it, so only
> > > accidental spammers will be problematic, and Mediacom will handle that
> > too.
> > >
> > > On Fri, May 12, 2017 at 1:55 PM <khamil8686 at gmail.com> wrote:
> > >
> > > > Good point, thanks! I found I could upgrade to a business account for
> > the
> > > > same price that I could rent a VPS (+$20) so figured I’d give it a
> shot
> > > to
> > > > try my own. I will try and see if I run into the same stuff. Time
> will
> > > > tell, I plan to set It all up this weekend 😊 We will see if I make
> it
> > a
> > > > week or not, lol. The spammers sound pretty hardcore!
> > > >
> > > >
> > > >
> > > > *From: *Matthew Nuzum <newz at bearfruit.org>
> > > > *Sent: *Friday, May 12, 2017 1:52 PM
> > > >
> > > >
> > > > *To: *Central Iowa Linux Users Group <cialug at cialug.org>
> > > > *Subject: *Re: [Cialug] Email server
> > > >
> > > >
> > > >
> > > > I realize I'm coming late to the game (half the messages to CIALUG go
> > to
> > > a
> > > >
> > > > "special place"). I just wanted to explicitly point out something
> that
> > > has
> > > >
> > > > been kind of said in this thread.
> > > >
> > > >
> > > >
> > > > One of the biggest challenges of running your own e-mail server is
> the
> > > >
> > > > blocklists. These are services that most major e-mail providers use
> to
> > > >
> > > > auto-block mail from untrustworthy sources. E-mail sent from IP
> > addresses
> > > >
> > > > in the blocklist never even get to the SPAM filters, they just get
> > > >
> > > > auto-dropped or auto-rejected.
> > > >
> > > >
> > > >
> > > > Sometimes (often?) entire IP address blocks and subnets are added to
> > > these
> > > >
> > > > lists, and it is quite common for low-cost hosting providers to be in
> > > these
> > > >
> > > > blocks. One customer will send a bunch of SPAM and for a day or week
> or
> > > >
> > > > month an entire subnet will get blocked. If you are in the same
> subnet,
> > > >
> > > > this means anyone using Hotmail, Yahoo, Gmail and etc will be unable
> to
> > > >
> > > > send you messages or receive yours, and they/you may not even get a
> > > bounce
> > > >
> > > > message indicating that the delivery failed.
> > > >
> > > >
> > > >
> > > > For me, this was the last straw and I stopped running my own server.
> I
> > > >
> > > > don't even run an outgoing server any more. Technically, I do, but
> it's
> > > >
> > > > smart hosted to Send Grid or, rarely, gmail. This means if my website
> > > sends
> > > >
> > > > an email (contact form, error log, etc) it gets queued into Postfix
> > which
> > > >
> > > > then forwards it to Sendgrid for delivery.
> > > >
> > > >
> > > >
> > > > Like others here, I also use GSuite in addition to Send Grid and
> > > Mailchimp
> > > >
> > > > for my various e-mail needs.
> > > >
> > > >
> > > >
> > > > One last footnote: If you want to run a mail-server in house, you
> can.
> > > One
> > > >
> > > > of the oldest methods of mail delivery was to have a
> "sometimes-online"
> > > >
> > > > host periodically connect to a remote mail-queue to fetch and send
> > > e-mail.
> > > >
> > > > Keeping the above in mind, it is not an issue to have a cheap VPS be
> > your
> > > >
> > > > queue and then have your internal host connect to it to fetch e-mail
> > and
> > > >
> > > > use the VPS as a smart-host. You could even VPN into your VPS (grin)
> so
> > > >
> > > > that you have an "almost-always-online" type connection. You still
> need
> > > to
> > > >
> > > > worry about reverse DNS on your VPS, but it does give you the comfort
> > of
> > > >
> > > > having very limited processes running on that host, making it a
> smaller
> > > >
> > > > attack target.
> > > >
> > > >
> > > >
> > > > On Mon, May 1, 2017 at 3:26 PM David Champion <dchamp1337 at gmail.com>
> > > > wrote:
> > > >
> > > >
> > > >
> > > > > Technically not always your ISP, although that is usually the case.
> > You
> > > > can
> > > >
> > > > > tell for sure by doing a "whois 8.8.8.8" (substitute your IP) and
> > find
> > > > out
> > > >
> > > > > who owns the netblock range that you fall into.
> > > >
> > > > >
> > > >
> > > > > You can use "dig -x 8.8.8.8" to see what the current PTR is.
> > > >
> > > > >
> > > >
> > > > > mxtoolbox has a bunch of nifty tools available for doing various
> dns
> > > >
> > > > > queries. This Arin lookup is nice:
> > > >
> > > > >
> > > >
> > > > > https://mxtoolbox.com/arin.aspx
> > > >
> > > > >
> > > >
> > > > > -dc
> > > >
> > > > >
> > > >
> > > > >
> > > >
> > > > > On Mon, May 1, 2017 at 2:26 PM, Nicolai
> <nicolai-cialug at chocolatine.
> > > org>
> > > >
> > > > > wrote:
> > > >
> > > > >
> > > >
> > > > > > On Mon, May 01, 2017 at 12:53:59PM -0500, khamil8686 at gmail.com
> > > wrote:
> > > >
> > > > > >
> > > >
> > > > > > > One thing I wondered, if I set up an authoritative nameserver
> on
> > > port
> > > >
> > > > > 53
> > > >
> > > > > > > using my domain name, point dns towards there, and put reverse
> > > lookup
> > > >
> > > > > > > for my home mail server, would emails be rejected?
> > > >
> > > > > >
> > > >
> > > > > > > Purely an academic example that I was curious about.
> > > >
> > > > > >
> > > >
> > > > > > Well, your authoritative nameserver wouldn't be responsible for
> > > >
> > > > > > answering reverse DNS queries for your IP address; that's your
> > ISP's
> > > >
> > > > > > job.  In other words, nobody would ask your NS for the PTR record
> > of
> > > >
> > > > > > e.g. 53.2.0.192.in-addr.arpa.  All those queries would go to your
> > > ISP's
> > > >
> > > > > > nameservers.
> > > >
> > > > > >
> > > >
> > > > > > dig +short ns cialug.org.
> > > >
> > > > > > dig +short cialug.org. # currently 67.224.64.36
> > > >
> > > > > > dig +short ns 64.224.67.in-addr.arpa.
> > > >
> > > > > >
> > > >
> > > > > > Nobody asks the cialug.org nameservers questions about
> > 67.224.64.36.
> > > >
> > > > > >
> > > >
> > > > > > To get a specific PTR record for your IP address, you'd have to
> ask
> > > >
> > > > > > your VPS/colo provider.
> > > >
> > > > > >
> > > >
> > > > > > Nicolai
> > > >
> > > > > > _______________________________________________
> > > >
> > > > > > Cialug mailing list
> > > >
> > > > > > Cialug at cialug.org
> > > >
> > > > > > http://cialug.org/mailman/listinfo/cialug
> > > >
> > > > > >
> > > >
> > > > > _______________________________________________
> > > >
> > > > > Cialug mailing list
> > > >
> > > > > Cialug at cialug.org
> > > >
> > > > > http://cialug.org/mailman/listinfo/cialug
> > > >
> > > > >
> > > >
> > > > _______________________________________________
> > > >
> > > > Cialug mailing list
> > > >
> > > > Cialug at cialug.org
> > > >
> > > > http://cialug.org/mailman/listinfo/cialug
> > > >
> > > >
> > > >
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug



More information about the Cialug mailing list