[Cialug] Email server

Scott Yates Scott at yatesframe.com
Fri May 12 19:36:58 UTC 2017


You have to contact Mediacom to do the reverse DNS.  And as far as I know
you can only reverse from an IP to ONE domain record, though you can point
multiple domains at a single IP

On Fri, May 12, 2017 at 2:34 PM, <khamil8686 at gmail.com> wrote:

> Thank you. Anyone know how I set the rev dns up, and if I get some domain
> names with a business account? Tier 2 webhosting, but I don’t need it since
> I will host it myself. Wondered if that included domain names.
>
> From: chris rheinherren
> Sent: Friday, May 12, 2017 2:32 PM
> To: Central Iowa Linux Users Group
> Subject: Re: [Cialug] Email server
>
> If you have a static IP from Mediacom you shouldn't have any problems with
> the IP being rejected as a dynamic IP block. Just make sure you get the
> reverse DNS setup on it so it doesn't get rejected for that reason. The
> only other potential problem would be if someone else had the IP in the
> past who abused it and therefore it's blocked on someone's blacklist. That
> can happen with any IP as someone has always used it in the past now days.
>
>
>
> On Fri, May 12, 2017 at 2:19 PM, <khamil8686 at gmail.com> wrote:
>
> > Ah, ok. I was not aware of that. I was thinking the only thing was if
> your
> > reverse lookup resolved to anything except www.x.com it would discard
> it.
> > Thanks guys. I will have to check with them. Ha, so many annoying little
> > nuances it seems…
> >
> > From: Matthew Nuzum
> > Sent: Friday, May 12, 2017 2:17 PM
> > To: Central Iowa Linux Users Group; David Champion
> > Subject: Re: [Cialug] Email server
> >
> > What he means is that the blocks they assign your IP address from can be
> > tagged as dial up, dynamic, etc. So your static IP address probably won't
> > be tagged as dynamic, but it never hurts to be certain.
> >
> > On Fri, May 12, 2017 at 2:08 PM <khamil8686 at gmail.com> wrote:
> >
> > > I won’t be, I’ll have a static IP with a business account. Can it be
> > > dynamic even if they said it would be static?
> > >
> > > From: David Champion
> > > Sent: Friday, May 12, 2017 2:05 PM
> > > To: Central Iowa Linux Users Group
> > > Subject: Re: [Cialug] Email server
> > >
> > > Yes, you should also verify (with the tools mentioned above) that
> you're
> > > not in a "dynamic" or "dial-up" network block.
> > >
> > > -dc
> > >
> > >
> > > On Fri, May 12, 2017 at 1:58 PM, Matthew Nuzum <newz at bearfruit.org>
> > wrote:
> > >
> > > > Then you should be well situated. The nice thing about having a
> > business
> > > > account is that you get an SLA and Mediacom will watch the blocklists
> > for
> > > > you. Also, malicious spammers aren't going to sign up for it, so only
> > > > accidental spammers will be problematic, and Mediacom will handle
> that
> > > too.
> > > >
> > > > On Fri, May 12, 2017 at 1:55 PM <khamil8686 at gmail.com> wrote:
> > > >
> > > > > Good point, thanks! I found I could upgrade to a business account
> for
> > > the
> > > > > same price that I could rent a VPS (+$20) so figured I’d give it a
> > shot
> > > > to
> > > > > try my own. I will try and see if I run into the same stuff. Time
> > will
> > > > > tell, I plan to set It all up this weekend 😊 We will see if I make
> > it
> > > a
> > > > > week or not, lol. The spammers sound pretty hardcore!
> > > > >
> > > > >
> > > > >
> > > > > *From: *Matthew Nuzum <newz at bearfruit.org>
> > > > > *Sent: *Friday, May 12, 2017 1:52 PM
> > > > >
> > > > >
> > > > > *To: *Central Iowa Linux Users Group <cialug at cialug.org>
> > > > > *Subject: *Re: [Cialug] Email server
> > > > >
> > > > >
> > > > >
> > > > > I realize I'm coming late to the game (half the messages to CIALUG
> go
> > > to
> > > > a
> > > > >
> > > > > "special place"). I just wanted to explicitly point out something
> > that
> > > > has
> > > > >
> > > > > been kind of said in this thread.
> > > > >
> > > > >
> > > > >
> > > > > One of the biggest challenges of running your own e-mail server is
> > the
> > > > >
> > > > > blocklists. These are services that most major e-mail providers use
> > to
> > > > >
> > > > > auto-block mail from untrustworthy sources. E-mail sent from IP
> > > addresses
> > > > >
> > > > > in the blocklist never even get to the SPAM filters, they just get
> > > > >
> > > > > auto-dropped or auto-rejected.
> > > > >
> > > > >
> > > > >
> > > > > Sometimes (often?) entire IP address blocks and subnets are added
> to
> > > > these
> > > > >
> > > > > lists, and it is quite common for low-cost hosting providers to be
> in
> > > > these
> > > > >
> > > > > blocks. One customer will send a bunch of SPAM and for a day or
> week
> > or
> > > > >
> > > > > month an entire subnet will get blocked. If you are in the same
> > subnet,
> > > > >
> > > > > this means anyone using Hotmail, Yahoo, Gmail and etc will be
> unable
> > to
> > > > >
> > > > > send you messages or receive yours, and they/you may not even get a
> > > > bounce
> > > > >
> > > > > message indicating that the delivery failed.
> > > > >
> > > > >
> > > > >
> > > > > For me, this was the last straw and I stopped running my own
> server.
> > I
> > > > >
> > > > > don't even run an outgoing server any more. Technically, I do, but
> > it's
> > > > >
> > > > > smart hosted to Send Grid or, rarely, gmail. This means if my
> website
> > > > sends
> > > > >
> > > > > an email (contact form, error log, etc) it gets queued into Postfix
> > > which
> > > > >
> > > > > then forwards it to Sendgrid for delivery.
> > > > >
> > > > >
> > > > >
> > > > > Like others here, I also use GSuite in addition to Send Grid and
> > > > Mailchimp
> > > > >
> > > > > for my various e-mail needs.
> > > > >
> > > > >
> > > > >
> > > > > One last footnote: If you want to run a mail-server in house, you
> > can.
> > > > One
> > > > >
> > > > > of the oldest methods of mail delivery was to have a
> > "sometimes-online"
> > > > >
> > > > > host periodically connect to a remote mail-queue to fetch and send
> > > > e-mail.
> > > > >
> > > > > Keeping the above in mind, it is not an issue to have a cheap VPS
> be
> > > your
> > > > >
> > > > > queue and then have your internal host connect to it to fetch
> e-mail
> > > and
> > > > >
> > > > > use the VPS as a smart-host. You could even VPN into your VPS
> (grin)
> > so
> > > > >
> > > > > that you have an "almost-always-online" type connection. You still
> > need
> > > > to
> > > > >
> > > > > worry about reverse DNS on your VPS, but it does give you the
> comfort
> > > of
> > > > >
> > > > > having very limited processes running on that host, making it a
> > smaller
> > > > >
> > > > > attack target.
> > > > >
> > > > >
> > > > >
> > > > > On Mon, May 1, 2017 at 3:26 PM David Champion <
> dchamp1337 at gmail.com>
> > > > > wrote:
> > > > >
> > > > >
> > > > >
> > > > > > Technically not always your ISP, although that is usually the
> case.
> > > You
> > > > > can
> > > > >
> > > > > > tell for sure by doing a "whois 8.8.8.8" (substitute your IP) and
> > > find
> > > > > out
> > > > >
> > > > > > who owns the netblock range that you fall into.
> > > > >
> > > > > >
> > > > >
> > > > > > You can use "dig -x 8.8.8.8" to see what the current PTR is.
> > > > >
> > > > > >
> > > > >
> > > > > > mxtoolbox has a bunch of nifty tools available for doing various
> > dns
> > > > >
> > > > > > queries. This Arin lookup is nice:
> > > > >
> > > > > >
> > > > >
> > > > > > https://mxtoolbox.com/arin.aspx
> > > > >
> > > > > >
> > > > >
> > > > > > -dc
> > > > >
> > > > > >
> > > > >
> > > > > >
> > > > >
> > > > > > On Mon, May 1, 2017 at 2:26 PM, Nicolai
> > <nicolai-cialug at chocolatine.
> > > > org>
> > > > >
> > > > > > wrote:
> > > > >
> > > > > >
> > > > >
> > > > > > > On Mon, May 01, 2017 at 12:53:59PM -0500, khamil8686 at gmail.com
> > > > wrote:
> > > > >
> > > > > > >
> > > > >
> > > > > > > > One thing I wondered, if I set up an authoritative nameserver
> > on
> > > > port
> > > > >
> > > > > > 53
> > > > >
> > > > > > > > using my domain name, point dns towards there, and put
> reverse
> > > > lookup
> > > > >
> > > > > > > > for my home mail server, would emails be rejected?
> > > > >
> > > > > > >
> > > > >
> > > > > > > > Purely an academic example that I was curious about.
> > > > >
> > > > > > >
> > > > >
> > > > > > > Well, your authoritative nameserver wouldn't be responsible for
> > > > >
> > > > > > > answering reverse DNS queries for your IP address; that's your
> > > ISP's
> > > > >
> > > > > > > job.  In other words, nobody would ask your NS for the PTR
> record
> > > of
> > > > >
> > > > > > > e.g. 53.2.0.192.in-addr.arpa.  All those queries would go to
> your
> > > > ISP's
> > > > >
> > > > > > > nameservers.
> > > > >
> > > > > > >
> > > > >
> > > > > > > dig +short ns cialug.org.
> > > > >
> > > > > > > dig +short cialug.org. # currently 67.224.64.36
> > > > >
> > > > > > > dig +short ns 64.224.67.in-addr.arpa.
> > > > >
> > > > > > >
> > > > >
> > > > > > > Nobody asks the cialug.org nameservers questions about
> > > 67.224.64.36.
> > > > >
> > > > > > >
> > > > >
> > > > > > > To get a specific PTR record for your IP address, you'd have to
> > ask
> > > > >
> > > > > > > your VPS/colo provider.
> > > > >
> > > > > > >
> > > > >
> > > > > > > Nicolai
> > > > >
> > > > > > > _______________________________________________
> > > > >
> > > > > > > Cialug mailing list
> > > > >
> > > > > > > Cialug at cialug.org
> > > > >
> > > > > > > http://cialug.org/mailman/listinfo/cialug
> > > > >
> > > > > > >
> > > > >
> > > > > > _______________________________________________
> > > > >
> > > > > > Cialug mailing list
> > > > >
> > > > > > Cialug at cialug.org
> > > > >
> > > > > > http://cialug.org/mailman/listinfo/cialug
> > > > >
> > > > > >
> > > > >
> > > > > _______________________________________________
> > > > >
> > > > > Cialug mailing list
> > > > >
> > > > > Cialug at cialug.org
> > > > >
> > > > > http://cialug.org/mailman/listinfo/cialug
> > > > >
> > > > >
> > > > >
> > > > _______________________________________________
> > > > Cialug mailing list
> > > > Cialug at cialug.org
> > > > http://cialug.org/mailman/listinfo/cialug
> > > >
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > >
> > > _______________________________________________
> > > Cialug mailing list
> > > Cialug at cialug.org
> > > http://cialug.org/mailman/listinfo/cialug
> > >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> > _______________________________________________
> > Cialug mailing list
> > Cialug at cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> >
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
>


More information about the Cialug mailing list