New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
email outgoing
leb_anonymous
Member
in Help
Hi, i currently host my own emails since am a big boy, but am having issue with outgoing email getting rejected it think its due to ip rep.
Am thinking it might just better to use Mxroute but i prefer to keep my email hosted internally so plan b is send the email via Amazon ses is that a good idea not too sure if amazon like that.
Comments
Well, apparently the others don't concur with you being a big boy.
Why wouldn't they "like that"? In general, sending you email out is their business... as long as your email doesn't violate their TOS.
I have 4 redundant dovecot/postfix instances, with two of them relaying through mxroute for deliverability. The other two handle the mail internally. These are all loadbalanced through HAProxy using two different ports to distinguish between the outbound services. Keep your MX records pointed at your servers and you won't have the emails stored on mxroute.
Directions: https://www.howtoforge.com/how-to-relay-email-on-a-postfix-server
I gave up on contacting microsoft, yahoo, and aol to clear my IPs.
EDIT: Forgot to add that the mailbox dir is a glusterfs mountpoint so the data is shared between the four servers. Otherwise all four servers wouldn't see all the emails.
You could use MXroute for just outgoing relaying am not even sure if @jarland even allow user to do that or not most likely he dose not care too much unless your sending spam or a crazy number of emails.
Amazon SES I don't think they care what type of email you are sending as long as it's not spam, I've relayed my personal mail server via them in the past for a number of month no issue.
I couldn't resist.
Our RBL check can let you know if your IP is on some blacklists.
https://nodeping.com/rbl_check.html
>
@Jarland isn’t it really hard to have a job that everyone can do so much better than you?
But you know, you‘re Not the only one with this Problem- Just think of all the teachers. Or the politicians. Or worse: for imagine if you were trainer of Germany’s national soccer team... We have about 80 mio people here that can do your job better than you!
Big relays for big boys.
Just imagine being a lawyer
Yet another profession rife with alcoholism!
Never. Ever. Make. Jokes. Like. That. Again!!
I can't even begin to describe the horror that just shook me.
>
Are all four of those servers the same datacenter? No latency issues? I've dealt with a similar setup, but across different datacenters, latency 10+ms would cause replication issues.
10ms won't cause replication issues, it depends on how you setup your GlusterFS replication and how you mount your Gluster storage on your servers.
I've successfully run GlusterFS with a 25ms replication at terabyte scale - the latency didn't cause issues at all - what could cause issues would be packet loss.
I hope you are not trying to send from your home, from a residential broadband IP range. That's not feasible.
If not, and you use a real DC IP, check your IP for blacklists, remove from those where possible. I use own mailservers on OVH for outgoing mail, never faced any problem with delivery. I mean maybe once someone said they got my mail in spam, but that's their problem, not mine.
Goes without saying, ensure you have proper forward/reverse DNS records set up and matching, as well as SPF records. Some will suggest you also DKIM and DMARC, but personally I don't bother with those.
>
The glusterfs bricks are in the same datacenter. However, I remote mount the fs from two of the servers and they don't have replication bricks. I ran into a split brain situation once in the year I've been running this setup. I think the split brain was due to one of the mount points being unmounted abruptly while handling a write. The latency between the two datacenters is about 12ms.
When replicating accross datacenters, you can use geo-replication. However, I think that's a one-way data stream. Like having an offsite backup.
There's another way that can theoretically work a bit better than gluster for higher latency between locations, which can allow you to have a better form of geographic redundancy. You can actually have dovecot manage it. Check this out:
https://www.lowendtalk.com/discussion/50955/postfix-dovecot-distributed-setup
>
Indeed it is a better geographic redundancy plan. Dsync was my first attempt, but I had an issue when I set that up... I was on wong VPS and I couldn't tell if it was the VPS causing failures or dsync (I now know wg is the worst). I ended up migrating my services, then dove into glusterfs and never looked back. dsync was great when it worked for me... I might test it out in a geographic redundancy plan, but that's when I have time to tinker again. Thank you for the reminder.
I'm using dovecot's replication between a server in Hetzner and another one in the UK, the documentation is a bit sparse but it can be figured out with some persistence.
The setup works fine for me, messages received on one server are replicated within seconds on the other one.
Works for me.
The setup is fairly recent (2 months) and I dont send lots of mails, however I didnt have issues with any of the big providers (yahoo, microsoft and gmail) yet, not to mention small ones such as protonmail. I mean besides the first days when i had to delist the IP from quite a few places where residential IPs were blocked.
I do have a fixed IP, this is the main reason i switched to Telekom for my main connection, RDS didnt offer this except for their business range and I am cheap, didnt want to pay 50 Eur for 1 Gbps when I can pay 12 including fixed IP.
A dynamic IP would not work, obviously.
And I'm understanding correctly that this is without custom PTR? Are you matching the HELO statement to your ISP's default PTR or just letting it fly with a mismatch and not having issues? Surprised if so, but I mean... sometimes things do just work.
FWIW, I've been using EHLO/HELO DUDE for my post-through-not-smtp-but-close since the 90s, and it's always worked.
@jarland
It seems that MXRoute Ghost server is down...
Weird. I get hell for fcrdns mismatches.
Ryan is on it
This sounds very MicroGooglesofty. I do have DKIM/etc setup, though, which includes my IP space, so maybe that's trumped. I'll have to try this again with a nearly-spam type message just so I can dig through the headers.
No PTR at all, NiX.
I send to my accounts mostly, sometimes does get into spam, but have filters in place so no biggie.
The server is actually used for internal mailing which means it gets and delivers mail mostly to itself (like 95%+, some couple of hundred emails a day at most).
I may ask Telekom for a PTR, what the heck, maybe it works, IF, and that is a big IF, I am ever bothered by the lack of it or they dont put it, I will simply use my own chunk of IPv6 through tunneling. So far it works as expected, actually better, so why break it.
Looks like I need to look into glusterfs again, and dsync sounds promising. Thanks guys!
You would not deliver to my mail servers and would get a
or
Residential IP outbound, I would suggest TINC to a VPS with a non blacklisted IP and a ptr matching the HELO mailserver-fqd.
Would work just fine as a HELO greeting if the IP ptr was mailserver-fqd (I am sure you already knew that)
EDIT: What seemed to make the biggest difference for me was changing the spf reject from ~all to -all
Well in that case my servers won't accept any mail from you. Not quietly shoving it into spam, you will get a delivery failure message.