Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Need a Mail Relay From Home - Best Way?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Need a Mail Relay From Home - Best Way?

raindog308raindog308 Administrator, Veteran

I have a few servers and systems at home that need to send mail - e.g, if my Synology blows a disk, if one of my linux box's jobs fails, etc.

My ISP blocks port 25 and I can't send email directly from home to my gmail.

Here's what I've done...

(1) I have a 128MB BuyVM box running which runs postfix
(2) I have one Linux box at home that is set to relay all mail to that BuyVM VPS (the relayhost directive in postfix's main.cf)
(3) The BuyVM box has a cron job that does a dynamic DNS lookup (via afraid.org dyndns) and sets or updates an iptables rule that only accepts port 587 traffic from my home IP

The home Linux box doesn't do any kind of authentication - I'm relying on iptables to block all 587 traffic from other hosts.

Here is what it looks like...forgive my crude art:

Questions:

(1) Am I vulnerable to any kind of attacks or in danger of becoming an open relay? The BuyVM VPS only allows port 587 from my home IP + ssh on a random high port.

(2) Is there something better? If there is a service out there that I could just plug in instead of running my own VPS, that would be one less thing to manage.

As info, we're talking less than 5 emails a day, and I am always the only recipient.

Comments

  • sanvitsanvit Member

    Why not just Amazon SES or your own GMail account (afaik GMail also works on port 587)? That would be the just plug-and-go solution. Or I could give you access to my personal email server with rate limits (email either goes through SES or MailChannels)

    Thanked by 1raindog308
  • hzrhzr Member

    I just use mailgun or some other free relay (at your email level) with https://marlam.de/msmtp/ so just localhost sendmail works.

    Thanked by 1raindog308
  • raindog308raindog308 Administrator, Veteran

    sanvit said: Why not just Amazon SES or your own GMail account (afaik GMail also works on port 587)? That would be the just plug-and-go solution. Or I could give you access to my personal email server with rate limits (email either goes through SES or MailChannels)

    I hadn't realized that Amazon SES had a free tier...that looks like a solid choice.

  • raindog308raindog308 Administrator, Veteran

    raindog308 said: I hadn't realized that Amazon SES had a free tier...that looks like a solid choice.

    Er, actually I guess they don't - it's only free if you're sending mail from EC2. But 10 cents for 1,000 emails plus 12 cents per GB (mine are all tiny) isn't outrageous either.

    Thanked by 2sanvit vimalware
  • sanvitsanvit Member

    @raindog308 said:

    sanvit said: Why not just Amazon SES or your own GMail account (afaik GMail also works on port 587)? That would be the just plug-and-go solution. Or I could give you access to my personal email server with rate limits (email either goes through SES or MailChannels)

    I hadn't realized that Amazon SES had a free tier...that looks like a solid choice.

    Actually, that free tier only works with mails sent from EC2 instances. And you also get charged for regular data transfer fees (SES to internet). Still pretty cheap IMO

  • hzrhzr Member

    raindog308 said: Er, actually I guess they don't - it's only free if you're sending mail from EC2. But 10 cents for 1,000 emails plus 12 cents per GB (mine are all tiny) isn't outrageous either.

    Under $1 or $2 they don't bother billing you. It'll just roll over until it adds up to enough that the credit card fee is worth it.

    Thanked by 1vimalware
  • uptimeuptime Member
    edited July 2019

    Fastmail may be a bit pricey at $50 per year but you get what you pay for I think.

    Anyway - maybe there's a cheaper alternative that does this "one wierd trick" to get around blocked port numbers:

    https://www.fastmail.com/help/technical/servernamesandports.html

    If you are behind a firewall, some service ports may be blocked. Fastmail has a special proxy system whereby you can access IMAP, POP and SMTP through any port number. All these servers use SSL/TLS.

  • beaglebeagle Member

    I'm relaying emails from my home boxes via MXRoute.

  • I personally, use Pigeons.

    Always delivered straight to inbox.

    Thanked by 2ITLabs bikegremlin
  • raindog308raindog308 Administrator, Veteran

    Less than an hour later, I've got SES working like a charm. Thanks @sanvit! 1,000 LETCoins for you.

    beagle said: I'm relaying emails from my home boxes via MXRoute.

    I considered that and have one of @jarland's mad cybermonday promos...but after spending 30 minutes on the site and following tutorials, I couldn't figure out how to access the portal. His tutorials are either a wee bit out of date or my account is so old that it needs some TLC. I need to open a ticket.

    Thanked by 2sanvit uptime
  • sanvitsanvit Member
    edited July 2019

    @raindog308 said:
    I need to open a ticket.

    Yup. You're really outdated. You can join MXroute's slack for support or go to portal.mxroute.com to manage your account (or just PM @jar ). iirc tickets are no longer available :smile:

    raindog308 said: 1,000 LETCoins for you.

    Thanks :)

  • MasonRMasonR Community Contributor

    @raindog308 said:
    I couldn't figure out how to access the portal. His tutorials are either a wee bit out of date or my account is so old that it needs some TLC. I need to open a ticket.

    There should be a "login to cpanel" button in the client area of the main mxroute site, that'll automatically log you in. Alternatively you should have gotten an initial email with the subject, "[MXroute] Important Account Information", which has all the relevant account info.

  • raindog308raindog308 Administrator, Veteran

    MasonR said: There should be a "login to cpanel" button in the client area of the main mxroute site, that'll automatically log you in. Alternatively you should have gotten an initial email with the subject, "[MXroute] Important Account Information", which has all the relevant account info.

    I got that email...in 2014 :-) I posted my Q on MXroute slack. Thanks.

    Thanked by 1MasonR
  • NanoG6NanoG6 Member

    Sendgrid never disappoint me, try it

    Thanked by 1sin
  • MasonRMasonR Community Contributor

    @raindog308 said:

    MasonR said: There should be a "login to cpanel" button in the client area of the main mxroute site, that'll automatically log you in. Alternatively you should have gotten an initial email with the subject, "[MXroute] Important Account Information", which has all the relevant account info.

    I got that email...in 2014 :-) I posted my Q on MXroute slack. Thanks.

    You're telling me you don't save every single email you've ever received in your existence? Fair enough :P

  • MikePTMikePT Moderator, Patron Provider, Veteran
    edited July 2019

    We also allow you to relay, using MailChannels. ;-)

    Thanked by 1sanvit
  • HarambeHarambe Member, Host Rep

    If you have a MXRoute account, then that would probably work best. BuyShared $8/yr plan would work well too since Fran includes MailChannels with it now.

  • williewillie Member

    Oh Jeez, @jar has replaced support tickets with slack? I'd really rather not sign up with slack. I'm into low end services partly to stay AWAY from giant corporate ones, of which slack is now one. Jar I hope you can figure out something else at some point.

    Meanwhile I see mxroute still uses cpanel... I wonder if that will stay around under the new pricing, given how little of its functionality is being used.

    Thanked by 2raindog308 vimalware
  • sanvitsanvit Member

    @willie said:
    Oh Jeez, @jar has replaced support tickets with slack? I'd really rather not sign up with slack. I'm into low end services partly to stay AWAY from giant corporate ones, of which slack is now one. Jar I hope you can figure out something else at some point.

    Meanwhile I see mxroute still uses cpanel... I wonder if that will stay around under the new pricing, given how little of its functionality is being used.

    You can always use PM, and iirc there was a faq style discourse. Louis on slack told me they are working on Wildduck email with a custom panel :)

  • MikePTMikePT Moderator, Patron Provider, Veteran

    sanvit said: You can always use PM, and iirc there was a faq style discourse. Louis on slack told me they are working on Wildduck email with a custom panel

    Yeah I read it too and I hope @jar does it. Seems to be fantastic.

    Thanked by 1sanvit
  • raindog308raindog308 Administrator, Veteran

    willie said: I'd really rather not sign up with slack. I'm into low end services partly to stay AWAY from giant corporate ones, of which slack is now one.

    Amen, brother. It's thoroughly nauseating how large corporations have taken over Internet commons. Forums? Everyone uses FB groups. Email? Why not use slack so every message you send archived away on one company's servers. etc.

    It is grimly hilarious to me how quickly the Internet has been perverted into concentrated power. But then, I never did think much of humans anyway.

  • AnthonySmithAnthonySmith Member, Patron Provider

    Most shared hosts setup port 26 redirection for this reason, I have had that running since 2011.

    Just as another option for you.

    Thanked by 1vimalware
  • M66BM66B Veteran

    @hzr said:
    I just use mailgun or some other free relay (at your email level) with https://marlam.de/msmtp/ so just localhost sendmail works.

    As far as I know msmtp has no message queuing, so messages might get lost if they can't be sent immediately, for example due to connection problems, the server temporarily being unavailable, etc.

    Exim4 is easy to setup and has message queuing, so depending on the use case this might be a better choice.

  • rm_rm_ IPv6 Advocate, Veteran
    edited July 2019

    raindog308 said: Less than an hour later, I've got SES working like a charm.

    This went in the wrong direction, IMO.

    raindog308 said: (3) The BuyVM box has a cron job that does a dynamic DNS lookup (via afraid.org dyndns) and sets or updates an iptables rule that only accepts port 587 traffic from my home IP

    Best would be to just set up WireGuard or Tinc VPN between your home and your VPS, and send mail via the VPN's internal IPs. Then you could close off all relaying access to the outside world, and no attacks will be possible.

    Thanked by 3uptime default solaire
  • marvelmarvel Member

    I use a public smtp server on a vps running postfix and spamassassin with smtpauth enabled. No need for a relay this way.

  • sinsin Member
    edited July 2019

    @NanoG6 said:
    Sendgrid never disappoint me, try it

    Yeah I have been using Sendgrid's free account for awhile now and I love it (I signed up when they were offering 12k mails a month for free). I use DMA to send off emails on my servers, it's small and works great just for sending out only.

  • NanoG6NanoG6 Member

    @sin said:

    @NanoG6 said:
    Sendgrid never disappoint me, try it

    Yeah I have been using Sendgrid's free account for awhile now and I love it (I signed up when they were offering 12k mails a month for free). I use DMA to send off emails on my servers, it's small and works great just for sending out only.

    Exactly, easy to configure and high deliverability also. Now I'm using MXroute because, well, you know we're LET!

Sign In or Register to comment.