How is your deliverability? I’ve heard private servers are often blocked outright by the big providers but don’t have any first hand experience with it myself.
Never had any big issues, as there have always been providers here that stood by having an open network for its subscribers, even in the dialup age.
And because they existed, the major providers don’t tend to do that either (at least not anymore).
Most ludicrous thing is that the one time I DID have issues with port blocks (port 21/53/80/443 aka ftp/dns/http/https) was the first time I switched from a domestic line to a business one with one of the largest providers here. They did that as a default unless you called them to unblock everything.
But in the past decade, on fiber, never had an issue, the providers that were first to deliver fiber were new ones that broke from two of the major ISPs respectively owning ALL the coax and ALL the copper in the country, which allowed them to set their own rules.
And their competitive edge wasn’t on price, but on giving you a ludicrously fast and stable connection with the only limitation being what the fiber could carry, although now, when the major ISPs are also finally providing fiber, their pricing compared to my own ISP is kinda ludicrous.
My current ISPs advertised philosophy is “security is your responsibility, a stable fast connection ours”. And so far, they’ve held true to that.
Besides that, almost as long, I first rented and now own a box at a datacenter, which among its secondary tasks runs a backup NS and backup MX as I had the box anyway. To this date, the only times that backup had to do anything was when I was moving and when there are announced network maintenance or other works (of which the longest I can remember was 1 hour and only happen 2 times per year).
I get that if I lived in the US, this would not be quite as practical to achieve.
I worked for a US ISP in the early 00’s, was looking to provide WIFI in rural Texas areas. Setup the hardware and backend for them. Became quickly apparent from what they were demanding from the backend, that their focus wasn’t particularly to bring access to rural areas, but to milk the shit out of providing WIFI to rural areas.
Don’t get me wrong tho, I still have several Gmail addresses that are as old as the service itself is. I rather use a gmail address to sign up to sites and have them deal with the subsequent deluge of spam, than to have that shit tax my own system :P
I was actually referring to big email providers treating private email servers as spammy solely by virtue of the fact that they’re not sufficiently known to them. I had just read somewhere that it’s an increasing problem that may become self fulfilling. What I read might have been hyperbolic :)
Thanks for the read, I’m always interested to hear about people’s experiences with self hosting.
Email providers of every size don’t just blanket block unknown servers, that’s just asking for problems and loads of additional work.
They block known problems and detect likely problems.
Tools like ASSP (the spam filter I’ve used for a long ass time and used to install anywhere corporate filters weren’t in the budget) use advanced heuristics in combination with every form of blacklists/whitelist/greylist filtering you can think of (both on DNS and snmp levels), to look at the contents of the mail in combination with how “normal” the DNS registration and responses of the mailserver are. Add to that the default of checking that an @microsoft.com email actually comes from a known Microsoft server. There’s scores of public white and blacklists, generated by spam filters by receiving mail correctly from sources, which makes them go on whitelists and by detecting spam, which makes them go on blacklists. These lists have been around for decades by now and are constantly updated (mostly automatically).
You don’t do email security and spam filtering by being an ass to everyone you don’t explicitly know. You do it be looking for any suspicious signs and user feedback. Just blocking by default is a far bigger headache than letting your tools do their work and then going in manually when they miss something.
Google goes one step further and outright receives ALL mail, including spam, and just puts what is detected as spam in a spam folder.
First company I got to that had no spam filtering deployed at all, went from 3 million emails received per day to just over 50K. Most people in that company ran a (pirated) Outlook plugin that did desktop level spam filtering and still had to manually filter more than 90% of the mail they received and then every week or so, deleted their spam folder.
After I installed ASSP there, as I said, it went down to receiving only 50K emails per day, of which about 30K were still spam. After 2 weeks, it was down to 20K (a combination of me using the reporting tools from mail that landed in my own mailbox and the spam filter heuristics engine getting smarter from learning from the spam it received) and then I had a meeting with the whole company to teach them how to report spam (and whitelist known senders and false positives).
A month or two into the deployment, people were used to using the reporting button and they were down to receiving maybe 1 or 2 spam emails per day (which often were still detected as questionable, but not definitely spam) as they (the email senders) were completely new to the system.
This because spam outfits are relatively quickly detected, so they often have to change IPs, domains and methods and because of that, they perpetually exist on greylists which get scrutinized more heavily by filters.
A domain like mine, that has been running and sending/receiving email for decades, mostly to completely official destinations like banks, corporate clients, governments and other established instances, without ever even hinting at sending spam, will rarely have any issue delivering its mail to its target as it is already known on black/whitelists generators as a good sender.
We use cPanel emails at work… don’t ask, please 😭😂. Since we’ve got off a couple of large website hosting platforms it appears to be smooth sailing.
We’re currently hosting our emails with a small web hosting provider, ‘only 250k’ websites are hosted with them. They apparently use SSDs for customer data and boy oh boy is that apparent. Emails are sync’d, sent, and received faster than any other cPanel emails we’ve been on. We’ve only been with them for about 1-1.5 years, so something might come up one day.
I know it’s not quite self hosting, but it’s quite close to it.
Oh god, I bet that UI looks at least ten years old D:
The speed sounds good though!
Though with 250k sites their IPs would at least have a sizable reputation, I was referring more to private email servers that aren’t big enough to generate much of a reputation being auto-blocked by the Gmails and Outlooks of the world. Again I don’t have experience with this, I’d just read somewhere that it’s a growing problem with the big providers only granting any trust to email services above a certain size and therefore reputation.
I still use email clients. Not sure if that’s now considered the old school way of doing things? So the UI doesn’t come into it at all.
I’m not sure how much impact the IP address/server of the mail server has on reputation. I know the domain name and its DNS records have somewhat of an impact.
RE email clients, I think in the personal space it’s much more common to use the web app these days. I find the inverse is true for the business space. What desktop client do you use, out of interest? I’ve been a long time commercial Google user but want to move away and will likely switch to a desktop client along with that change
IP address and domain name can both be used for email reputation purposes. If you self host on a cloud provider that isn’t strict enough on outbound spam, for example, then you might find your sending IP gets blacklisted by virtue of being in an IP range with spammers.
How is your deliverability? I’ve heard private servers are often blocked outright by the big providers but don’t have any first hand experience with it myself.
Never had any big issues, as there have always been providers here that stood by having an open network for its subscribers, even in the dialup age.
And because they existed, the major providers don’t tend to do that either (at least not anymore).
Most ludicrous thing is that the one time I DID have issues with port blocks (port 21/53/80/443 aka ftp/dns/http/https) was the first time I switched from a domestic line to a business one with one of the largest providers here. They did that as a default unless you called them to unblock everything.
But in the past decade, on fiber, never had an issue, the providers that were first to deliver fiber were new ones that broke from two of the major ISPs respectively owning ALL the coax and ALL the copper in the country, which allowed them to set their own rules.
And their competitive edge wasn’t on price, but on giving you a ludicrously fast and stable connection with the only limitation being what the fiber could carry, although now, when the major ISPs are also finally providing fiber, their pricing compared to my own ISP is kinda ludicrous.
My current ISPs advertised philosophy is “security is your responsibility, a stable fast connection ours”. And so far, they’ve held true to that.
Besides that, almost as long, I first rented and now own a box at a datacenter, which among its secondary tasks runs a backup NS and backup MX as I had the box anyway. To this date, the only times that backup had to do anything was when I was moving and when there are announced network maintenance or other works (of which the longest I can remember was 1 hour and only happen 2 times per year).
I get that if I lived in the US, this would not be quite as practical to achieve.
I worked for a US ISP in the early 00’s, was looking to provide WIFI in rural Texas areas. Setup the hardware and backend for them. Became quickly apparent from what they were demanding from the backend, that their focus wasn’t particularly to bring access to rural areas, but to milk the shit out of providing WIFI to rural areas.
Don’t get me wrong tho, I still have several Gmail addresses that are as old as the service itself is. I rather use a gmail address to sign up to sites and have them deal with the subsequent deluge of spam, than to have that shit tax my own system :P
Internet is cheap and reliable where I live (US). Not all places are bad it just depends on how much competition there is
I was actually referring to big email providers treating private email servers as spammy solely by virtue of the fact that they’re not sufficiently known to them. I had just read somewhere that it’s an increasing problem that may become self fulfilling. What I read might have been hyperbolic :)
Thanks for the read, I’m always interested to hear about people’s experiences with self hosting.
Email providers of every size don’t just blanket block unknown servers, that’s just asking for problems and loads of additional work.
They block known problems and detect likely problems.
Tools like ASSP (the spam filter I’ve used for a long ass time and used to install anywhere corporate filters weren’t in the budget) use advanced heuristics in combination with every form of blacklists/whitelist/greylist filtering you can think of (both on DNS and snmp levels), to look at the contents of the mail in combination with how “normal” the DNS registration and responses of the mailserver are. Add to that the default of checking that an @microsoft.com email actually comes from a known Microsoft server. There’s scores of public white and blacklists, generated by spam filters by receiving mail correctly from sources, which makes them go on whitelists and by detecting spam, which makes them go on blacklists. These lists have been around for decades by now and are constantly updated (mostly automatically).
You don’t do email security and spam filtering by being an ass to everyone you don’t explicitly know. You do it be looking for any suspicious signs and user feedback. Just blocking by default is a far bigger headache than letting your tools do their work and then going in manually when they miss something.
Google goes one step further and outright receives ALL mail, including spam, and just puts what is detected as spam in a spam folder.
First company I got to that had no spam filtering deployed at all, went from 3 million emails received per day to just over 50K. Most people in that company ran a (pirated) Outlook plugin that did desktop level spam filtering and still had to manually filter more than 90% of the mail they received and then every week or so, deleted their spam folder.
After I installed ASSP there, as I said, it went down to receiving only 50K emails per day, of which about 30K were still spam. After 2 weeks, it was down to 20K (a combination of me using the reporting tools from mail that landed in my own mailbox and the spam filter heuristics engine getting smarter from learning from the spam it received) and then I had a meeting with the whole company to teach them how to report spam (and whitelist known senders and false positives).
A month or two into the deployment, people were used to using the reporting button and they were down to receiving maybe 1 or 2 spam emails per day (which often were still detected as questionable, but not definitely spam) as they (the email senders) were completely new to the system.
This because spam outfits are relatively quickly detected, so they often have to change IPs, domains and methods and because of that, they perpetually exist on greylists which get scrutinized more heavily by filters.
A domain like mine, that has been running and sending/receiving email for decades, mostly to completely official destinations like banks, corporate clients, governments and other established instances, without ever even hinting at sending spam, will rarely have any issue delivering its mail to its target as it is already known on black/whitelists generators as a good sender.
We use cPanel emails at work… don’t ask, please 😭😂. Since we’ve got off a couple of large website hosting platforms it appears to be smooth sailing.
We’re currently hosting our emails with a small web hosting provider, ‘only 250k’ websites are hosted with them. They apparently use SSDs for customer data and boy oh boy is that apparent. Emails are sync’d, sent, and received faster than any other cPanel emails we’ve been on. We’ve only been with them for about 1-1.5 years, so something might come up one day.
I know it’s not quite self hosting, but it’s quite close to it.
Oh god, I bet that UI looks at least ten years old D:
The speed sounds good though!
Though with 250k sites their IPs would at least have a sizable reputation, I was referring more to private email servers that aren’t big enough to generate much of a reputation being auto-blocked by the Gmails and Outlooks of the world. Again I don’t have experience with this, I’d just read somewhere that it’s a growing problem with the big providers only granting any trust to email services above a certain size and therefore reputation.
I still use email clients. Not sure if that’s now considered the old school way of doing things? So the UI doesn’t come into it at all.
I’m not sure how much impact the IP address/server of the mail server has on reputation. I know the domain name and its DNS records have somewhat of an impact.
RE email clients, I think in the personal space it’s much more common to use the web app these days. I find the inverse is true for the business space. What desktop client do you use, out of interest? I’ve been a long time commercial Google user but want to move away and will likely switch to a desktop client along with that change
IP address and domain name can both be used for email reputation purposes. If you self host on a cloud provider that isn’t strict enough on outbound spam, for example, then you might find your sending IP gets blacklisted by virtue of being in an IP range with spammers.
I use Outlook at work, Mailbird at home, and Nine on my mobile devices.