[-] albemmy@lemmy.world 1 points 1 year ago

This is disingenuous on many counts.

A mail server does not require 100% uptime. The only messages you would miss from a brief downtime would be from a bad behaving mail sender. Even if your server was down for a day you likely wouldn't miss any mail, if it was longer than 24 hours you might start missing some.

SPF is all that's really needed to prevent someone from faking mail from your domain, if it's set to strict most mail providers will reject fake/spoofed mail at this point. This let's the receiving mail server know which servers/IP Addresses are allowed to send mail for the domain.

DKIM - before sending an email your server will create a signature and add it as a header. The DKIM DNS record stores the public key so the receiving mail server can verify the email's authenticity.

DMARC - Largely I only ever get reports from Google. MS and others rarely send them. Anyway, this is basically a tool that alerts you that unauthorized emails are being sent from your domain. If this happens, likely your SPF record is incorrect.

There are tools to help make sure your setup is correct, such as this https://mxtoolbox.com/SPFRecordGenerator.aspx

The rest of your comment contains outdated information. This post is about running a mail server in 2023. Some anecdotal statements about what it might have been like to run a mail server 20+ years ago serve no purpose here other than to scare people off from trying to host their own mail. If you succeed in that at least we could continue to sit around whining that Google and Microsoft have email all locked up and us little guys can't do anything about it but to continue to regurgitate how hard it is and you just shouldn't even try.

[-] albemmy@lemmy.world 1 points 1 year ago

This is disingenuous on many counts.

A mail server does not require 100% uptime. The only messages you would miss from a brief downtime would be from a bad behaving mail sender. Even if your server was down for a day you likely wouldn't miss any mail, if it was longer than 24 hours you might start missing some.

SPF is all that's really needed to prevent someone from faking mail from your domain, if it's set to strict most mail providers will reject fake/spoofed mail at this point. This let's the receiving mail server know which servers/IP Addresses are allowed to send mail for the domain.

DKIM - before sending an email your server will create a signature and add it as a header. The DKIM DNS record stores the public key so the receiving mail server can verify the email's authenticity.

DMARC - Largely I only ever get reports from Google. MS and others rarely send them. Anyway, this is basically a tool that alerts you that unauthorized emails are being sent from your domain. If this happens, likely your SPF record is incorrect.

There are tools to help make sure your setup is correct, such as this https://mxtoolbox.com/SPFRecordGenerator.aspx

The rest of your comment contains outdated information. This post is about running a mail server in 2023. Some anecdotal statements about what it might have been like to run a mail server 20+ years ago serve no purpose here other than to scare people off from trying to host their own mail. If you succeed in that at least we could continue to sit around whining that Google and Microsoft have email all locked up and us little guys can't do anything about it but to continue to regurgitate how hard it is and you just shouldn't even try.

albemmy

joined 1 year ago