Yeah and honestly, this is largely a reasonable standard for anyone running an email server. If you don’t have SPF, DKIM and DMARC, basically anyone can spoof your emails and you’d be none the wiser. It also makes spam much harder to send without well, sacrificing IP addresses to the many spam lists. I wouldn’t be surprised if some people setting up their own mail server were made aware of these things because of being blocked.
Comment on Federated social media from before it was cool
r00ty@kbin.life 3 weeks agoYou CAN do the full list of things to get accepted there. But you only need to fail a SINGLE test to get sent to junk mail jail.
To not be put to junk you need all of the following (oh and this can and will change one day and you'll go straight to junk)
- SPF configured
- DKIM configured with valid keys applied to DNS
- DNS secured with DNSSEC, with validated keys passing all minimum requirements
- DMARC configured for domain
- Your mail server NOR the entire network on a DNSRBL. For example right now my mail server is hosted on OVH (moving soon) and it will go to junk, and in the hotmail/outlook headers it makes clear this is the only failure (-0.2 points, enough to go straight to junk mail jail)
Not sure if I missed any there. It's been a while since I set all this crap up.
ClamDrinker@lemmy.world 3 weeks ago
IsoKiero@sopuli.xyz 3 weeks ago
Also if you’re running an email server for others, it takes very little from single individual, like a small webshop newsletter, which enough people manually marks as junk and you’re on a block list again. Latest one with microsoft took several days to clear, even if all of their tools and 1st tier support claimed that my IP isn’t on a black list.
I’ve jumped all the hoops and done everything by the book, but that still doesn’t mean that any of the big players won’t just screw you up because some of their automaton happens to decide so. That’s why I’m shutting my small ISP business down, there’s no more money to make on that and a ton of customers have moved to the cloud anyways, mostly to microsoft due to their office-suite pricing. It was kind of fun while it lasted, but that ship has sailed.
r00ty@kbin.life 3 weeks ago
Yeah, I'm quite sure it's a deliberate activity to dissuade against private email servers. Keep everyone's email "in the club". Once you've got this much working you need a whole suite of tools to deal with the HUGE amount of spam you need to filter. It can be a hell of a lot.
IsoKiero@sopuli.xyz 3 weeks ago
Filtering incoming spam, while not 100% correct, is a pretty straightforward thing to do. Use DNSBL and other lists from spamhaus and it takes care of 90+% of the problem. Incoming spam has not been a huge issue for me, but when people try to send mail to someone in M365 cloud or to Gsuite and they just decide that your server isn’t important enough they just block you out and that’s it. Trying to circumvent that takes a ton of time and effort and while it can be done it’s a huge pain in the rear. And trying to fight your way trough the 1st tier support to someone who actually understands the problem and attempts to fix that while you customers are complaining that “problem with email” is actually affecting on their income is the part I’ll happily leave behind.
I’ll set up a couple of new VPS servers to host my personal and friends emails, but if they complain that the service I’m paying from my personal pocket isn’t what they’re after then they’re free to switch into whatever they like. And as infrastructure for that is something like 100€/year I’ll happily pay it by myself so that no one has an option to say ‘I paid for this so you need to fix it’ anymore. On commercial case that’s obviously not an option and I’ve had my share of running a business in a very hostile environment.