My more recent experience has been this comes from using residential ISP IPs or cloud provider IPs. These are almost always just permanently in a grey list because AWS, Google Cloud, Azure, and digital ocean instances are so quick, cheap, and easy to setup and cycle through IPs on.
Comment on Self-Hosting Email - Software Recommendations?
johntash@eviltoast.org 9 months ago
Consider still using sendgrid, AWS ses, or some other service for outbound mail. Incoming email isn’t bad, but outgoing email is where your more likely to run into issues with your IP being blacklisted/etc
brygphilomena@lemmy.world 9 months ago
SciPiTie@iusearchlinux.fyi 9 months ago
Just curious is there any recent quantitative source to this? That statement was “common wisdom” already 20 years ago - 10 years ago I decided to just give it a try - and had issues three times in ten years, all three with missconfigured exchange servers.
And I’m not with a high profile provider either.
Just to make sure: I’m not claiming that you’re wrong, I’m simply curious on how lucky exactly I got!
SeeJayEmm@lemmy.procrastinati.org 9 months ago
100% agree. I probably should have said this in the OP but I already outbound relay to SES for messages that get generated within my home network (alerts and whatnot).
lily33@lemm.ee 9 months ago
If you have a VPS with dedicated IP, why would it be blacklisted?
jemikwa@lemmy.blahaj.zone 9 months ago
Short answer, likely yes. It’s not definitive, you could still slip by after sending enough mail, but you are also very likely to get whacked because that VPS doesn’t have an email sending reputation.
Longer answer, email gateways like Google, Microsoft, and Proofpoint don’t really care who owns what IP. Well, they might, but they’re more concerned about the sending habits of an IP. While you might send good mail from that IP, there’s no reputation for it, so you could be whacked for having a neutral reputation (the ol’ credit score dilemma but for email). In order to have a good reputation, you have to send a large volume of messages very gradually over several weeks to “warm” your IP as a reputable sender. I went over this slightly more in detail in another reply, but this article is pretty concise on how you could do this with a dedicated IP at a provider like SendGrid: docs.sendgrid.com/ui/…/warming-up-an-ip-address
jemikwa@lemmy.blahaj.zone 9 months ago
Definitely listen to this. IP Warming is a very real problem and you have to send thousands of messages for most email gateways to 1) Mark you as a proper email sender, and 2) classify you as a reputable one that isn’t sending spam. Using a public/private cloud IP isn’t enough, it should be a service already used for mail sending.
If you self host email, make sure it isn’t at home. ISPs often block SMTP traffic to keep people from spamming others from their home. A lot of IP blocklists also auto block home IPs so you may not ever get your messages delivered.
lily33@lemm.ee 9 months ago
What do you mean thousands at glacial pace? I don’t think I’ve sent 1000 emails offer the last year. And even if some people send more, I can’t imagine it would be at a pace where that becomes a problem (at least if it’s for personal use)…
jemikwa@lemmy.blahaj.zone 9 months ago
It’s about sample size. Mail gateways won’t designate an IP as a reputable sending IP until it assesses a large volume of mail sent over a long period of time. You can’t send the quantity it wants all at once or even in a short window because then you’ll be designated as a spammer. So you start small with a few a day and gradually ramp up sending over multiple weeks or months to eventually send several thousands of messages in that period.
Spammers and malicious actors too often spin up new IPs for sending mail, so gateway patterns already implicitly mandate that email should come from IPs it’s already judged reputable.
You as an individual can’t reasonably warm your own IP. This is why services like Amazon SES or Sendgrid exist because they have huge IP pools that are ready to go. Plus, those services are very concerned with reputation and have bounce/complaint metrics defined to warn customers that abuse or poorly configure their sending habits.
This next example is what I’m most familiar with, but I’m sure there are other services like this. If you’re a big enterprise and want your own dedicated sending IP because you’re concerned about using a shared pool, you could use something like Amazon Pinpoint which allocate IPs for your org to use in SES, but they have to be warmed before you switch your production workloads over to it full-time. It automates some of the gradual-ness of warming so you use a mix of SES plus your Pinpoint IPs to keep mail flowing for your product.