getting mail to work

Ed Zwart ed.zwart at gmail.com
Mon Mar 12 03:36:59 UTC 2007 

Thanks Bill, Josh and Jeffrey for answering my question.  It was my
ISP.  (So easy, I wish I had thought of that.  I somehow managed to
figure out they were blocking 80 a month or so ago.)

I'm still a little fuzzy on legal entries for hostname and domain.  I
set them to be mine, and it worked, and then for kicks, set it to
google.com, and that worked too.  I looked at the headers, and can see
that the source can be traced back to my machine, but that still seems
kind of easy to spoof.  Anyway, it's not something I'm overly worried
about; I'm just not clear on what I SHOULD be using for hostname and
domain.

Any words of wisdom appreciated.  Otherwise, thanks again for the
already super help!

e.

On 3/11/07, Jeffrey Goldberg <jeffrey at goldmark.org> wrote:
> On Mar 11, 2007, at 8:27 PM, jekillen wrote:
>
> > If you will allow me to break in on this exchange;
> > Does this advise [don't run your own direct to MX mail server]
> > apply if you have static ip service and are running web servers
> > from these addresses, with the ISP's blessing? (meaning you also
> > have at least two name servers running for the registered sites)
>
> First let's separate questions.  One is dealing with your own
> incoming mail.  The other is with sending mail out direct to MX.
> These two can (and often should) be separated.
>
> For the question of hosting your own MX there are positives and
> negatives.  Here is a list off of the top of my head.  It is far from
> complete.
>
> Positive:
>
>   (1) You get to fully control your rejection/acceptance policy from the
>       beginning.
>
>   (2) You get the learn about running such a system.
>
>   (3) You dramatically reduce your lock-in with an ISP (who can
> change their
>       email policy or practice at any time.
>
>   (4) You don't have to pay for some outside service (I use
> fastmail.fm) for
>       hosting your incoming mail if you want something better than
> the "free"
>       email service your ISP provides.
>
> Negatives:
>
>   (a) You have to maintain what is really a surprisingly complex system
>       for such a simple protocol.
>
>   (b) You have to defend your system against attacks it otherwise
> wouldn't
>       receive, including DoS attacks.
>
>   (c) Damage of being overwhelmed (either by deliberate attack or
> spam blowback)
>       may be harder to contain.
>
>   (d) Your system needs to fail appropriately.  For example, if you use
>       something like LDAP to maintain username or email address
> information, you
>       need to make sure that if your LDAP service fails your mail
> server fails
>       in an appropriate way (say a complete shutdown) or issuing
> temporary (4xx)
>       rejections instead of in an inappropriately issuing 5xx for
> mail that
>       would be accepted normally.
>
> If (1) (or (2)) is really important to you, then go ahead.  But
> probably the best way to see whether (1) really matters is to ask
> yourself what things you would like to do that you couldn't do unless
> you ran your own MX.  For example, if you have strong feelings about
> whether DNSbls should be used prior to content filtering or as part
> of it.  Or whether you want spam and virus rejections to occur at
> SMTP time or later.  Whether you want SPF failures to generate
> immediate rejections.  Whether you want to make use of sophisticated
> IMAP features that ISPs can't provide.  If you don't have strong
> feelings about these sorts of questions, then I doubt that (1)
> applies to you.
>
> Now there is the second question about doing direct to MX for mail
> sending instead of going through your ISP or some third party service.
>
> Positives
>
>   (i) You control queing and retry rates.
>
>   (ii) For bulk mailing (mailing lists) there is an advantage of how
> out-going
>        STMP session are organized.
>
>   (iii) You are not as dependent on your ISP or a third party for
> getting your
>         mail out, if they are slow or unreliable with mail
>
>   (iv) If your ISP's mail server provide crappy bounce information
> and you
>        need better information.
>
>   (v) If your ISP adds junk to your mail or sends out mail in
> unfriendly so as
>       to get itself on blacklists or leads to other forms of needless
>       rejections.
>
>   (vi) You get to learn about running such systems
>
> Negatives:
>
>    (A) Even with a static IP address, your assigned address may look
> dynamic
>        to other servers who may then reject mail coming directly from
> you.
>
>    (B) Your ISP blocks/disallows this sort of thing (not a problem in
> your case)
>
>    (C) The reverse DNS records for your IP need to correspond
> reasonably well
>        to your domain name, otherwise lots of servers will reject
> mail from you.
>
>    (D) You need to follow the RFCs and conventions strictly so that
> you don't
>        get yourself added to blacklists
>
>    (E) It is probably a little less network efficient for you to talk
> directly
>        to servers all over the planet when you could just talk to
> your ISPs
>        server which will be much closer to you.
>
> Here again, if (vi) is your primary reason for wanting to run your
> own direct to MX system, then use it just for one of your minor
> domains.  That way, if you mess up, you won't get your major domains
> blacklisted.  If (i) and (ii) really matter for you, then go ahead,
> but I think that you should have a real reason beyond "I can,
> therefore I ought" if it is going to be your primary way
> of getting mail out.
>
> In the end it is a matter of individual taste and need.  With good
> DSL or FiOS lines, along with a proper backup regime and
> Uninterruptible Power Supply hosting your own website makes plenty of
> sense.  But mail is a tricker thing to maintain than apache, so my
> view remains that unless you have some specific need for the kind of
> control you can get by running your own, let someone else handle your
> mail transport to the rest of the world.
>
> I hope this helps.  And keep in mind that different people will offer
> different advise.  I certainly believe my advise is good advise
> (otherwise I wouldn't have offered it), but I'm also aware that I
> could well be wrong.
>
> Cheers,
>
> -j
>
> --
> Jeffrey Goldberg                        http://www.goldmark.org/jeff/
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>

More information about the freebsd-questions mailing list