Need advice for setting up mail server

Matthew Seaman matthew at
Mon Aug 8 07:48:15 UTC 2016

On 07/08/2016 19:01, Niklaas Baudet von Gersdorff wrote:
> Solène Rapenne [2016-08-07 19:16 +0200] :
>> > Hello, you will need a SMTP server like Postfix or OpenSMTPD.
>> > You will also need to care with DKIM signing and SPF in your
>> > DNS. By running your own mail server you may also have problems
>> > to send mails to big companies like gmail, hotmail, yahoo
>> > etc... because they tend to blacklist large range of IP and
>> > it's hard to get removed on this list.

> At this stage I neither have SPF nor DKIM implemented on one of
> my machines (this one I am actually sending you the mail from)
> and so far I had no problems sending mails to "bigger companies".
> I realised that Google started automatically guessing SPF and it
> works for my mail server at least. :-)

Spam classification systems by big mail handling sites are all
different.  However they are largely based on on-line reputation
systems.  These depend critically on the volume of e-mail sent.  For the
small volumes you'ld send via a personal or family server,  basically
you're assumed to be good unless you do anything to disabuse that

Note that you also need take care of where -- IP-wise -- you're sending
from.  Most residential ISP netblocks are marked as such in DNSRBLs, and
your terms of service will probably forbid you from running your own
servers.  Mail originating from those address blocks is generally
assumed to be the result of spam-bots running on badly secured and
compromised home systems.  Avoiding this is a matter of choosing your
ISP carefully, or buying a VPS or similar (which generally don't suffer
from automatic RBL listing.)

SPF and DKIM are aids to improving deliverability -- combined with DMARC
they basically offer an online registry of where email can be sent from
for which domain and a protection against forgery; pretending to send a
massage from a valid sender.  You don't need them, but implementing such
things will mean receivers are better able to trust that any message
apparently from your system really is.  For getting a personal system up
and running, you can ignore them in the first instance and then retrofit
later if you find therm necessary.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the freebsd-questions mailing list