Interesting history and analysis of SMTP’s history. How can we prevent fedi and other open protocols from suffering the same fates?

  • makeasnekOP
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    20
    ·
    edit-2
    5 months ago

    Sure, you can run one, good luck getting even a halfway decent delivery rate to mailboxes at any major mail provider. Even if they never receive a spam message from your server, your server is an “unknown” which counts against you. And if one person in your small company of 10 or 100 or even 1000 people gets their e-mail hacked and sends spam? Prepare for the rest of them to get punished for it. Running an SMTP server is a nightmare which is why, over time, more and more of the economy has just shifted their SMTP servers to organizations who professionally run SMTP servers instead of having their own.

    • the_crotch@sh.itjust.works
      link
      fedilink
      arrow-up
      34
      arrow-down
      1
      ·
      5 months ago

      Set up dkim/SPF properly, make sure the ip you plan to use is clean before you start, sign up for MXtoolbox blacklist alerts and if you get on a blacklist (doesn’t happen often if you do a bare minimum of proactive security), you request removal. It’s really not hard.

      • Corgana@startrek.website
        link
        fedilink
        arrow-up
        16
        arrow-down
        4
        ·
        edit-2
        5 months ago

        Right, but try doing that with a 10 day old server created in 2024. That’s the hurdle people are referring to.

        • Samsy
          link
          fedilink
          arrow-up
          14
          ·
          5 months ago

          This works, too. It’s actually common that your dmarc-entry needs some time to be accepted everywhere. Wait a few days more and your mails don’t hit the spam folder on google and outlook.

        • The Cuuuuube@beehaw.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          5 months ago

          I’ve run into one issue in my time on a weird self hosted platform. The DMV said “oh. Let me call IT and get that unblocked” and then they did and it was done. All other times have been fine

    • majestictechie@lemmy.fosshost.com
      link
      fedilink
      English
      arrow-up
      21
      arrow-down
      1
      ·
      5 months ago

      I work as a Sysadmin for a web host who sells VPS’s. I’ve helped many people setup domains on their server to cover SPF, DKIM and DMARC passes on a daily basis. Most use these for personal or business level mail delivery without issue.

      Are there hurdles to overcome? Sure. But it’s not exactly hard as long as you have a IP that’s isnt a poor reputation (which as an ISP we help delist and improve). But it’s not impossible.

      Its more “convenient” to use a third party mail provider just as Office365 since you pass on all that setup and responsibility onto their framework, but it’s not hard to setup a decent level of mail service yourself.

    • Auzy@beehaw.org
      link
      fedilink
      arrow-up
      5
      ·
      5 months ago

      That’s not why people move to big hosters.

      They move because you don’t need to waste money managing them, and they have reliable backup

      We used to host our own, but big providers are so cheap and have such a good interface that it doesn’t make sense to host our own.

      It’s the same reason why most companies don’t host their own web servers.

      Even large corporations use AWS or similar.

    • DigitalDilemma
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      4
      ·
      5 months ago

      You’re spot on, and even smaller ISPs routinely get blocked by larger hosters (anyone who doubts this, please look around for the many stories along the lines of “gmail silently drops my email”)

      Residential IP blocks are scored much higher and given a negative trust from the start - not surprising since that’s where much of the world’s spam comes from through compromised computers, routers etc.