[clue-tech] Mail server questions

Nate Duehr nate at natetech.com
Mon Nov 9 12:04:39 MST 2009 

I used to run my own mail server (for more than 10 years).  After VERY
carefully considering the options as spam-filtering changes had become
almost a "part time job" for me and my users, I moved everything to
fastmail.fm - good prices, professionals who's job it is to work on
e-mail servers and virtually nothing but e-mail servers all day, every
day, and it got me out of the mail server "biz" so-to-speak forever for
$15 a year.

Think seriously about something like that.

General comment overall: E-mail is a mess. I leave it up to
professionals paid to deal with it nowadays.  Between real spam,
backscatter, and other hideous techniques, it wasn't worth my time to
mess with it at all.  If you don't like GMail, there are LOTS of
professionally hosted options... I found GMail "tagging" when mixed with
IMAP folders, didn't ever behave right.  

Meanwhile, to answer your questions: 

POP is annoying when you have multiple machines.  IMAP was purpose-built
for the job.  Needs disk space on the server, is all.  Disk is cheap. 
But I understand in your case that it isn't because virtual hosting
companies charge too much for it.  ;-)  With POP, all it will take is
launching one client one time without checking the "leave messages on
server" and you'll have all of your clients out of sync.  

I used courier-imap when I ran an IMAP server.  Seemed stable.  There
are other options.  All of them had security issues and patching
regularly was required.

Spam filtering was handled by SpamAssassin and about 10 different
sources of scripts, DNS-based spam blocker services (e.g. SpamHaus) and
constant struggling with new techniques by spammers.  It's a losing
battle until mail is authenticated all the way from end-to-end with
cryptographic techniques, which will never happen on the Internet at
large for various reasons.  :-)

Testing/checking spam rules is a never-ending process. I used to send
suspected spam to the "bit-bucket" for users, and then kept copies of
all of it on the server for say a quarterly "review" to see if there
were too many false positives.  There are ALWAYS false positives if
you're keeping things at a level where your inbox only receives tens of
spam (instead of hundreds or thousands) a week.  Other techniques I
tried included teaching users to copy known spam into a "spam" folder
that I pre-set-up on their IMAP accounts to teach the Baysian filters. 
Users all have spam filters IN their clients these days, so asking them
to add the extra step was more of an annoyance to them than useful, I
think.  I got to look over a few shoulders (including my wife's) and
learned that they were all just deleting the spam, not copying it into
the "spam" folder.

As another IMAP topic, Server-side message filtering is a God-send. 
NONE of my mailing list traffic from any of many lists (even after I
went on a mailing list "diet" earlier this year) goes anywhere near my
INBOX.  Mailing list traffic goes STRAIGHT into the appropriate folder
ON THE SERVER before I even log in a client and ask for my mail.  It's
AWESOME.  Do it on the server and not in the clients, it works great. 
Then only open folders with new mail on the client when you have time to
read those topics... 

Just my thoughts.  I'm out (and staying out) of the mail hosting world
after moving to fastmail.fm - great customer service, tons of features I
COULD have added easily with open-source packages to my Debian-based
mail servers... but someone else figured it all out and tested it for
me.  (Example: WebDAV integration to IMAP folders!  Totally cool when
you need it, not worth scratching your head for hours to get
permissions, users, etc... all working together nicely.)

--
  Nate Duehr
  nate at natetech.com

On Fri, 06 Nov 2009 21:38 -0700, "Matt Gushee" <matt at gushee.net> wrote:
> So, I'm preparing to revive my long-dormant Web site(s), which also 
> means my e-mail server. I'm moving from a shared hosting service to a 
> virtual private server, which of course means I will be responsible for 
> all my own e-mail functionality. Yes, I know, I could just use GMail. 
> Don't wanna do it. I have my reasons.
> 
> Anyway, I have the following questions:
> 
>   1) I fairly often need to access e-mail when I'm out and about, but
>      still like to use Thunderbird (or some other desktop program) at
>      home as my primary client. So what I'm thinking about doing is:
> 
>      * Run a POP3 server.
>      * Use a Webmail application, probably RoundCube, for remote
>        access, but set it to not delete messages on the server.
>      * Keep my current desktop setup, with Thunderbird downloading
>        and deleting everything.
> 
>      Has anybody done it this way? Did it work well for you? Any pitfalls
>      I should know about?
> 
>      (BTW, I am also considering IMAP, but I'm leery of leaving mail on
>       the server because I am starting with a low-priced service plan
>       that doesn't provide a huge amount of disk space).
> 
>   2) I'm planning to use Postfix for SMTP, but am not sure about
>      POP/IMAP. Recommendations?
> 
>   3) And of course a spam question: a significant amount of the spam I
>      get is spoofing one of my two domain names. Now, I think it should
>      be pretty easy to detect those, since I know my own mail server's
>      IP address, and nothing originating from any other host should
>      claim to be from my domain. Any reason I shouldn't send the spoofed
>      messages straight to /dev/null?
> 
>   4) Finally, how should I go about testing my setup before going live? I
>      just want to have a reasonable degree of certainty that my e-mail
>      (especially incoming) won't be interrupted when I switch over the
>      DNS/MX records.
> 
> Thanks for any input!
> 
> -- 
> Matt Gushee
> _______________________________________________
> clue-tech mailing list
> clue-tech at cluedenver.org
> http://www.cluedenver.org/mailman/listinfo/clue-tech

More information about the clue-tech mailing list