[DrPhish]

If you follow the guide in this post, you will have reliable email delivery without involving a possibly untrustworthy 3rd party. What part of it seemed overly time-consuming or difficult?

If you're worried about monitoring it for operation, make sure there is at least one automated email that passes in each direction once daily. Use pingdom free to check for basic up/down. That should suffice for a personal email system. Email senders will retry for days before giving up.

I say this as someone who has been hosting his own email on his own hardware on his own ISP connection (on OpenBSD no less!) for over a decade, and have never had a delivery issue

[bachmeier]

> you will have reliable email delivery without involving a possibly untrustworthy 3rd party

Only if you limit your email messages to parties that also use your personal email service.

[peterwwillis]

Seriously. Who are these people who don't seem to know what DNSRBLs are, who don't know about IP blackholing, who don't know about spammers stealing private addresses and getting your domain blacklisted, or sending out too many mails at once and getting tagged as a spammer, or sharing your IP space, or not getting accepted from various domains for not having a high enough "reputation", etc?

I mean, I must not know what I'm talking about, having run personal and corporate mail systems for 15 years. Must be pretty easy to get the DNS extensions which aren't used uniformly across major mail carriers right. And hey, if your ISP gets blackholed it should be pretty easy to fix, right? And you just have to set up a separate system with automated tests to alert you when your service is down so you can get it back up in a few days before the bounces start going out. And certainly maintaining your own spam filters has never been difficult, to say nothing of software upgrades, maintenance outages, security patches, offsite backups, certificate renewals, and moving hosting providers.

But, yeah. Easy.

[DrPhish]

I've been running half a dozen domains since OpenBSD 2.5, over multiple hardware platforms and ISPs, and I have never felt any of the pain you're talking about.

I've never had a reputation problem, but I've been sure to test for open relay on my servers as step zero. Maybe I've been lucky over the 4 ISPs I've had, but I've always ended up with clean IPs. In any case, that would be something you'd catch during initial setup and have to deal with before sending out your first email. This may be super painful to deal with, but I don't have any experience (fortunately).

I update my server OS (openbsd) once every 6 months and use long-lived self-signed certs for STARTTLS mail delivery. Combined with DNSSEC and DANE it makes for a trustworthy setup. Certbot for any certs that are more important to have a chain of trust for.

I set up DNSSEC/DANE/DKIM/SPF once over a couple of days and have never had a problem. I don't even have any spam to filter out after having domains for decades and lots of friends and family members using it. Google sends regular reports verifying that no one is using my domains for spam campaigns (at least to gmail addresses).

There are free online services to help generate configs for, and test for the correct configuration of each part of these setups.

Removable hard drives and fsarchiver make for simple offsite backups (just store them at work). But if you don't have a good backup plan, whether you're running your own email system or not, you've got bigger problems.

I'm sure you're dealing with bigger and more sophisticated setups than my vanity domains, but I'm not talking about those. I sometimes don't touch the email side of my system for years. Once set up it just works.