[peterwwillis]

Seriously. Who are these people who don't seem to know what DNSRBLs are, who don't know about IP blackholing, who don't know about spammers stealing private addresses and getting your domain blacklisted, or sending out too many mails at once and getting tagged as a spammer, or sharing your IP space, or not getting accepted from various domains for not having a high enough "reputation", etc?

I mean, I must not know what I'm talking about, having run personal and corporate mail systems for 15 years. Must be pretty easy to get the DNS extensions which aren't used uniformly across major mail carriers right. And hey, if your ISP gets blackholed it should be pretty easy to fix, right? And you just have to set up a separate system with automated tests to alert you when your service is down so you can get it back up in a few days before the bounces start going out. And certainly maintaining your own spam filters has never been difficult, to say nothing of software upgrades, maintenance outages, security patches, offsite backups, certificate renewals, and moving hosting providers.

But, yeah. Easy.

[DrPhish]

I've been running half a dozen domains since OpenBSD 2.5, over multiple hardware platforms and ISPs, and I have never felt any of the pain you're talking about.

I've never had a reputation problem, but I've been sure to test for open relay on my servers as step zero. Maybe I've been lucky over the 4 ISPs I've had, but I've always ended up with clean IPs. In any case, that would be something you'd catch during initial setup and have to deal with before sending out your first email. This may be super painful to deal with, but I don't have any experience (fortunately).

I update my server OS (openbsd) once every 6 months and use long-lived self-signed certs for STARTTLS mail delivery. Combined with DNSSEC and DANE it makes for a trustworthy setup. Certbot for any certs that are more important to have a chain of trust for.

I set up DNSSEC/DANE/DKIM/SPF once over a couple of days and have never had a problem. I don't even have any spam to filter out after having domains for decades and lots of friends and family members using it. Google sends regular reports verifying that no one is using my domains for spam campaigns (at least to gmail addresses).

There are free online services to help generate configs for, and test for the correct configuration of each part of these setups.

Removable hard drives and fsarchiver make for simple offsite backups (just store them at work). But if you don't have a good backup plan, whether you're running your own email system or not, you've got bigger problems.

I'm sure you're dealing with bigger and more sophisticated setups than my vanity domains, but I'm not talking about those. I sometimes don't touch the email side of my system for years. Once set up it just works.