[sylware]

Got myself a Pi, a plastic box, a memory card, a big usb key, wrote my own SMTP server in super lean no-libc C (c89 with benign bit of c99/c11), put a devuan GNU/linux (NOT debian with its toxic trashy bloat and kludge of systemd).

I did the same thing with a nanomimal http server to serve static content and maybe dynamic in the future: a noscript/basic (x)html http server for maps (which uses openstreet map tiles), which does provide proper map display in links2, with a font not too big, and with harmless html tables.

Configured the "server" to restart everything if something is detected missing (you know, cron with SH scripts and certainly not bash scripts).

It has been running for years. I never had to modify the code of my smtp server, yet (and I run IPv4 and native IPv6 provided by default to millions of clients by my ISP, I think it has been the case for more than a decade, may be wrong about this one though). I am kind of surprise it was not already pown by some trashy hackers.

The main issue: spamhaus block lists, they are hostile to all self-hosted people and they don't provide a irc server, or a non blocked email to be removed from their lists (which are unfortunately used by too many open source related companies/project, which is a mistake). Basically, they force ppl to use one of google/apple super heavy javascripted web engine (no better than the default security checks from cloudflare). Yes, those ppl are seriously worse than spam itself, hope they will fix that (they are a shaddy swiss-andoran company...).

Did you know you cannot send an email to redhat(IBM now) people using an ipv6 smtp? yeah...

And it is coming: I'll move everything to a similar RISC-V mini-computer because I am aware of the super toxic IP tied to arm64 ISA (same for x86_64), that will be the first step, the 2nd step will be to hand compile (=assembly programming with near Zero-SDK) all of them and forget this C syntax too complex and those horribly massive and complex compilers, not stable on the long run (thanks ISO, gcc extensions and c++). And with all that, I would not be surprise to port to 64bits RISC-V assembly a minimal IPv6 stack... and maybe more.

[traceroute66]

> The main issue: spamhaus block lists, they are hostile to all self-hosted people

Allow me to correct that for you.

There is nothing wrong with spamhaus. They provide one of the best anti-spam options amongst all the commercial providers.

Spamhaus have many lists, I suspect the one you are referring to is the PBL, in their words "DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.".

We are in 2023, I think it is beyond any sort of doubt by now that a significant proportion of spam and phishing mails originates from home internet connections because people can't be bothered to keep their computers up to date and virus free, so they become part of a botnet.

So the fact of the matter is that even if Spamhaus PBL did not exist, someone else (or the MX operators themselves) would very soon fill their place by blocking the very same ranges.

Added to which, most home ISPs don't even provide reverse DNS ... so again, even if Spamhaus PBL did not exist, you would likely STILL find yourself being blocked by other measures that most sensible sysadmins implement on their servers.

Hell, many home ISPs just block outbound port 25 these days anyway !

[sylware]

Wrong, sys admin should use grey listing with a similar block lists.

Spamhaus provides a way to be removed from this list, but does not provide an IRC server, only an horrible web javascript only chat, they should fix that. Ofc, they provide an email to request removal from their block list... which is using their block lists.

Since spamhaus is "shadily" hidden in andore and switzerland, my lawyer cannot do much, but I guess I should go after the sys admins using without grey listing those block lists in EU/US but I haven't needed too yet, since there is most of the time either somebody with a smtp server not using blocklists (not even grey listing) or even an irc server.

From a technical point of view, and specific to my ISP in my country (did not check the other ISPs), putting all domestic ranges of my ISP in their block list is text book abusive... spamhaus is doing a really, really, bad job. But I keep that for court if I need too, I may go to EU regulatory orgs directly though, well only if I am pissed off enough (and that's very hard).

[KennyBlanken]

You're trying to argue sense with someone who thinks they can sue someone for greylisting, and is screeching about insecurities in GUI browsers and being "forced" to use an Apple or Google browser:

> "If you want to make spamhaus remove your IP from their block list, you must engage in a chat working only with google/apple javascript browsers (I am a noscript/basic (x)html user)."

Amazing that I've been on the internet for several decades and never once had my shit jacked (due to a modern GUI browser or otherwise.) The way people like grandparent commenter make it sound, the split second you use a modern browser, you'll be pwned...

Edit: https://news.ycombinator.com/item?id=34700126

> webkit/blink/geeko are financed (and steered) by the same people: blackrock/vanguard = apple = alphabet(=google) = microsoft = starbucks = etc.

loooooooooooooooool

[mike_hock]

> and never once had my shit jacked

Not that you know of, anyway.

[johnklos]

Your efforts are commendable, but you're not correct about Spamhaus and being forced to use Google / Apple.

For starters, nobody is ever forced to use a web browser with email. I'm OK with the fact that pine will parse some of the HTML so I don't see all the silly tags in most email, but it will never follow a link, at least.

If your IPv4 and/or IPv6 is on a Spamhaus list and you can't get it / them removed, likely because you're in a pool of residential IPs, and likely in part because you can't control the PTR, then you can always smarthost through any reasonable provider.

I've been self-hosting email for a quarter of a century, and I'd never blame anyone else if I tried to send email from a residential pool of IPs and it didn't work.

Not sure what this has to do with setting up a nice little ARM server, besides your observation that the ARM architecture is licensed, but here we are :)

[sylware]

If you want to make spamhaus remove your IP from their block list, you must engage in a chat working only with google/apple javascript browsers (I am a noscript/basic (x)html user). Where is the IRC server? They provide an email for IP block list removal... which is blocking smtp servers (not even a grey listing) using their block lists.

Those guys are bad, really bad. Hope they grow up and improve.

Yeah, once I have finished or I am more advanced on other projects, I'll get rid of those pesky arm64 with that toxic IP (that said it is the same for x86_64). I'll re-use first my C code as a stepping stone to perform the jump. One more step towards real digital freedom.

[johnklos]

I wrote what I wrote in an unclear way:

"you're not correct about Spamhaus and being forced to use Google / Apple"

What I meant is that you weren't necessarily correct about Spamhaus, nor correct about being forced to use Google / Apple (which I thought was a reference to the fact that 98% of the world use Google's browsers and Gmail and/or Apple's Safari and/or Mail).

I see now you were referring to using a mainstream browser to communicate with Spamhaus. Yes, that's uncool. And yes, I wholly agree that the email address to request unblocking should not be filtered like it is.

Sometimes we worry so much about the symptom that we forget about the problem. Perhaps it'd be worthwhile to just ask someone else to forward an email requesting removal to Spamhaus' removal address.

[sylware]

Come on, you know that the whole point is to be independent from gatekeepers, and walking towards real digital freedom.

Spamhaus is doing a really bad job. They just need to grow up and improve.

[johnklos]

Of course, but giving up and just accepting the fact that you're on their blocklists does more harm to you in the long run, in my opinion, than just asking someone to forward an email. If that's what you want, then of course that's entirely up to you, but considering the complete lack of action network admins take when you report abuse and illegal activity, you can hardly blame people for taking the easy way out and just blocking all the low hanging fruit.