[denysvitali]

I'm a huge fan of Chasquid. The HAProxy protocol support makes it easy to integrate in Kubernetes.

I uses to use this solution until a few months ago when I decided that self hosting my mail server was too much work. To be fair, it's not Chasquid's fault as operations there are basically 0, but more of a spam / email reputation thing.

[77pt77]

Self-hosting email has been essentially dead for almost a decade.

Even if you don't ever SPAM and send like one email a day on average, you won't be able to get them delivered to the recipient's inbox.

You can use SPF, DKIM, DMARC all you want, google won't care.

[dspillett]

Still running my own mail server, for myself and friends. No problems with deliverability thus far (including to Google) with SPF and DKIM set correctly.

The killer problem is often source address, and source address range, reputation. Mail sent from a normal residential ISP will have trouble. Addresses allocated by many VPS providers (and some dedicated server providers) will have spotty reputation. Mail from cheap VPS providers simply won't get through (many block SMTP outgoing and state so on sign-up because they don't want the support burden of people complaining about this). Sending mail from cloud providers can be an issue too (I've had mixed results with VMs in Azure sending out alerts).

If you are stuck with such a source reputation issue then you can use a service like MXRoute (several others are available, this one I've not used but it seems popular on a couple of hosting forums I frequent) as a relay. Obviously that is not free, but it is cheaper than moving to a much more expensive VPS provider or changing your home ISP.

Another reputation issue many have when setting up a new project is that many mail servers explicitly distrust new domains. In this case SPF, DKIM, and a good reputation source address won't make much difference. The definition of “new” varies from place to place but where it is an issue you need a domain registered at least some months ago. This can be mitigated somewhat by users explicitly marking messages from new domains as not spam, but that is not something you can rely upon as said users need to see the message to be able to mark it that way.

[geek_at]

can't confirm. I'm hosting a online registration software for parent-teacher conferences and hosting all my mailservers on my business internet line.

If you have DKIM,DMARC,SPF and the reverse DNS of the mailserver is set to the correct domain you have no problem. Well.. except for GMX and yahoo which frequently block me for a few hours when multiple parents register at the same time

[rfmoz]

The security solutions on the mail system make a line that you need to cross, but it doesn’t guarantee a success.

It’s a hard way to guess how good is the implementation on the receiver, like GMX, Libero or other big country providers with “historical” service that don’t care about them too much.

[77pt77]

GMX is banned in many places for example.

[slowbdotro]

I agree. Self hosted my email for over a decade and as long as you do the recommended SPF, DKIM and DMARC you have basically no problems.

Occasionally I turn up in spam when I email someone I haven't before, but that's usually due to the .ro in my domain and the forced text mode rather than html.

I've found problems only start occuring when you send transactional email. User signups, notifications, etc. Anything really automated.

I think people like to joke on self hosting email because there are a lot of moving parts and it was hard to diagnose why something went wrong. Until the last decade and early 2010s there were no all in one self hosted solutions that made it easy & available for most to do it.

[77pt77]

> Occasionally I turn up in spam when I email someone I haven't before

Just proved my point.

[petee]

Google puts random things in Spam, including ones marked 'not spam' or from otherwise reputable senders (like Github, despite receiving their emails for a decade). My monthly credit card bills occasionally are dumped in spam.

Its not really proof of much unless one is constantly getting junked

[ninjin]

Back when I used GMail, Google would sometimes mark correspondence e-mails from Google staff as spam. Heck, I even had instances of responses to e-mails I had sent to Google staff marked as spam. Spam filtering is complex and clearly Google has (and continue) to tread a very fine line here.

[8organicbits]

Last week I saw the same behavior sending email from my work's Google Workspace account to my personal Gmail account. The email stays within Google, I'm logged into both accounts on the same computer, does Google think I am I spamming myself...?

[77pt77]

Google's expense reimbursement emails were systematically considered to be SPAM by gmail.

Google knew this because they even issued warnings.

Still, using your own domain and machine is different.

Unless you've had an interaction with that email address it will be considered SPAM.

[jamespo]

Wait until you get on MS blocklist with no recourse

[77pt77]

Or on any other RBL because someone else in the same netblock (maybe) did something suspicious.

[rfmoz]

Looking for help with Postfix configuration usually put you in forums threads with almost +10 years.

[kiwijamo]

And thankfully the solution is almost always the same even after many years.

[Avamander]

Choosing Postfix at this point in time is a mistake anyways though. Things like Stalwart or Haraka are just so much nicer to use.

[dugite-code]

Why? it's widely deployed, actively maintained and more importantly reliable. 10+ year old support threads are mostly still valid advice.

[Avamander]

It needs a bunch of milters to have basic functionality, such as DKIM, SPF and DMARC. OpenDKIM and OpenDMARC are not well-maintained, reliable or nice to use.

[rfmoz]

Postfix was designed years ago, but that doesn't do it bad, it is a beast, it can handle 5k mails per second (DKIM signed) with an small tunning in a modern hardware without problem.

[Avamander]

Postfix doesn't have DKIM support though. You'd have to use unmaintained OpenDKIM, no Ed25519, bunch of known bugs. It's not good. 5k/s is also really mediocre on modern hardware.

[sillystuff]

postfix-users is active, and primary devs very frequently answer user questions (you should make an effort to go through the documentation first).

https://www.postfix.org/lists.html

To get an idea without subscribing:

https://www.mail-archive.com/postfix-users@postfix.org/