[Erwyn]

> It's not "plug-and-play", but it's not that hard. Once you've got it up and running the maintenance load goes to almost zero.

This is where I disagree. In my opinion it might not be that hard but the maintenance is really not zero as you just described how you need a reputable IP as a prerequisite and constant monitoring of block lists.

Just having DKIM, SPF and DMARC really was not enough last time I checked for getting delivered to let's say outlook.

[Intermernet]

I just realised, and this could be red herring, that almost all of the domains I've administered were based in Australia. I suppose it's possible that the IP ranges I'm dealing with have a better reputation than those from other countries. I have administered a few domains from US companies and IPs, but they've often been based in known data centres which may help their cause. I can't really talk to the reliability of hosting a mail server on a consumer / small business IP in the US / Europe/ Asia. It's possible that all known, common IPs in these areas have a natural disadvantage when it comes to reputation. I suppose try running a tunnel from your server to a small VPS in a knwon data centre? Not ideal, but it may help.

It would be annoying if entire US/European/Asian ISP IP ranges were immediately blocked. We should have moved on from that for many reasons unrelated to email.

[Intermernet]

The monitoring of block lists is much more important than people assume. I haven't looked into it in detail, but it always seemed like the reputation was based on a ratio of number of messages to known bad messages. If you have a moderately busy server, and you manage to keep off the block lists (or at least pro-actively remove yourself from them) then the reputaion gets higher and higher, and the maintenance goes down.

If you're a domain that only receives occasional messages, and you end up on Spamhaus and co, you're gonna have a problem. It seems that reputation at small scale is viral. You need actively good reputation and response time. But, honestly, it seemed that it didn't take more than about 3 months per domain I administered until they were just accepted by the net as valid, good actors.