This is not the 80–90’s anymore. Internet is not a friendly place, and
the bulk of emails sent today are spams. So most actors are leveraging
everything they can to reduce that, and a high entrance barrier to email
sending is definitively part of this plan.
That’s why we have (fc)rDNS, SPF, DKIM… And regarding residential IPs,
they are hosts of the biggest botnets in the world, so residential ISP
tend to block port 25 outgoing by default to limit spam. Some provide
you the option to disable the port blocking, but very rare are those
that allow you setting the reverse.
On my receiving ends (plural, I handle multiple email servers of various
sizes including some with thousands of users), cutting down non (fc)rDNS
compliant senders kills 99+% of spam attempts and I’ve never been
reached by someone having a false positive on that policy. I don’t see
why anyone would want to not have this amazing first layer fence.
Regards.
Le 07/09/2023 à 13:12, Sagar Acharya a écrit :
Or maybe we can simplify mail systems more. If mail, a system used to send messages across computers cannot
work on "residential" IPs, then we can make it work on "residential" network since most
nodes are "residential". You can look at.
humaaraartha.in. TXT
And you'll find spf records there. Maybe it's just time to say, reduce the
requirements of mail hosting to just static ip and DNS in a world where most
don't even have a static ip!
Thanking you
Sagar Acharya
https://humaaraartha.in
P.S. I see that you're talking substance and truth to some extent but
discarding residential IPs and this need for reverse dns is outrageous! What is
the point of reverse DNS in today's world?
7 Sept 2023, 14:25 by archa...@activis.me:
Learn the basics. Unfortunately, you do not seem to understand MTA/SMTP.
So read maybe https://github.com/poolpOrg/OpenSMTPD-book, also
https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/,
and get a better understanding of SMTP/MTA requirements.
A public IP is not enough, it has to be not residential or at least you of
course need port 25 to be open towards the world, which is not your case, and
you also need to be able to set the reverse for it, while currently
humaaraartha.in. IN A 182.59.136.243
but
243.136.59.182.in-addr.arpa. IN PTR static-mum-182.59.136.243.mtnl.net.in.
And I do not expect “Mahanagar Telephone Nigam Limited” to let you set that
reverse.
So back to our options : either get a VPS or dedicated server somewhere that
allow port 25 and setting reverse, or use an email service provider that would
allow you to relay emails.
Actually I’m not even sure that your available SMTP options (Tutanota/GMail)
would allow sending with an arbitrary MAIL FROM (i.e. one that is not
@tutanota.tld or @gmail.com), and as I don’t have an account on either I cannot
test that. So you would have to look into
https://man.openbsd.org/smtpd.conf#host and
https://man.openbsd.org/smtpd.conf#auth, and check whether any of your email
providers allow you to send email as @humaaraartha.in (and then you might want
to provide SPF records allowing them to do so).
Regards.
Le 06/09/2023 à 23:40, Sagar Acharya a écrit :
So what's the solution? I have a public ip. Can you suggest an edit?
Thanking you
Sagar Acharya
https://humaaraartha.in
7 Sept 2023, 00:43 by archa...@activis.me:
Hi,
Le 06/09/2023 à 22:40, Sagar Acharya a écrit :
I checked all network settings. They are perfect. Here is my conf below
exactly. There's some issue with it.
========== smtpd.conf ==========
table aliases file:/etc/smtpd/aliases
table whitelist file:/etc/smtpd/whitelist
pki humaaraartha.in cert "path_to_fullchain"
pki humaaraartha.in key "path_to_privkey"
listen on 0.0.0.0 tls pki humaaraartha.in
listen on 0.0.0.0 smtps pki humaaraartha.in
action "local" maildir alias <aliases>
action "relay" relay host "smtps://humaaraartha.in" mail-from "@humaaraartha.in"
This line cannot work. You are asking to relay outgoing emails to your own
server (host is the destination host — Jarod just linked the doc while I was
writing). They won’t go anywhere. You cannot workaround port 25 being blocked
by using another port, else port 25 would not be blocked anywhere. You have to
use an external relay that will accept submission from you on port 465 (smtps)
or 587 (submission) and then relay on port 25 to the world. That will likely
have to be one you have an account on (gmail or tutatnota).
Regards.
