> On Oct 11, 2019, at 10:06 AM, Chris Woods via mailop <mailop@mailop.org> > wrote: > > After recently receiving yet more spam from standards-compliant spam servers > (valid SPF, DMARC and domains on mainstream TLDs and delivery tolerating > greylisting), this discussion got me thinking again. Some open questions: > > Imagine an operator wishes to spin up a new email server, for themself or for > a client. They implement all the usual best practices regarding security, > domain records, MTA configuration and so on. > > Are they still fundamentally constrained by their choice of network provider, > despite complying with every possible security and delivery behaviour to > warrant and verify the content and sender of every email?
Yes. If there are 100 sources of terrible spam and 2 sources of legitimate email in a /24 then spinning up a new source of legitimate email in that /24 is going to be more than usually difficult (you could call that "the OVH problem", perhaps). Depending on what your mailstream looks like that "more than usually difficult" could mean it taking a little more effort, expertise and time to spin up to normal conditions - at least to most recipients - than it would on a better run network. Or it could mean you'll never get decent delivery. Spam filtering is a statistical process. If you're 99% sure that an email is not going to be wanted by the recipient, you don't want to deliver it. If a /24 is 99.9999% spam by mail volume the occasional legitimate mail is not going to have a good time. If you're sending low volumes of email there's not enough signal to differentiate your mail stream from the terrible mailstreams it's sharing a provider with. > > Has the prevailing method of deciding worthiness now become permanently > biased towards the 'prior reputation' factor? > > If so, would an operator ever be able to build the kind of reputation to have > reliable delivery to the big public services, without resorting to using > third party delivery providers? To me that feels like an expensive cop-out > and is assisting the creation of a de facto oligopoly (never mind all the > arguments about a two-tier email ecosystem, net neutrality etc). Don't send spam. Don't host with a network provider that allows others to send spam. There's a lot of minor technical things to get right too, but they're easy in comparison. If you consistently send a reasonable volume of email that does help. "Don't host with a network provider that allows others to send spam" also implies maybe[*] not going with the absolute cheapest provider. They'll have cut corners on all their systems and processes, including ToS enforcement, so they're not going to be policing their network. And they're not going to be running with a healthy cash flow, so they're not going to enforce whatever ToS they have on paying customers even when abuse is brought to their attention. That sometimes leads to a vicious circle where the good customers get fed up with the poor provider reputation, and leave. The bad customers stay, so the provider's revenue is increasingly reliant on them, so they can't clean up their network. So the provider reputation gets worse, and the good customers leave. Combine that with criminal spammers who are prepared to pay *spectacularly* over market rate for a provider that won't give them any trouble and it's easy to see why some providers mail reputation looks like it does. (Going with an expensive provider doesn't mean you shouldn't do any due diligence on their practices and reputation, but odds are much better). > > New mailservers have a difficult chicken-and-egg situation. How to generate > sufficient email volume to demonstrate validity when some large operators > will possibly consider new messages as disreputable, preventing a natural > development of sender reputation? Ramp volume up slowly. This is entirely normal practice and as long as the mail being sent is wanted by the recipients, and the volume it's ramping up to is enough that anyone / anyone's automation cares it'll work just fine, at least to get you to the same levels of ongoing effort needed to run a good mail service. > > Is one's only real hope at establishing an independent mailserver to search > for one of the few purer-than-pure hosting providers, pray that the assigned > IP(s) weren't previously used nefariously or in a dodgy neighbourhood, and > start sending emails very gradually? Ramping up volumes very gradually for the first few days is fairly important, extremely so at some recipient ISPs. The rest of the things you mention, though, are much less important than not sending spam and having reasonable volumes of mail to send. > > Anybody had any positive experiences of doing this in recent years? It happens all the time. It's entirely the norm in professionally run email. Cheers, Steve [*] There are some extremely inexpensive VPS providers who do care about their networks. I've spun up new, relatively low volume, mailservers on those providers and had very little difficulty with mail delivery. > > On Fri, 11 Oct 2019, 03:16 John Levine via mailop, <mailop@mailop.org> wrote: > In article <1570757713.1030.53.ca...@16bits.net> you write: > >Count me too as someone with a tiny server that Gmail automatically > >files in spam with apparently no reason. > >There are so few mails sent there (at most, 7 mails *per month*, often > > I took a look at the logs to see what mail comes to my mail server > from the network at Frantech where your server is. Surprise, it's > 100% spam. Lie down with dogs and all that. > > R's, > John > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
