I run a personal mail server. Back when I used freeBSD, everyone once in a while amavisd would cause the mail queue to stall. I can't be bothered playing sysadmin to keep things running. My advice is to employ whatever Google wants, namely spf and DKIM. Look as legit as possible. Even then you will be blocked by SBC and have to be whitelisted. Spectrum will never accept mail from Digital Ocean. There is no work around. I stopped running SpamAssassin. I use RBLs. I need the mail to go through and don't want to fine tune SpamAssassin. I just delete the obvious spam which these days comes from legit Gmail accounts. If this is a personal server, it isn't like you have customers to complain about spam. I don't even have to open spam to know it is spam. OK maybe some day Bill Gates will be emailing me and I dumped his email. Oh well... The best antivirus is between your ears. Clamav gets about 75% of the malware eventually. The key is eventually. The trouble is it takes some time for any Anti-Malware to get the signatures so the initial implementation of the malware gets through. I was running clamav and yet getting fresh malware based on what I sent virustotal.com. Less is more. I do whatever I can using postfix. I block email from the goofy TLDs like XYZ. You know those TLDs that namecheap will sell for a dollar. I reject most attachments. Why would I ever want an exe file? I barely run windows and certainly don't get software in my email. I suggest using port 587 in your setup. Then use a firewall to keep countries that you will never visit from touching any email port other than 25. When I used a hosting company, I got hacked from Morocco. I'm sure it is a nice place to visit, but don't plan on it so I certainly won't be reading my email or sending email from there. I have a list of hosting companies that I have built over the years. They get blocked as well except for port 25. Now you risk using wifi somewhere and getting rejected but I don't use free wifi often and have a VPN anyway so I won't be blocked from my own server. Don't install anything for web email. You should always use an email client. Less is more. The more programs you chain together, the more likely the email will break. I suggest not using cpanel. I do everything on my server via command line. Every service you install just increases the attack surface. I like Digital Ocean a lot. I use centos. No drama. Thus far all the updates have been uneventful. Technically you can't upgrade centos. They want you to migrate. But the support for each rev lats a long time.
The long story short is that due to dealing with family medical issues over the past few years, my Combo web/postfix server is still on Ubuntu 14.04.
In a couple of months I will have some time to upgrade. Instead of risking an in place upgrade, I am going to fire up a new droplet on Digitalocean, install the latest stuff over there, and migrate my data. My site has two email users, me and the missus. I currently run an email stack of postfix, amavis, spamassassin, clamav and dovecot. The Postfix also has dkim, dmarc, spf and postscreen. Is there a more efficient, memory stingy, faster milter way to run spamassassin, clamav, etc, or would you recommend sticking with amavis? Thanks. | ||
- Recommended milters for small setup Ian Evans
- Re: Recommended milters for small setup Tom Hendrikx
- Re: Recommended milters for small setup PGNet Dev
- Re: Recommended milters for small setup Patrick Ben Koetter
- Re: Recommended milters for small setup lists
- Re: Recommended milters for small setup curtis
