Hit my head against wall? - mail server
Started hosting my mail server at start of this month, I have been putting off thinking I'll solve boogle spam filter problem, sadly I couldn't yet. Wish all my homies (don't have any) use proton, tuta, disroot..
Listing some valuable resources on web.
- SMTP - sending mails and push mails if host aren't same - OpenSMTP
- IMAP - receiving mails between clients - Dovecot (using just mutt)
- DKIM - domain keys identified signing
- DMARC - domain message authentication reporting & conformance
- SPF - Sender Policy Framework ref: dnsimple.com
- FCrDNS - ref: returnpath.com
- MTA-STS - ref: aykevl.nl
Web Sharks don't like, Unless you cloak yourself. Great Insight - ref: grumpy-troll.org
Testing Cloak - Real pain
Vaguely on this order.
- ref: internet.nl to know reputation levels, score >70.
- ref: hardenize.com better idea of published DNS configs
- mail firstname.lastname@example.org to check MTA-STS policy
Eejits listed me
Doesn't matter just found when STFW.
- .NL Domain - http://rfc-clueless.org/
- neighbour IP - http://www.apews.org/?
Apparently boogle suite suggest having
should get a pass, but it's not in my case. There isn't any clear info on whys' & why nots' (if it's easy why would tons of company make business out of it - improve mail landing in spam)
I'm waiting for my Domain Registar to support DNSSEC for my TLD, shame it's not (even on custom authoritative name server)
Though there's huge gap to overcome these proprietary tactics, I'm constantly looking for ways. (Part 2 of this?)
$ hostname <IP or DOMAIN>
Webserver that serves site & figure REQUEST
$ curl -sD- -o /dev/null https://www.displ.nl $ curl -I https://displ.nl
It's still a mystery what made me look good on proprietary big corps continued on..
Service I missed (didn't help me much but good)
- ref: mail-tester.com
Decent check for SpamAssassin test
even when I had 10/10 (must) mail landed on spam,
also faced a bug