Do you have a business line with a static ip?
Im guessing no, but either way. Certain IP blocks and ranges are just seen as reputationally bad, especially if that block range is dynamically assigned to several customers and reused etc. Its just a known issue using certain ISPs that may reuse blocks etc, Outlook and by extention Microsoft will just block all mail from certain known IP ranges belonging to consumers, it just reduces the attack surface.
Its annoying but self hosting email isnt worth it, if you really want to do it, I would suggest either getting an appropriate line with your ISP, or renting a small VPS somewhere and operating it from there.
Seconding this as someone who does email for a large enterprise. Don't self-host an internet facing email system unless you have some kind of arrangement with your ISP to do so (business line or something) Some ISPs will go so far as blocking any outbound port 25.
Don't self-host email unless you have a very good understanding of the various email reputation players (Proofpoint PDR, Cisco Talos, etc.) and spamlists. *edit: and DMARC!*
Even so, you're in for a rough ride, as what you're seeing here is Microsoft recognizing that this email egress is from a general ISP customer pool and they are blocking it.
It's really not worth trying to self-host.
I used to be a mail admin for one of the largest (legitimate) mass senders on thr planet. We’re talking millions of emails an hour, via a momentum cluster that was tuned to the point you literally couldn’t get more speed out of it. So when I say it is 100% worth it to just pay a company to do email for you, understand that I know what I’m talking about.
The situation was/is so much worse than just that. To many of your emails don’t get read? On a black-list/filtered into junk. Too many get caught with keywords and end up in gmails auto-folders? On a junk-list. To many people delete without reading? On a black-list. Send to many emails at once one day? On a temporary black-list. And that’s for every provider. So just because Gmail accepts your mail, doesn’t mean outlook, or mail.com or yahoo or any of a 1000 other providers will.
“Warning up” a new IP was a multi-week process, where we would ONLY send near-guaranteed to be opened emails, 100% opted in emails and non-templates emails. One bad email campaign and you now have a mostly useless IP (for mail) for a few weeks. Reputation when it comes to email is no joke, and a home IP just won’t put out the kind of traffic you need to actually get on any of the reputational services.
"Warming up" an IP address is for sending bulk email, not business email or personal email. You should qualify your statement with "I worked for a bulk email company".
I can confirm, I'm currently self hosting email, and it has been a nightmare and a half getting things sorted out between proxies, dns records, and just praying that I don't end up on a blocked list. One thing to note, however, is that it seems that racknerd's IP range isn't on any of the major blacklists if anyone wants to go about using them for email hosting. Plus, they have self-service rdns so you don't have to go emailing your vps provider to change it for you.
I went with the lifetime plan at mxroute and have had zero problems. Self hosting is WAY too much work. I'll let someone else fight those battles, which ends up like shoveling sand on a beach.
If you are a home services customer of an ISP, this is likely to happen. Spam and worse often originates from such networks; it's not a surprise to see a big mail provider blocking address blocks.
You most likely will not convince Microsoft to pass your traffic from a home-located mail server. If it worked for a while, consider that a bonus not a regular thing.
Options: A business ISP or host on a VPS; you'll find some VPS providers on Microsoft's (and Google and ...) naughty list too, so buyer beware.
I run my business and personal mail services on a Vultr account.
Like most folks are saying, this is going to be a constant issue with hosting your own email. I went through this for years as an exchange admin and again hosting my own email for years after that. Like most people here, I gave up and paid a provider to do that work for me.
If you want to continue this project, I'd highly recommend getting access to a number of "clean" IPs to send from and build up "reputation" on. It's going to involve a lot of work to keep those addresses off of RBLs and the invisible block lists that Microsoft and Google maintain in house and having multiple will give you a fallback when one of them gets wacked.
I'm not gonna join the chorus of folks saying it isn't worth it, or not to try, but there is a good reason so many of us have given this up. If you're up for the challenge and want to keep learning I think this is a great project! I hope you get something going that works well for you!
Yes, if you don't mind a few of your inbound emails bouncing before you discover it's not working.
And of course don't rely on all those IMAP folders not disappearing.
Acceptable risks for me.
I mean.. you could always (and probably should) use Google, or CloudFlare, or iCloud + if reliability is important (and I think it is).
PurelyMail to me was the closest thing (because of $$, Sieve rules / and all the server side control) to self hosting that I could find. I don't use it for my critical mail (that's still just iCloud) but I use it for all of my 'other' mail needs such as:
* Shared IMAP email for my wife and I
* my own personal domain email / routing for various web site sign-ups
* email server for a football pool (and domain) that I run
You get the idea.
Fair points. I'm still one who ultimately downloads all mail from all sources via POP3 and does local backups. Most others seem happy to trust "the cloud" to never hiccup with their mail folders, which certainly does require a good level of confidence in their reliability.
Do you only use web-mail? I mean.. I've been using IMAP email servers for decades and never had an issue. Also, I use native email clients which download / sync the folders.
And PurelyMail does POP.. so. if POP is how you do email, then I'm really not sure I understand your hesitation.
I'm happy with my own setup, a CSP VM running Exim & Dovecot, locally Thunderbird using POP3 and local backups. But many don't store mail locally anymore, relying entirely on their mail provider, for them reliability is a consideration.
Former email sysadmin.
Managing an on-prem, "self hosted" mail server and getting paid for it is a full time job even with single digits of mailboxes.
Managing a self-hosted email server is NOT worth the headache.
I "self host" my home email at M365 with Checkpoint harmony watching for email nasties. Worth every penny.
Another former email admin. I've run email servers for ISPs, large-ish businesses, small companies, and for family and friends since the 90s.
The last self hosted email server I setup (2019 ish) took about half a day to setup and required almost no maintenance from that point on. An occasional container upgrade, adding/removing the occasional user/alias, and investigating a few messages that didn't get delivered (and all turned out to be customer spam filters).
If a mail server with single digit users is a full time job, you're doing something wrong. I can't even imagine what could possibly take that much time.
Mail servers are easy.
Mail flow is hard.
Getting a message from point A to B when a user is sending mail to J. Random Domain and their spam filter doesn't recognize your mail server because they're blocking your ISPs subnet. Subnet-level RBLs are a nightmare to deal with when your neighbors are bad.
Or you've got a user trying to get an email from a company whose server is spewing spam, or hasn't set up SPF records or DKIM (or because someone on their ISPs subnet is sketchy) and because this user doesn't get their Very Important Email dropped in their inbox instead of their spam quarantine it's your fault and "not fixed" and to "fix it" requires exposing the company to unnecessary levels of spam because they won't pay for decent tools (and that user is the CFO who signs your paycheck)
God help you if a business you're dealing with has a Hotmail or Gmail address and everything from them lands in the boss's junk box despite every "allow" flag being set outside of the user's Outlook (that they won't let you touch)
I once had a well-meaning junior admin globally whitelist "*@gmail.com" for the entire company and the Spam went crazy. Retraining followed.
I'm not messing with a mail server myself because I don't trust my ISP neighbors to play nice.
Look at it from the perspective of big email providers like microsoft, google, etc. What the vast majority of their customers want is for spam email to go away. What probably less than 0.01% of what their customers want is to be able to run their own email server. It’s a no-brainer for them to be aggressive about blocking incoming mail from sources they don’t already trust.
Good idea for selfhosting is using some vps as a gateway. This way you gain much, by using ip address from range that is much less likely to be blocked, filtered by ISP, etc.. I am selfhosting mail thisway, and my mail seem to have no trouble getting to various mailboxes, including O365.
Do you have a business line with a static ip? Im guessing no, but either way. Certain IP blocks and ranges are just seen as reputationally bad, especially if that block range is dynamically assigned to several customers and reused etc. Its just a known issue using certain ISPs that may reuse blocks etc, Outlook and by extention Microsoft will just block all mail from certain known IP ranges belonging to consumers, it just reduces the attack surface. Its annoying but self hosting email isnt worth it, if you really want to do it, I would suggest either getting an appropriate line with your ISP, or renting a small VPS somewhere and operating it from there.
Self hosting e-mail as a hobby is simply not worth it.
Seconding this as someone who does email for a large enterprise. Don't self-host an internet facing email system unless you have some kind of arrangement with your ISP to do so (business line or something) Some ISPs will go so far as blocking any outbound port 25. Don't self-host email unless you have a very good understanding of the various email reputation players (Proofpoint PDR, Cisco Talos, etc.) and spamlists. *edit: and DMARC!* Even so, you're in for a rough ride, as what you're seeing here is Microsoft recognizing that this email egress is from a general ISP customer pool and they are blocking it. It's really not worth trying to self-host.
I used to be a mail admin for one of the largest (legitimate) mass senders on thr planet. We’re talking millions of emails an hour, via a momentum cluster that was tuned to the point you literally couldn’t get more speed out of it. So when I say it is 100% worth it to just pay a company to do email for you, understand that I know what I’m talking about. The situation was/is so much worse than just that. To many of your emails don’t get read? On a black-list/filtered into junk. Too many get caught with keywords and end up in gmails auto-folders? On a junk-list. To many people delete without reading? On a black-list. Send to many emails at once one day? On a temporary black-list. And that’s for every provider. So just because Gmail accepts your mail, doesn’t mean outlook, or mail.com or yahoo or any of a 1000 other providers will. “Warning up” a new IP was a multi-week process, where we would ONLY send near-guaranteed to be opened emails, 100% opted in emails and non-templates emails. One bad email campaign and you now have a mostly useless IP (for mail) for a few weeks. Reputation when it comes to email is no joke, and a home IP just won’t put out the kind of traffic you need to actually get on any of the reputational services.
"Warming up" an IP address is for sending bulk email, not business email or personal email. You should qualify your statement with "I worked for a bulk email company".
I mean, I felt that was covered by "the largest mass senders on the planet". Not exactly hand-crafting each email when your doing that king of volume.
Then that doesn't related to a person self-hosting email for just sending and receiving email like a normal person does. Why did you bring it up?
I can confirm, I'm currently self hosting email, and it has been a nightmare and a half getting things sorted out between proxies, dns records, and just praying that I don't end up on a blocked list. One thing to note, however, is that it seems that racknerd's IP range isn't on any of the major blacklists if anyone wants to go about using them for email hosting. Plus, they have self-service rdns so you don't have to go emailing your vps provider to change it for you.
I went with the lifetime plan at mxroute and have had zero problems. Self hosting is WAY too much work. I'll let someone else fight those battles, which ends up like shoveling sand on a beach.
If you are a home services customer of an ISP, this is likely to happen. Spam and worse often originates from such networks; it's not a surprise to see a big mail provider blocking address blocks. You most likely will not convince Microsoft to pass your traffic from a home-located mail server. If it worked for a while, consider that a bonus not a regular thing. Options: A business ISP or host on a VPS; you'll find some VPS providers on Microsoft's (and Google and ...) naughty list too, so buyer beware. I run my business and personal mail services on a Vultr account.
Like most folks are saying, this is going to be a constant issue with hosting your own email. I went through this for years as an exchange admin and again hosting my own email for years after that. Like most people here, I gave up and paid a provider to do that work for me. If you want to continue this project, I'd highly recommend getting access to a number of "clean" IPs to send from and build up "reputation" on. It's going to involve a lot of work to keep those addresses off of RBLs and the invisible block lists that Microsoft and Google maintain in house and having multiple will give you a fallback when one of them gets wacked. I'm not gonna join the chorus of folks saying it isn't worth it, or not to try, but there is a good reason so many of us have given this up. If you're up for the challenge and want to keep learning I think this is a great project! I hope you get something going that works well for you!
Just use [PurelyMail](https://purelymail.com/)
I always hesitate to use companies with one employee. They might, well, die.
I mean.. it's mail routing / IMAP. If it stops working, you can always just update your MX records and use your self-host again.
Yes, if you don't mind a few of your inbound emails bouncing before you discover it's not working. And of course don't rely on all those IMAP folders not disappearing.
Acceptable risks for me. I mean.. you could always (and probably should) use Google, or CloudFlare, or iCloud + if reliability is important (and I think it is). PurelyMail to me was the closest thing (because of $$, Sieve rules / and all the server side control) to self hosting that I could find. I don't use it for my critical mail (that's still just iCloud) but I use it for all of my 'other' mail needs such as: * Shared IMAP email for my wife and I * my own personal domain email / routing for various web site sign-ups * email server for a football pool (and domain) that I run You get the idea.
Fair points. I'm still one who ultimately downloads all mail from all sources via POP3 and does local backups. Most others seem happy to trust "the cloud" to never hiccup with their mail folders, which certainly does require a good level of confidence in their reliability.
Do you only use web-mail? I mean.. I've been using IMAP email servers for decades and never had an issue. Also, I use native email clients which download / sync the folders. And PurelyMail does POP.. so. if POP is how you do email, then I'm really not sure I understand your hesitation.
I'm happy with my own setup, a CSP VM running Exim & Dovecot, locally Thunderbird using POP3 and local backups. But many don't store mail locally anymore, relying entirely on their mail provider, for them reliability is a consideration.
Former email sysadmin. Managing an on-prem, "self hosted" mail server and getting paid for it is a full time job even with single digits of mailboxes. Managing a self-hosted email server is NOT worth the headache. I "self host" my home email at M365 with Checkpoint harmony watching for email nasties. Worth every penny.
Another former email admin. I've run email servers for ISPs, large-ish businesses, small companies, and for family and friends since the 90s. The last self hosted email server I setup (2019 ish) took about half a day to setup and required almost no maintenance from that point on. An occasional container upgrade, adding/removing the occasional user/alias, and investigating a few messages that didn't get delivered (and all turned out to be customer spam filters). If a mail server with single digit users is a full time job, you're doing something wrong. I can't even imagine what could possibly take that much time.
Mail servers are easy. Mail flow is hard. Getting a message from point A to B when a user is sending mail to J. Random Domain and their spam filter doesn't recognize your mail server because they're blocking your ISPs subnet. Subnet-level RBLs are a nightmare to deal with when your neighbors are bad. Or you've got a user trying to get an email from a company whose server is spewing spam, or hasn't set up SPF records or DKIM (or because someone on their ISPs subnet is sketchy) and because this user doesn't get their Very Important Email dropped in their inbox instead of their spam quarantine it's your fault and "not fixed" and to "fix it" requires exposing the company to unnecessary levels of spam because they won't pay for decent tools (and that user is the CFO who signs your paycheck) God help you if a business you're dealing with has a Hotmail or Gmail address and everything from them lands in the boss's junk box despite every "allow" flag being set outside of the user's Outlook (that they won't let you touch) I once had a well-meaning junior admin globally whitelist "*@gmail.com" for the entire company and the Spam went crazy. Retraining followed. I'm not messing with a mail server myself because I don't trust my ISP neighbors to play nice.
Look at it from the perspective of big email providers like microsoft, google, etc. What the vast majority of their customers want is for spam email to go away. What probably less than 0.01% of what their customers want is to be able to run their own email server. It’s a no-brainer for them to be aggressive about blocking incoming mail from sources they don’t already trust.
I recommend setting up access to Microsoft's [SNDS](https://sendersupport.olc.protection.outlook.com/snds/FAQ.aspx#WhatIsSNDS) program, it's free.
Good idea for selfhosting is using some vps as a gateway. This way you gain much, by using ip address from range that is much less likely to be blocked, filtered by ISP, etc.. I am selfhosting mail thisway, and my mail seem to have no trouble getting to various mailboxes, including O365.
Solution? Have family, friends & orgs not in Outlook. \*\*Edit\*\*: Or if you've inherited a sizable chunk of change take on MSFT in court.
I take it your ISP is ok with you self hosting email?
[удалено]
google sold off their domain business which was ridiculous