Looking for a guide to collect all e-mail from the ISP mail server
R. Diez
rdiezmail-2006 at yahoo.de
Mon Oct 26 00:25:26 EET 2020
> You need SPF and DKIM for your outgoing email to be accepted.
> [...]
I don't understand why that is the case (but keep in mind that I am a newbie).
Is it not possible to set up some internal SMTP server that only relies the e-mails to the external ISP SMTP server? The internal SMTP server would
then act like a normal user's Thunderbird.
At first I tought that the internal SMTP server would need to know the password for each mailbox user. But then I asked, and the ISP SMTP server
allegedly accepts any source e-mail address, as long as you are using one e-mail account that is valid in the domain. I wonder if that is standard
practice.
> My idea of a secure email server is to use submission port 587.
> Expose port 25 to the world and aggressively filter all remaining
> email ports with a firewall. And I mean aggressive. Geographically filter
> so only countries where youe users reside can send and retrieve email.
> Block major hosting IP space.
Geo blocking can be problematic. Depending on the small business, some customers and suppliers may sit in China or some other geographical area you
would normally block.
I am too afraid, I would not expose any such port on the Internet. Who knows if the mail server stays months without an update. If I am to recommend
or implement any such mail server solution to a small business, I would insist that the e-mail server is not exposed at all on the Internet.
A web interface etc. is not a problem: I just connect with a VPN and bypass most external security issues. If you are the admin, you can also forward
the web interface over an SSH connection.
Best regards,
rdiez
More information about the dovecot
mailing list