What do you mean by, “…a lot of the things you don’t know yet will get you into big trouble…”?
cybervegan@lemmy.world 2 days ago
I’d suggest you start with a simple static web server if you’re looking for a good beginner project. Use something like Nginx, and just set it up on your local network at first, then work out how to harden it, and open it up to the real internet. There’s a lot less to learn for this usage case, and it’s less likely to get you into trouble.
I say that, because, after reading through the thread, it seems you are hoping to find an (educational) use for an old computer. I did Linux and Unix admin professionally for 15 years, for some famous brands. I would NOT recommend setting up a mail server as a first project - it’s complex in ways you will never expect, and will require learning skills and knowledge that are very specific and you literally can’t “start small and build up” because a lot of the things you don’t know yet will get you into big trouble. Essentially, it’s not too hard to set up the server software, and your hardware is certainly capable of running this task, but making it safe and secure IS hard these days - especially with all the encryption and anti-spam setups you have to learn how to do.
bleustenns@lemmy.ml 1 day ago
cybervegan@lemmy.world 20 hours ago
The list is immense, and I didn’t want to clutter my post with all the details. So just listing off things that spring to mind (because I don’t know what OP doesn’t know):
- Choosing an MTA - sendmail, postfix, exim, etc. and why you might choose one over the others
- Firewall settings
- Software/package management on your chosen distro
- Learning about DNS:
- Host it - yourself via BIND
- Or via a DNS service provider
- DNS record types
- Domains
- Subdomains
- A records/CNAMEs
- MX records
- Mail authority records - SPF’s
- Mail encryption records - DKIM
- Spam filtering, anti-virus
- Learning how to configure your MTA, which requires learning:
- the configuration file language your MTA uses
- what all the options mean and what they do
- what the bare minimum options are to get up and running
- how to make sure your configuration is secure and won’t be exploitable by bad actors
- how mail really gets delivered
- how to setup secure smtp
- how to set up SPFs
- troubleshooting why GMAIL or Microsoft won’t accept your mail
- troubleshooting why GMAIL or Microsoft have stopped accepting your mail
- dealing with blacklists/greylists when someone sends too many messages, or something that "looks too spammy"
- Mail hosting pitfalls
- Being an open relay
- Rate limiting
- Reputation management
- Vulnerabilities that let a hacker take over your server
- Resource management - disk, memory, processes, queues, etc.
- Downtime when you need to do updates
- Downtime if you change your DNS configuration
I’ve definitely missed some stuff, and each of those things requires knowing other stuff too, so you can see that it’s really a pretty deep subject. This is precisely why not many people self-host email themselves these days - the big guys have made it harder and harder to do so, in the name of eradicating spam, which they themselves are the biggest vectors for.
Corkyskog@sh.itjust.works 1 day ago
Just curious how bad it would be without anti-spam these days?
cybervegan@lemmy.world 19 hours ago
Well, it depends what you call spam, how well known your server is (are your email addresses spread far and wide on the web or only known to a couple of people) but a lot of spam is automated and algorithmic, so most servers will be showered with speculative mail addressed to likely mailboxes - which your server still has to process, if only to bounce the message; if you have antispam measures, your server can just drop the connection when it detects a spammy sender (e.g. from an address on a black or greylist). I’m not currently running any mail servers, but a few years back when I did, I used to get about 80% spam incoming.
forestbeasts@pawb.social 20 hours ago
Honestly, not all that bad. A lot of the spam is just the stuff from companies we gave our email, y’know, the usual.
There’s the occasional spam/scam email, every few days at most, but it’s pretty ignorable.
(we did set up rspamd purely for DKIM signing, and it might be filtering our inbound email, I don’t know.)
bigkahuna1986@lemmy.ml 1 day ago
I ran an open smtp server for an experiment. Most of the email it got was more like probes than traditional spam.