this post was submitted on 13 Dec 2023
8 points (78.6% liked)

Selfhosted

40329 readers
401 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hello everyone,

I am currently running a server with the Pterodactyl panel for various game servers, and it has been working great for several years. However, I would like to set up a system for Pterodactyl to send out password reset emails when necessary. I am considering using Mailcow on the same host specifically for this purpose. Currently, I am using an application named DDNS-Updater to automatically update all records on Cloudflare when my IP changes. While my IP doesn't change often, it can happen; it occurred once this year. Would this pose an issue for a mail server? If the emails end up in the spam folder, it is not a major concern since they are only password reset emails. However, it is crucial that the emails reach the intended recipients.

Thank you.

all 12 comments
sorted by: hot top controversial new old
[–] SeeJayEmm@lemmy.procrastinati.org 2 points 11 months ago* (last edited 11 months ago)

I'm in your situation and what I do is relay my email through Amazon SES. It's unlikely to get blacklisted and it's cheap. Costs me literally $0.01/mo to use.

On the inside I have a postfix server all the systems are configured to send through. The postfix server is set to relay all messages to SES. You also need to make sure that SES is configured in your domain SPF record.

EDIT: I just re-read your message. If all you're looking for is outbound email, mailcow is significant overkill. All you need is an MTA like postfix.

[–] nitrolife@rekabu.ru 1 points 11 months ago (1 children)

You need to create an MX record in the DNS zone of your domain. Something like:

@ IN MX 10 my.zome.
@ IN MX 20 server1.my.zome.

You can create 1 MX record or more. 10 and 20 server priority for input mails.

Then you need to create an spf record. There are several options here. For example

@ IN TXT "v=spf1 +a +mx -all"

allows you to send emails from A domain records, then from MX domain records and prohibits from all other hosts.

Theoretically, you can only create an SPF record with A but without MX and dont create MX DNS records. Although I have not tried this configuration.

This is the minimum set after which you will get into spam, but at least the letters will reach.

You also need to make a PTR record to avoid spam folder, but this is not possible on a dynamic IP.

[–] taladar@sh.itjust.works 1 points 11 months ago

If A and MX point to the same server you do not need the MX record.

Quite a few mail providers will also just blacklist all dynamic IPs in general.

I would recommend sending the mails via a smarthost (i.e. some authenticated SMTP connection).

[–] Max_P@lemmy.max-p.me 1 points 11 months ago

Given the answers given, I would suggest getting a cheap VPS that's gonna cost you like $5/mo but you know its IP will never change, and you can get the reputation to improve and become good whereas residential IPs are pretty much all blacklisted everywhere as 99% of emails coming from residential IPs is sent out by malware.

Any cheap VPS can handle email just fine on its own but you can also treat it as just an entry and exit of a VPN. So you can technically have your mail locally at home it's just gonna go through that VPS first before reaching your server, same for outgoing.

[–] angelsomething@lemmy.one 1 points 11 months ago* (last edited 11 months ago)

I also have mailcow behind a dynamic in. I wrote a script that updates my cloud flare dns entries as soon as it detects that the ip changed. https://github.com/tinkermesomething/scripts-stuff/blob/main/cloudflare_DNS_updater.sh

I then use online services to check if they’re likely to get marked as spam

[–] jason@xbdv.com 1 points 11 months ago

Just an FYI, zoho has a free tier with SMTP outgoing and 1 address that would work perfectly for this.

[–] cow@lemmy.world 1 points 11 months ago

IP changes are not your concern. It is likely that your ISP blocks outgoing port 25, you can check with nc gmail-smtp-in.l.google.com 25 and if you don't get any output its blocked. If you don't have very many users on your Pterodactyl server, I would suggest just using a gmail account with SMTP in pterodactyl. If you have port 25 unblocked and want to selfhost email, mailcow is a great option and really easy to set up.

[–] chiisana@lemmy.chiisana.net 1 points 11 months ago* (last edited 11 months ago) (1 children)

On incoming side of things:

In between your IP change, your script update your DNS record, and finally sender’s server gets the new IP address, you may lose emails coming to you. Most mail providers will eventually, at their chosen cadence and frequency, attempt to re-deliver the messages, so you might get them eventually on a delay. There is no way of knowing what you’re not missing in the event the sender’s server not retrying. Mails coming to you is delivered into folders per your configuration, and should not end up in spam because of your IP change.

On the outgoing side of things:

Every IP address has some reputation attached to it. Residential addresses tends to score lowly because of people getting virus/malware and become part of a bot net to spam. As you’ve got no control over the IP address you’d receive from your provider, there’s no guarantee if you will receive a clean IP or not. Worst case scenario here is you might end up with a blacklisted IP, and your mail never gets accepted (or silently discarded) by receiver’s mail server. You may also run into SPF record needing the IP address but you can probably get your DDNS script to update this as well or, maybe just use an A record.

If your intention is to receive emails, it might work, but you might miss a message or few.

If your intention is to send mails, it is cheaper and easier to just get a transactional mail provider and pay pennies per thousand mails, and never worry about it.

If your intention is to make a full fledged mail service with send and receive… it’s just not worth the hassle and headache.

[–] Max_P@lemmy.max-p.me 1 points 11 months ago

Potential problem on the incoming side as well is that if an SMTP server is running on whoever gets the old IP, they may accept the delivery and it may end up on someone else's catchall handler too. So not just delivery problems and potential delays lost mail, but it can also get successfully delivered to a completely unknown third-party.

[–] revv@lemmy.blahaj.zone 1 points 11 months ago

I use a wireguard tunnel and port forwarding from a vps to a mailinabox instance serving mail for my various domains. If you have your SPF/DKIM/rDNS set up correctly, it's not too bad with respect to management and mail delivery, plus you don't have to trust anyone with your data. As far as other mail servers are concerned, your VPS IP is the only IP they see. I pay $10/yr for the VPS

[–] Decronym@lemmy.decronym.xyz 1 points 11 months ago* (last edited 11 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
IP Internet Protocol
SMTP Simple Mail Transfer Protocol
VPN Virtual Private Network
VPS Virtual Private Server (opposed to shared hosting)

5 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.

[Thread #348 for this sub, first seen 13th Dec 2023, 16:35] [FAQ] [Full list] [Contact] [Source code]