It’s been two months since I am running a mail server. I worked on a beautiful UI like SendGrid and MailGun for more than six months. I plan to start a transactional email service.

I bought a range and rented another /24 range because I didn’t want to have a bad neighbour on the subnet. I even got my own ASN because jerks like UCEProtect often put big ISPs on a blacklist at the ASN level.

Of course, I have got a decent experience with this. I wrote my own SMTP server, email routing, and other things such as bounce and suppression handling. In a sense, everything is fine. RDNS, DKIM, DMARC, and SPF.

I know that IP needs to warm up, so that’s where I started. I paid for a few services to help me warm up, and it took me about two months to do so. Okay so far. The email was delivered 100% of the time to Gmail, but not at all to Yahoo and Outlook. The delivery rate to these two companies started to get better around last week, though. Some IP addresses started getting a 100% delivery rate.

Then, I started testing my service on one of my websites. Of course, 100% transactional emails with account confirmation links ONLY. It was working great. Nearly 2,000 emails, 3,000+ opens and about 2,500 clicks daily on an average.

I’ve also subscribed to Glock Apps and MXToolbox to measure my email deliverability and monitor IPs.

Just today, I received an email with all half of my active IP addresses and sending/tracking domain blacklisted by Spamhaus. They categorize it under “spam domain”, but I looked through my server logs (yes, everything is logged) and found no evidence of spam. Only transactional and warmup emails sent. I opened a ticket with Spamhaus and refuse to unblock my IP addresses and domains.

I spent 6 months and $20,000+ working on this, only to be butchered by Spamhaus. I want to kill myself. How can Spamhaus be the police, judge and the executioner?

  • CAP_NET_ADMIN@alien.topB
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    This has been going on for at least a decade, I’m not really sure how you can spend half a year and 20k doing something without stumbling upon countless examples of the same behaviour from Spamhaus & Co.

    Sorry that this happened to you.

    • RedWyvv@alien.topOPB
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      I was really confident that I could maintain a good, positive IP reputation which I did. Until I got banned randomly.

      The software that I built has features to combat end-user spam:

      1. Hourly Limit
      2. Spam Filter
      3. LLM-based Spam Filter (runs every 5,000 emails)
      4. Account Approval (where every user and their use case is verified by having a small chat with them first)
      • CAP_NET_ADMIN@alien.topB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        At my previous workplace we were hosting separate email servers for each customer on their own, private application instance. One of our clients was a national postal service from Europe, their corporate side forced them to use the highest notification frequency they could configure in our software upon all users.

        After some time, their IT started reporting our IP address to various spam lists and they even sent abuse report to AWS. It was fun…

        At least for me, I always made sure to never touch anything email-related, that’s how you become the “email guy”.

  • SchindlersIgnoreList@alien.topB
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Haha. UCEProtect are biggest cunts who ask for money for whitelisting. We tend to ignore them.

    Did you ask spamhaus for headers of email IDs they marked as spam? Or did they give any reason?

    Also, who is using your service?

    • RedWyvv@alien.topOPB
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      They did not provide any reason and just mentioned that they are unable to remove the block at the moment. Now, my replies are being ignored.

      Only I am using the service (warmup + transactional emails sent through my other site) right now. I haven’t started selling the service to others yet.

        • RedWyvv@alien.topOPB
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Basically, services like Folderly run their own private network of email addresses (on G Suite). Their service opens and interacts with emails, simulating real user behavior, to test and improve email deliverability and sender reputation.

          • Le_Vagabond@alien.topB
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            snake oil, basically. you’re hoping very hard Google doesn’t detect their service and just ignore it or worse.

            • RedWyvv@alien.topOPB
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Yeah, it’s a bit hard to say whether they work or not. This is why I added my own website with real users interacting with confirmation emails

              • jayn35@alien.topB
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                Some warmup services are better then others due to pool size and esp distro. I really good one that has worked for me for long is smartlead a popular cold email tool with a big pool and unlimited warming in its small cheap plan. Some Tools like folderly are smaller and newer and don’t work as well. Smartlead also has a much more stealth warmer nails that isn’t obvious with stupid big footprints like code ls in the subject line that are easy to detect (for use with rules and moving those emails to other folders). Make sure to set a good reply rate percentage, replies are critical to email rep

  • ferrybig@alien.topB
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Spamhaus is the worst for filtering mails, I used to have their DNS based block list as a factor for my incoming mail spa filtering, but they started to say a whole bunch of other mail servers were sending spam.

    I had to remove that factor from my incoming mail filters, as it wasn’t effective anyway. (For filtering incoming mail, the filter that seems the most effective at blocking spammers is just sleeping for 2 seconds at the start of a connection, and then blocking any client that has send any bytes to the server, if they haven’t send any bytes, just send the hello message)

    • CompetitiveYam6697@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah. This is why I gave up and started using mailgun for both sending and receiving email. I just set up gmail as an inbox

    • jonne@infosec.pub
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Isn’t Spamhaus basically a protection racket, like Yelp and the BBB? Either way, email is messed up, I do everything to avoid having to deal with it myself after having to deal with running a mail server for a while, and things have only gotten worse.

  • fediverser@alien.top
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    This post is an automated archive from a submission made on /r/selfhosted, powered by Fediverser software running on alien.top. Responses to this submission will not be seen by the original author until they claim ownership of their alien.top account. Please consider reaching out to them let them know about this post and help them migrate to Lemmy.

    Lemmy users: you are still very much encouraged to participate in the discussion. There are still many other subscribers on [email protected] that can benefit from your contribution and join in the conversation.

    Reddit users: you can also join the fediverse right away by getting by visiting https://portal.alien.top. If you are looking for a Reddit alternative made for and by an independent community, check out Fediverser.

  • unixuser011@alien.topB
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    jerks like UCEProtect often put big ISPs on a blacklist at the ASN level.

    yea, just ignore them, no one major uses them & even if you do everything right, they still blacklist you, it’s such a scam and the guy running it is a major dick nozzle

    https://uceprotect.wtf/

    • kuzared@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Honestly, I think this is something people in this community would find very useful. We often get questions regarding self-hosting email, and this specific post really shows why it can be so frustrating.

  • git@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I’m with you. I hosted my own mail server for about five years before giving up, and it irritates me when folks say it’s not that bad.

    Even with perfect DKIM and DMARC configurations, spam filter lists would add me silently and repeatedly, and I’d frequently have to go through their processes to remove my domain. Then Google would sometimes start treating me as spam too, or outright deny email delivery, requiring some tweak or another to enable delivery.

    It was a constant battle, one in which you don’t always know when you’re losing since nobody reaches out to tell you when you’ve been blocked. It was exhausting.

    Giving up and moving to Proton was a sad moment. I really wanted to stay as limited as possible in my dependence on other tech companies, but email just wasn’t reasonable for me at all.

  • NMCMXIII@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    i used to run my own and conract theae comoanies every few month. as long as you told them whats up theyd unban.

    yes it sucks and it is what it is. they always ban just because your range isnt gmail or isp basically.