1

So I have a small home lab and have decided to set up a CentOS email server (gotta keep learning). If I am taking the time and effort, I might as well use it for actual email, right? The question I have is, will this work without a static IP but using dynamic DNS? Just want some feedback from others as to how well this works, and if there are any other gotchas to look out for when setting this up. Thanks.

4 Spice ups
2

You can do this but check the rules as your ISP might not allow it.

Personally, the way I do it is to have a home network SMTP Server that works for everything internal and then anything external it smart hosts out of to my ISP’s email.

However, if you want to have email inbound to the server all you need to do is create an MX record for your domain with a higher priority that whatever you have now pointing to your current dynamic IP.

If you keep the existing MX record at a lower priority it’ll act as a secondary for when your IP changes but, when it changes, you’ll need to update that MX record again.

3

If your IP address is dynamic (without proper reverse lookup) you have a much expanded chance of having your outgoing mail be refused as well.

4

As the others have mentioned, you may have issues sending because of reverse lookups. One alternative is to contact your ISP and verify if your SMTP server can send your mail through them as a relay.

For inbound mail, you can use a dynamic dns client (do a quick search for dyndns) that will automatically update your IP. Next, point your MX record to the dynamic dns FQDN so that when an external sender sends you a message, it’ll know where to connect. This way you’re not always having to update your MX when the IP changes.

Regarding static IPs, you may consider contacting your ISP and see if they offer some sort of static IP range for cheap.

I have a home server up right now and my ISP only charges $5 a month extra for a range of 5 static IPs.

5

Hosting your own email can be a very rewarded experience from an educational perspective. But mostly because it will be so hard and problematic. Email is not one of those things that I would run from home (and I run nearly everything from home.) Email is only useful when it works reliably and that’s not something that you can do at home.

If you had a colo, then that would be different.

6

Howdy Scott, you have piqued my interest. Can we get some details why it would be unreliable from a home lab? (assuming you have a static ip)

7

Howdy Scott, you have piqued my interest. Can we get some details why it would be unreliable from a home lab? (assuming you have a static ip and business class internet)

8

Sure. Email, if you want to really use it, is complex because it is a communication medium that is peer to peer. So there is a lot of convention that is required. Having a static IP is pretty much a necessity because you need MX records to be working AND you need the ability to set your PTR record. This is only a convention, but one that is a de facto requirement.

For reliable email operations you need…

  • Reliable ISP - for home this would mean multiple ISPs, you don’t want mail not being delivered if your line goes down, how will the ISP reach you, how will you reach anyone? Remember that going to your cell phone 4G link will be useless because your email system is offline, not just your end point. This will impact everything that you do. No one can reach you, and you can’t reach out. You can switch to another email system that you don’t host, but we just defeated the point.
  • Reliable power - same as above. You don’t want an extended power outage making it look like your email address is dead.
  • Reliable hardware - ditto. All of this is very expensive to have at home.
  • Email AV and Spam filtering. You can do this on the cheap but you are bringing all of this into your home and then filtering. Your email load will be much higher than you expect. Normal businesses filter this outside their walls and keep this traffic off of their WAN. You’ll probably be unhappy with a free solution and will likely want something robust, and that’s expensive. You’ll either make do or spend too much.
  • Blacklisting - if you are not on one of the big email providers you risk uncontrolled, unstoppable blacklisting. There are tons of blacklists out there. Some are reasonable and will work with you, others only delist you if have deep pockets, famous lawyers and can do real damage to them. They can destroy your ability to send email on accident or they can do so to hold your email delivery capability for ransom. Either way, it means your email delivery isn’t reliable and there is nothing you can do about it, it’s not about technology, it’s about people being jerks.
  • You need to deal with things like Sender Policy Frameworks and DomainKeys Identified Mail or else you risk not having reliable email sending. Again, only by convention, not technically required. But sometimes a requirement for people to get your mail.
  • Your ISP may block your ports. Many ISPs disallow SMTP traffic. It’s just always a risk and can change over time.

Those are the basics. It’s basically a huge pain and you can never be totally sure that email will go through.

2 Spice ups
9

I would suggest going to a Icewarp, affordable easy to configure!

10

or run some stuff with AWS EC2 and SES so make sure you’re not blocked on the RBL’s as being a ‘home’ ip-address

11

Yes, going to enterprise hosting can help a lot. Although there are still caveats, but fewer of them.

12

Thanks Scott, that was pretty much what I was expecting to read.

1 Spice up
13

Great information as always. Thanks Scott

1 Spice up
14

No problem.