Cyberuben said:
Hi,
I'm trying to find out a way to set up a standalone mailserver. I have multiple domains protected by cloudflare and for security reasons I do not have MX-records set up to my webserver as it makes my IP easily 'findable'. Currently I'm looking for a way to send my emails from a server that is NOT my webserver, though, in my full control.
I've googled for email hosting, so an external mail server that I can use, but all of these hostings only allow one domain per hosting plan. Since I host more than just one domain, this could become quite valuable.
What I'm trying to achieve is setting up a server that accepts mail and sends mail (IMAP and SMTP), using any software that works. The server should hide my personal IP from being sent through the headers (Google Apps only hides your IP when sending using your browser, not through email software).
The most important part is that I need my server to send mail as if it is not spam. I had several cases where mails from my domain had to be removed from the junk list because it was classed as spam, and since I am planning to send mails with important information, though not classified, I'd like my mail to just show up in people's mailbox without having to state that it might show up in their junk.
If there are any tutorials, I'm sorry, I couldn't find any.
Ruben
I'm a little bit confused.
You have a web server, presumably with some public facing sites hosted on it. Yet you're afraid of its IP being discovered?
Where is this server hosted?
Where is your mail server going to be hosted? As far as mail goes, you're pretty much restricted to commercial data centers. Many ISPs will not allow port 25 traffic on their network that is not destined to or originating from their own mail servers, and running one may be in violation of your ISPs terms of service.
If the IP of the mail server is dynamic, give up now.
Setting up a functioning mail server that won't have its deliveries flagged as spam requires very high level control over the DNS, rDNS, and IP routing. Most receiving mail servers will perform an nslookup on the hostname of the sending mail server to see if the sender's IP matches an A record in the host's domain's DNS zone. It will then perform an rDNS lookup to see if the hostname matches a PTR record of the originating IP in the rDNS zone. If either record is missing, the mail will usually be discarded as this may indicate a fraudulent message not sent by a legitimate mail server. The server will then look for an SPF record for the domain to which the sender belongs (not necessarily the domain to which the mail server belongs) to see if the mail server is authorized to send mail on behalf of that domain. SPF records are critical to preventing domains from being impersonated by malicious senders. Finally, it is highly recommended to setup DKIM/DomainKey which allows the sending mail server to digitally sign the outbound mail with a private key whose public counterpart is located in a DNS record.
I hope that this helps a bit.