Very much first and foremost, you need to check whether or not your ISP blocks the standard incoming mail ports (not uncommon, most ToS agreements you sign specify that you not run servers on a non-business account, for example, plus it helps cut down on zombie spam servers to some extent).
Next, you need to determine just what level of a mailsever you want: something simple all the way to something more complex that allows virtual accounts (i.e. you don't need a user account on the server to have an email address), webmail, the works.
The final, and most important thing to consider when exposing a server to the untamed internet is always making sure to lock down/secure the machine as much as possible (make sure to configure the services you want properly to avoid abuse, and lock out undesired services), approach security in layers (such that if one system fails, there's something to still protect your system) and make sure to keep the system updated to prevent abuse of known vulnerabilities.
That said, I've heard decent things about Citadel
(although you'll probably want to stick with a more popular distro such that it goes smoothly). Disclaimer:
I personally use postfix + dovecot + spamassasin + roundcube + mysql to get a fairly complex setup, used this
as a rough guide.