eForensics spam on FreeNAS email

[jgreco]

So would you only generate these email addresses for forums and other sites that you want access to or would you send them to people as well?

Hand them out to anyone you want. Personally, I feel that there are a lot of sites that try to extort an e-mail address out of you for no clearly justifiable reason, and a lot of scuzzy looking places that I wouldn't trust with more than two bits. You probably know both forums and people like that.

I'm just wondering what someones reaction would be if I gave them a strange looking address like that.

Is that your problem, though? You can feel free to explain it to them as "it's an address that bypasses all the spam filtering" or whatever if you wish.

Also, in terms of your personal setup, do you run your own mail server at home? If so, do you just have one email account on that server or multiple ones that you manage with this sort of setup?

No, the mail infrastructure here dates from back when we ran one of the three major UUCP e-mail exchanges in the area and still handles e-mail for a bunch of people. A lot of it is simply forwarding service these days to maintain legacy e-mail addresses.

From a technical point of view, I've architected a generic rewrite rule for the subdomain to simply forward to a single e-mail address. This happens at the inbound mail exchanger level which is the correct location to do this in our architecture; normally mail goes from inbound-MX to spam-filtering to mail-spool. That's architectural complexity that doesn't usually exist for a personal mail server, but fortunately there are alternative ways to implement it.

I'm also curious about what you use as an email server.

Sendmail still does most of the heavy lifting around here, though Postfix has proven to be more adept at front-ending for IMAP/POP delivery. None of it is really all that user-friendly, but they really don't make out-of-the-box solutions that work for the service provider environment.

You might want to see if you can find a more current version of what's at http://www.postfixvirtual.net/ ... the general idea is ideal for a small server but some of the specifics are a little off, especially with more current versions of software. This is a great strategy to put together some solid packages that when assembled can be fairly flexible ... and would allow you to host mail for friends and family as well, if you wished.

When my ESXi build is up and running (still trying to figure out an acceptable cooling solution for this case) one of the VMs I would like to build would be an email server. I was considering Zimbra so I can use it with my blackberry and have access to the email account through https. I have also been trying to figure out the best way to get around my jerk ISP's refusal to give me a static IP address. Any thoughts on these matters would be great. Let me know if you want me to start my own thread but I've been wanting to pick your brain for a while and now seems as good a chance as any.

Well, personally I do not want to rely on random services I have no control over, otherwise I'd say that there's a bunch of dynamic DNS services. Since we have our own DNS infrastructure, any dynamic clients we need to have floating around are able to update their address using a hook in the dhclient system plus a script to update our dynamic master here.

The real problem with running your own services is that we've made it wicked hard on IPv4 to do so. Back in the day, the UUCP hub we ran here connected directly to dozens (and indirectly to maybe hundreds?) of other sites, passing mail back and forth for thousands of users. But as the ISP's and then the freemail services took over, the centralized monolithic model of sending e-mail to yourlogin@their.domain.name came into vogue, which on one hand eliminated some complexity and failure modes but on the other hand pretty much locked you in - you no longer had control of your own UUCP node name. It was perhaps a reasonable tradeoff in the days of nonpersistent dial-up connections, but now with always-on broadband connections, ... well, it's still a bit complicated but I think the NSA is very happy that they can tap a small number of major operations in order to get visibility into a large percentage of the world's e-mail.

 

[KMR]

Very interesting. I'm certainly willing to pay a nominal fee to obtain the ability to run my own email server (and other services), but my ISP requires me to upgrade to a business package to get a static IP which comes along with a 500% reduction in speed and a 200% increase in price. Not a good trade off in my opinion. Companies like no-ip seem to have decent offerings for people locked into a dynamic IP address that bypass the blocked port 25 and the like. There are only two ISP companies around here and neither one offer static IP addresses to residential customers so I am SOL as far as that is concerned although I recognize that it is the best option.