@yarmo on Fosstodon has written his latest #100DaysToOffload post (and his previous one) on how to self-host email, and whether you should. I've had my own email related hassle today so thought I would rant a bit. This rant has been done by many people on the internet before me, and will be repeated countless times in future... but I think it's an important topic.
https://yarmo.eu/blog/selfhost-email-drawbacks
The state of email in 2020 is a disaster if you value the concept of an open and decentralized internet. If you are one of the majority of people who uses GMail / Outlook, or you host your own domain through GSuite, Office365 etc. then it'll probably seem like everything is fine, because your email will usually hop between these internet behemoths without issue. None of the big players can afford to mess with email from the others - it's just too high a proportion of the messages. The problem is, though, that the modern centralized nature of email on these few dominant services, plus the concept of server reputation and punative filtering against small fish (who may have done nothing wrong), has broken what email used to be - something you could confidently host yourself pretty straightforwardly. It's also not even the case that you can trust less mainstream commerical providers to be trouble-free.
There are two sides to the email story, sending and receiving, and each can cause headaches. I have two domains that I use. The first is my 'main' domain that I rely on and mail is provided there by Zoho - a paid service. The second is my home lab / internet 'play' domain, and I host my own mail services there using some [NetBSD VMs from Vultr running Postfix and Dovecot. My wife and I have been having some trouble with missing email lately, so I did some experiments sending and receiving to/from these domains and major email services such as GMail, Outlook, iCloud. Both my Zoho and self-hosted domains are setup with DNSSEC, SPF, DKIM, DMARC... acronyms that are related to the ever more complex ways to instruct mail servers that an email that you send from the proper source for a domain is something that should really be trusted.
If I *send* email to/from any combination of *GMail, Outlook, iCloud* accounts it always works. Those accounts can always reach my parents' email inbox too. No surpises there as the big players all trust eachother. I don't want to use ad supported services though, nor pay these particular corporations who are fastidiously working to centralize as much as they can.
If I *send* from my *Zoho* account it does reach GMail, Outlook, iCloud, and my self-hosted domain without issue. Evidently GMail, Outlook, iCloud trust Zoho enough. My self-hosted domain is configured, at present, to accept every well formed delivery request.
If I *send* from my *self-hosted* account it does reach GMail, Outlook, iCloud. This was not always the case. I've filled in some forms, and sent email over the course of a few months to build up a reputation that my IP address is okay to trust. Some email ends up in spam, in GMail particularly, but most things which look like normal email are fine now. Outlook and GMail are reasonable in the error codes they return at SMTP time, and do have processes in place to follow, which are annoying but at least documented. iCloud, which used to silently drop things (well documented on Apple's forums), seems a bit better recently - I started to see errors at SMTP time that include links to a reputation service that does have a form to request a review, and I can now deliver to iCloud without issue.
My *self-hosted* domain has no issues *sending* to my parents... it seems it is more trusted at their end than Zoho... which is surprising.
This all shows a situation where, if I don't want to use the big services like GMail, email can be an unpredictable business on the sending and receiving ends of things. I'm doing everything technically right here too... all the buzz word technologies are setup and I can see that they are working in mail headers, audit logs etc. It also highlights a big advantage of self-hosting a mail service, even if sender reputation is a problem - if you self-host you *always* know from your logs if you received an email, or why an email sent to you was rejected (since your settings rejected it!). My self-hosted domain is a refuge for receipt. If somone is having trouble getting through to me, I can give them that address and be confident they will get through, or I'll know why they don't!
I will end up opening an issue with Zoho support now to find out why they are 425'ing my self-hosted mail... and trying to find out more about how my parents' email is being routed. My parents have a custom domain too - and I'm not sure what service they use behind that, nor why it doesn't like some email from Zoho, but is fine with my self-hosted stuff!
Many years ago, before SPF, DKIM, DMARC, I administered a server for a university student union which hosted many accounts, mailing lists etc. Email then was much easier... deliverability was never an issue. Admittedly spam was much more hassle and SPF etc. do help combat this. I can't help feel, though, that the opaque reputation policies and other stuff used these days in the name of avoiding spam have made email much more of a headache than it should be.