I guess i have frickeled a working mailserver setup now.


Next up: Stop everything on the old server, transfer 9GB of mail to the new server, then switch over MX records.

Then, watch everything explode.

So far, nothing has exploded. OK, i guess?

rspamd seems to work, mails are getting tagged as spam/greylisted, viruses are being rejected

But ... do i want to block hosts with no valid PTR record from sending me mails?

I'd assume only spammers use hosts without PTR!?

@franzi Do you (and others reading this) know about `dsync`?
It's integrated into Dovecot and does near-realtime incremental master-master synchronisation of email and Sieve filters between two Dovecot instances. Also useful for one-off copying for migrations like this.

@voidptr TIL, thanks.

Though I just rsync-ed the maildir over, which worked fine.

@franzi - yeah, made the switch from Spamassassin to rspamd lately as well. Didn't regret it so far.

Only downside:
- no munin plugin yet for rspamd (at least I haven't found one)
- Roundcube has no rspamd plugin as it has for SA, so that users could config their own settings.

@franzi at least they did a year ago.

When I was running my own mail server, I bounced everything without a valid PTR, no problems except Microsoft

@franzi Microsoft, I guess. They just don't care

@morre @franzi also ich hab seit Jahren ein reject_unknown_client_hostname drin und keinerlei Probleme.

@leah @franzi spannend. Ich auch nicht, ich hab keinen Microsoft-Account.

@franzi United Internet also has hosts without valid ptr. It's a pain in the ass to debug it, since some of their servers have one.

@franzi In IPv4 environments, reject_unknown_client_hostname usually works fine.

I'm thinking about enabling IPv6 mail reception on my mailserver, but there I believe I need to disable it, because PTR records in IPv6 are somewhat scarce. And I'm not yet sure if I should disable it globally or try some hack to disable it only for IPv6.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!