Re: home server for email box

To: debian-user@lists.debian.org
Subject: Re: home server for email box
From: Yassine Chaouche <a.chaouche@algerian-radio.dz>
Date: Sun, 12 Mar 2023 12:13:54 +0100
Message-id: <[🔎] 212c555c-a718-fe53-556d-63953c845b56@algerian-radio.dz>
In-reply-to: <[🔎] ZAsYGbYCLwpC67xM@tuxteam.de>
References: <1700539476.531935.1678444177593.JavaMail.yahoo.ref@mail.yahoo.co.jp> <[🔎] 1700539476.531935.1678444177593.JavaMail.yahoo@mail.yahoo.co.jp> <[🔎] ZAsOJcbNrwyKzA55@phare.normalesup.org> <[🔎] ZAsYGbYCLwpC67xM@tuxteam.de>

Le 3/10/23 à 12:44, tomas@tuxteam.de a écrit :

On Fri, Mar 10, 2023 at 12:01:57PM +0100, Nicolas George wrote:

pyh@ymail.ne.jp (12023-03-10):

Can I setup a mail server (postfix, dovecot, dkim, rspamd etc) on this box to receive/send email normally?


Probably not: ISP declare IP blocks attributed to clients as “domestic”
and a lot of important e-mail operators block them.


It makes sense to check for that. But having a static routable IP
is a strong hint that it could work.

Have you more details for that "declaration" you hint at? How is
an IP "declared" as "domestic"?


If your IP is listed in the PBL,
then your ISP has declared it as domestic
(not supposed to send mail)

I use a simple bash function to know if an IP is listed or not in spamhaus ZEN list.

function net.ip.reverse(){ local IFS; IFS=.; set -- $1; echo $4.$3.$2.$1; }

function net.ip.reputation(){
    revip=$(net.ip.reverse "$1")
    results=$(dig +short $revip.zen.spamhaus.org)
    [[ -z $results ]] && (echo "clean"; return 0)
    for result in $results
    do
        case "$result" in
            127.0.0.2)
                echo "SBL : SPAM sender"
                ;;
            127.0.0.3)
                echo "CSS : snowshoe"
                ;;
            127.0.0.[4-7])
                echo "XBL/CBL: trojans, exploits"
                ;;
            127.0.0.1[01])
                echo "PBL(ISP) : not supposed to send mail"
                ;;
        esac
    done
    return 1
}

Beware that this function doesn't work if you use an open resolver like 8.8.8.8/8.8.4.4.
If you don't have your own DNS server setup,
you can try with OpenDNS servers
(208.67.222.222/208.67.220.220)

You can use the OpenDNS resolver by changing this line:
    results=$(dig +short $revip.zen.spamhaus.org 208.67.222.222)

Some examples:

root@messagerie-principale[10.10.10.19] ~ # mail.spam.report | grep -o $REGX_IP | sort | uniq | head -3 | while read IP; do echo $IP; net.ip.reputation $IP; done;
101.43.66.163
XBL/CBL: trojans, exploits
102.152.254.85
XBL/CBL: trojans, exploits
PBL(ISP) : not supposed to send mail
103.132.168.165
XBL/CBL: trojans, exploits
PBL(ISP) : not supposed to send mail
root@messagerie-principale[10.10.10.19] ~ #

Best,

--
yassine -- sysadm
+213-779 06 06 23
http://about.me/ychaouche
Looking for side gigs.

Reply to:

Follow-Ups:
- Re: home server for email box
  - From: Greg Wooledge <greg@wooledge.org>

References:
- home server for email box
  - From: pyh@ymail.ne.jp
- Re: home server for email box
  - From: Nicolas George <george@nsup.org>
- Re: home server for email box
  - From: <tomas@tuxteam.de>

Prev by Date: Re: debian 12 broken login when switching virtual console
Next by Date: Re: debian 12 installers
Previous by thread: Re: home server for email box
Next by thread: Re: home server for email box
Index(es):
- Date
- Thread