Mail server on separate box

[m1ne]

Hey all.

Performing a server move shortly, and I'm wondering about putting the mail server on a separate box. Probably some low end vps.
Has anyone done this? What did you do? I'm thinking maybe mailinabox would work nicely.
I send about 15,000 emails a month through Mandrill, so this should benefit me a lot.

Thanks!

 

[rdn]

mailinabox

I am using this with Vultr also $5 plan.

 

[m1ne]

I am using this with Vultr also $5 plan.

Any settings to change main server side?

 

[rdn]

Just use SMTP.

 

[WSWD]

Mandrill/Mailchimp really is a good option. The problem with low end VPSs, is that a large portion of the low end companies have blacklisted blocks of IPs, etc. In fact some of their entire ASNs are blocked. I know many, many companies (ourselves included) who completely block Vultr, Digital Ocean, anything ColoCrossing, etc., because their networks (due to price) are largely used for crap...outgoing attacks, phishing, spam, etc. So good luck actually getting your mail delivered.

Mailchimp and similar (I'm guessing that's what you're using with Mandrill?) are really good at eliminating garbage, and thus keep clean IPs.

 

[m1ne]

Yep, I've been using Mandrill for years now. If I were to use a separate server, I'd probably go with OVH in Canada (main server is in Georgia).

 

[eva2000]

Amazon SES for me forum smtp emails

 

[Kintaro]

Mandrill/Mailchimp really is a good option. The problem with low end VPSs, is that a large portion of the low end companies have blacklisted blocks of IPs, etc. In fact some of their entire ASNs are blocked. I know many, many companies (ourselves included) who completely block Vultr, Digital Ocean, anything ColoCrossing, etc., because their networks (due to price) are largely used for crap...outgoing attacks, phishing, spam, etc. So good luck actually getting your mail delivered.

Mailchimp and similar (I'm guessing that's what you're using with Mandrill?) are really good at eliminating garbage, and thus keep clean IPs.

even if the server is well configured?
I'm thinking on going to a OVH little VPS to send email with https://mailinabox.email/ to save some $ (not too much) do you think is a bad idea? I'm only adding complexity?

 

[Mouth]

save some $

Amazon SES for me

Cheaper to use SES than get your own VPS, even low-end $5-$10 per month boxes.
I'm currently sending ~30k emails per month, which is only $3.

 

[rdn]

little VPS to send email with https://mailinabox.email/ to save some $

This is ideal if you have plenty of domains, you want to use with it .
Saves a lot.

 

[Kintaro]

This is ideal if you have plenty of domains, you want to use with it .
Saves a lot.

exacltly! ...and there's no problem in sharing IP, right?

 

[EQnoble]

even if the server is well configured?
I'm thinking on going to a OVH little VPS to send email with https://mailinabox.email/ to save some $ (not too much) do you think is a bad idea? I'm only adding complexity?

OVH is run by a bunch of criminals, please let me know the names of your sites so I can be sure to never visit them if you are indeed using OVH. That said you can guess what I think of the idea of using them for a mail server.

 

[WSWD]

even if the server is well configured?
I'm thinking on going to a OVH little VPS to send email with https://mailinabox.email/ to save some $ (not too much) do you think is a bad idea? I'm only adding complexity?

The server being configured well or not configured well is not the issue here. The OP talked of putting this mail server on a low-end VPS provider. That is what becomes the issue. Most low-end companies (OVH included) have their entire IP space blocked by all sorts of folks, ISPs included. So the chances of the emails being blocked and not delivered is much greater.

 

[Kintaro]

OVH is run by a bunch of criminals, please let me know the names of your sites so I can be sure to never visit them if you are indeed using OVH. That said you can guess what I think of the idea of using them for a mail server.

Wow!

 

[TPerry]

The server being configured well or not configured well is not the issue here. The OP talked of putting this mail server on a low-end VPS provider. That is what becomes the issue. Most low-end companies (OVH included) have their entire IP space blocked by all sorts of folks, ISPs included. So the chances of the emails being blocked and not delivered is much greater.

If one is blocking entire CIDR's because they belong to OVH, then that's pretty much foolish. I guess they do the same with QuadraNet, ServerComplete, GetDedi and others of that price range.
Now, if one is talking low price VPS's or KimSufi/SoYouStart I can see that (but even some of the SYS dedi's are in the price range that the abusers typically won't purchase them - but their address pool comes out of the same one).
Luckily all my assigned IP's check clean all blacklist checks I've performed. I have as many issues from some of the "big name" providers range on intrusion attempts as I do the "low-end" companies.

 

[EQnoble]

Wow!

That was my response when I asked them about suspicious activity with my server on a level only they and myself had access to and in response they terminated my server and tried to keep my money after not only blaming the problems with my server on me, but also blaming me for activity on a server that I had previously canceled with them which for some reason they left active even though it was completely out of my control and supposedly wiped (which I was blamed for in the email they sent to me telling me that they were robbing me).

This was OVH in Canada (by the way if you ever call them watch out for the sneaky people in CS who will ask you for your root login even though they have an interface that they need not know your password for and where all their activity is monitored and logged.) and for what I assume was in the name of protecting themselves from their corporate bosses in Europe they banned me from all communication which was sent up the pipeline and that kept me from engaging in constructive conversation with their counterparts in Europe.

After showing the evidence, the recorded phone call of their rep trying to social my root, the dates, bills, screenshots etc...the person on the phone from my CC company laughed and they issued me a refund.

 

[rdn]

I have 10+ servers from OVH and I don't have any problems sending emails.
I'm also using mailinabox.email.

 

[WSWD]

If one is blocking entire CIDR's because they belong to OVH, then that's pretty much foolish.

Not foolish at all. You block where the spam is coming from. Hell, OVH is #9 on the current SpamHaus list (https://www.spamhaus.org/statistics/networks/) and that's actually pretty low for them. They are usually near the top.

So really, it's foolish to NOT block them, honestly.

[EDIT] And it isn't just spam. It's botnets, exploits, and everything else that comes from their network too. Sorry, not interested.

 

[TPerry]

So really, it's foolish to NOT block them, honestly.

[EDIT] And it isn't just spam. It's botnets, exploits, and everything else that comes from their network too. Sorry, not interested.

Isn't that exactly what the black lists are to be used for? To blanket block entire CIDR's due to 67 reports IS foolish IMHO.
CSF has several lists built in and it's easy enough to add more to it.... and I'm MORE than sure that the high end hardware has similar ability.

• Spamhaus Extended DROP List (EDROP)
  
• Spamhaus Don't Route Or Peer List (DROP)
  
• DShield.org Recommended Block List
• TOR Exit Nodes List
• Alternative TOR Exit Nodes List
• BOGON list
• Project Honey Pot Directory of Dictionary Attacker IPs
• C.I. Army Malicious IP List
• BruteForceBlocker IP List
• OpenBL.org 30 day List
• Autoshun Shun List
• MaxMind GeoIP Anonymous Proxies
• Blocklist.de

I guess if you don't mind cutting off entire swathes of the internet (also known as cutting off your nose to spite your face) then blocking entire CIDR ranges works.

 

[WSWD]

I guess if you don't mind cutting off entire swathes of the internet (also known as cutting off your nose to spite your face) then blocking entire CIDR ranges works.

I don't mind doing it at all. Since blocking OVH, ColoCrossing, and several others, the loads on my servers have literally been cut in half. Spam has dropped to almost 0. Well worth it, IMO.