I have a raspberry pi running postfix. I Realised unless I open port 25 I absolutely cannot receive emails (I have 587 open and can send but not receive them). However I heard there are scaries online which someone could potentially send emails from your server without consent. I believe as well my ISP doesn’t block port 25. Is there anything I should do right now before opening port 25, or should everything be safe enough?
friends dont let friends host email. its just become too top heavy (complexity-wise) if you want it to be fully functional and secure.
How can I have reliable email that I can control, then?
Buy your own domain name and put it in front of someone else’s service. This is going to be a ton of work to do correctly and you’re unlikely to be able to host it out of your house.
Also, something you’re running off a Raspberry Pi in your house is not going to meet most definitions of ‘reliable’.
What “someone else’s service” would you recommend?
Personally I’d probably go with MS hosted exchange or a Google business account. If you don’t trust those entities I’ve heard good things about ProtonMail - I imagine they have some kind of business solution.
Google and MS are the entities you’d definitely want to keep your data away from, no thanks. And Proton doesn’t work with normal mail clients, which is kind of a dealbreaker. I remember seeing a comparison chart somewhere with an assortment of other services.
There’s mailbox.org for example
Mango mail, porkbun, proton mail
Each does a slightly different niche.
Mango is cheap, but limits outbound mail. Porkbun has a good all-around mail service, bit is a little more costly. Proton is very secure, but can be inconvenient for export (though it can be done, it requires purchase of a month of business service to export away from them).
If you own your domain name, then you can use any email service and still have control over it and move around if needed.
100% agreed. It’s well worth outsourcing to someone else for $10/mo versus the amount of work it takes to do it well unless you’re a large business.
I’d make this argument for DNS too - a lot of work for how easy it is to pay someone else to handle it.