Just because you cannot setup a mail-server correctly, i have installed 100's of email-server (2022) from AWS to Hetzner to Vultr andandand. Yes your random static ip can deliver reliable email IF you have:
And your IP was never on a blocklist before it was allocated to you. And your domain name doesn’t get blocked for being too algorithmic looking according to the spam ML model. And your domain is old enough not to get greylisted. And not too many of your users get reported as spam. And your domain isn’t in .ru or .cn. And your netblock isn’t accidentally put into those regions in maxmind.
>domain name doesn’t get blocked for being too algorithmic looking according to the spam ML model
Check your domain on your own SpamD/Spamassasin but i never had that problem.
>And your domain is old enough not to get greylisted
Everything is greylisted at first contact, email servers don't know how "old" a domain is.
>And not too many of your users get reported as spam.
Yes you can be a spam-bot too, that's why you check your outgoing emails for spam too and limit the recipients and mail frequency outside your domain.
>And your domain isn’t in .ru or .cn
That's another problem, i talk about technical stuff and not political ones, if your recipient don't want Chinese mails than this is your (or his) (non-)problem, that's a human problem.
>And your netblock isn’t accidentally put into those regions in maxmind.
ah yeah, because I just want to do trial and error until I maybe find an IP that isn't flagged. fwiw, several VPS providers will keep the same IP assigned to you if you just create a new VPS after deleting the old one.
> Everything is greylisted at first contact, email servers don't know how "old" a domain is.
just because your mail server doesn't know that it doesn't mean no mail server does. see for example https://spameatingmonkey.com/services, which provides reputation lists for recently registered domains.
right, because it's totally up to them to ensure some third party that provides PAID services has their data set correct? this is the responsibility of maxmind, not the VPS provider's.
from the earlier comment:
> Site-verification for gmail/microsoft
yeah, if you want to send emails, just go to the 5 biggest providers and submit to their "voluntary" programs to reduce the likelihood of getting marked as spam by them.
People have pointed out numerous factors to you that are beyond one's control - including your control - and your response continues to be to deflect and to rudely deride their abilities. What exactly are you trying to establish? Everyone is just pretending that email is difficult?
I don't think it's difficult, in the sense in which network security, or compiler design, or composing orchestral music are difficult. It can be complicated, because there are a lot of moving parts. And because your service is going to deal with many other services that are not under your control, and which you probably never heard of, there are submerged rocks that you can stub your toe on.
If you get your ducks lined up first (good domain, clean hosting etc.), then setting up a mailserver can be pretty much a cookie-cutter exercise. There are practical challenges, but no part of setting up a mailserver is technically hard.
How? It means I have a reasonable idea of the complexity involved. Sure, "too much" is a subjective term, but .. look around, there really aren't all that many people doing it any more, just like everyone bemoans the movement of blogs to social media.
I still have the domain, because it's also too much hassle to change an email address which you've used in a lot of places, it's just delegated to a small ISP to run the actual MTA.
> That's another problem, i talk about technical stuff and not political ones, if your recipient don't want Chinese mails than this is your (or his) (non-)problem, that's a human problem
The problem is that a recipient my want Chinese emails, but an operator of an anti-spam system may not know this and just block the whole country using GeoIP and TLD block as a poor-man anti-spam measure. Geo filters IMHO are overused but end users often have no easy way to communicate their problems to whoever sets such filters. In a largish company a user who suspects that emails addressed to him are blocked for no good reason will have to raise a ticket with company's IT which then in turn will have to raise a ticket with a vendor and in a month if a user is lucky the problem will be resolved by which time a sender will either find another way to communicate or will give up. And a user needs to know that someone have unsuccessfully tried to send him an email he wants to receive in a first place.
Yeah look if your spam operator just blocks a whole ip bkock because he dosent know better...change that system. If he thinks blocking a tld is a good idea fire him/it.
My point was that the fact anyone needs to do any of those things means a developer can't randomly put any address they want into PHP's mail() function (without telling anyone) and expect it to work.
There's no point accusing me of not being able to do things here - I've run my share of mail servers.
In terms of source vs. destination, they already said "from" so that's taken care of.
When it comes to "from any sender you like" vs. "from any address you like", I'd be more likely to interpret the former as talking about the username. Which would be the wrong interpretation. So I think your suggested wording would be unhelpful.
"Sure it can, if you configure it correctly." implies that doing it correctly is basically always possible.
If you are trying to imply that, it's reasonable to counter-argue that no, it's not always possible. It's not some easy "sure it can".
If you're not trying to imply that, then you're burying the lede and hiding the important part of the equation. The ability to do things correctly is not going to fix the problem.
> Your random VPS can just send email from any address you like and expect it to be delivered.
You're response backs up the parent's point, that a lot of developers don't realise that you have to do all those things to stand any chance of reliable email delivery.
Too many people think you can just slap a mail server on a VPS and expect it to be able to reliably deliver mail.
Oh boy. I just set up my company a few months back, unfortunately I never had to go into email too much, so I didn't set up DKIM/SPF/DMARC. Then I started receiving emails from my own domain, I panicked because spoooofingg (read with spooky voice) and set up all three. I was bashed for an entire week with reports from all major email services with DMARC reports.
Fortunately I still only have a couple clients so no one was the wiser.
UPDATE: It ended up in a simple scare, nothing was affected and I'm not in any list that I know of, in case you're wondering
All true until it comes to outlook.com and your sent mail just vanishes without any error. It just accepts the mail but doesn't deliver. Not in Inbox, not in Junk.
-Static IP (4 and 6)
-Correct Reverse DNS for IP4 and 6
-Correct Hostname
-Site-verification for gmail/microsoft
-DMARK
-DKIM
-SPF for IP4 and 6