Caving and switching to Amazon SES
For almost 7 years I have run my own email server sending and receiving emails on it's own IP address. A few years ago I switched to Digital Ocean as a VPS to reduce deliverability issues, recently the IP block I was in got blacklisted by zen.spamhaus. The age of my 100% independent email server is now over.
Big players make it hard for small servers
As outlined with this blog post Google is eating out email and the resulting discussion on Hacker News the big players appear to have no interest following the standard rules when it comes to emails. All the tools are designed for big users, Google and Microsofts's postmaster tools don't even register any statistics for a domain unless your sending over 200 emails a day.
Unfortunately we find ourselves in the same position when it comes to something as simple as an SMTP relay service. If you search online for what an SMTP relay is you will only see the marketing material that claims it is a tool for large marketers to deliver massive volumes of emails into the inbox of their customers. Not what it actually is, a forwarding service that allows multiple email servers to send from one IP address to outsource reputation management.
Clearly the main advantage of an SMTP relay should be small time servers can pool together to achieve the volume the big players want to see to be able to judge if your emails are "worthy" of being treated fairly.
Imagine my frustration when trying to find any service that directly caters to this and finding that they don't appear to exist. It's all pitched as a service for marketing email delivery, if you're not sending thousands of emails you are not the target market anymore.
Can I use Mailgun for my personal email address?
It’s not recommended.
There are plenty of hosted email services better suited for this than Mailgun; Rackspace Email, Gmail / Google Apps, Outlook, etc.
Mailgun is meant to be a tool for developers and their applications.
Fair enough if you don't have a personal email server but if you have a server used by a family? Not clear. Then when you do sign up for any SMTP service they ask for your Business name, website and business use.
In the end as I technically have donations listed on the about page of this blog I simply used that and the Transactional emails from my Nextcloud instance as a sample of what I would be sending.
Getting out of the sandbox was a thing
I initially tried signing up for SendGrid but they immediately lock new accounts and you have to contact support to even login, let alone send an email. So after they straight up ignored what I wrote in the support email I signed up with AWS then immediately discovered that even though I could log in and set things up I was isolated in a sandbox not allowed to play with the other children.
Even though when signing up I selected an Individual account for side projects they still wanted a business use. After I finished banging my head against the desk I submitted what info I could. After four emails where among other things I updated my Privacy policy page to include Opt-in/out language, I was denied.
We reviewed your request and determined that your use of Amazon SES could have a negative impact on our service. We are denying this request to prevent other Amazon SES customers from experiencing interruptions in service.
There was one chance. In the correspondence they asked very specifically
How do you handle bounces and complaints?
Given they appeared to be concerned with negative service impacts I discovered a method of Automating handling this based on this xenforo plugin. Using Node-red as an endpoint I can receive a notification of a bounce/complaint and shut down the server for manual review.
Informing Amazon of this change was enough to get through the bureaucratic hurdles .
Making the switch was easy at least
Thankfully this was the least of my issues. First I created an SMTP identity in AWS, added that to my postfix postfix-relaymap.cf
and postfix-sasl-password.cf
as outlined in docker-mailserver documentation. Add the Amazon domain key, SPF record and CNAME records for DKIM and I was off to the races.
Comments