Hello. Let’s say I want to selfhost an email server (smtp + imap) that only will be used to receive email.

I only will send email internally (from my domain to my domain) and receive from 3rd parties.

Should I setup DKIM, DMARC, SPF and reverse IP lookup?

To be honest, I’m having a bit of hard time understanding the madness of email authentication. So I can’t figure it out by myself if those mechanisms are needed in my case.

I haven’t deployed anything, but probably will use Stalwart. It looks like it’s easy to deploy. Is there any other beginner-friendly email service I should read about?

Thanks!

  • taladar@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    9
    ·
    10 months ago

    I would also set up SPF to disallow all IPs to send mail for that domain in case some system supports SPF but not DMARC.

    • vsis@feddit.clOP
      link
      fedilink
      English
      arrow-up
      7
      ·
      10 months ago

      Thanks to both of you.

      I had the hope that DMARC, SPF and DKIM was stuff I could just ignore if not sending email. It seems I was wrong about that.

      • taladar@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        6
        ·
        10 months ago

        Those three are really not all that complicated, basically (apart from DKIM which you can ignore when not sending) they are just a couple of TXT DNS records you need to set once for your domain. Even if you were using DKIM it is just a keypair you generate and then put the public key into a DNS TXT record and configure your mail server to use the private key.