Should I run my own MTA?

email email-server

Solution 1:

There should be no problems in doing it yourself, however, you need an experienced sysadmin, or a sysadmin willing to learn something new. It's not as easy as just running another daemon and opening a port in the firewall.

I run an MTA for personal projects on a VPS, and while you of course need high availability and be able to handle way more load, the general setup would be pretty much the same. Some general advice:

  • Be sure not end up with an open relay, you'll get blacklisted
  • Read up on how to avoid the dreaded spam folder
  • Make sure the correct MX records are in place
  • Use a subdomain for your send only MTA (mailer.example.com)
  • Use correct mail headers, from: and reply-to:
  • Use DKIM for signing mail (helps avoid spam also)

EDIT:

I forgot two important points (thanks symcbean):

  • SPF, to restrict mail from your domain to specific IP or ranges
  • Intelligent bounce handling; configured to talk to your mailing list app (removing dead addresses etc.)

Solution 2:

Unless your company is in the business of sending emails, then I would only look at this as a last resort.

There's a lot of companies out there that send bulk emails, so I'd be inclined to shop around (or re-negotiate fees) before investing time & resources into building up and supporting your own MTA solution.

Keeping a company agile and able to pivot is critical. Outsourcing non-critical services allows you to more easily accomplish this.

Having said that, if you are in the business of sending emails, then you absolutely should look at setting up your own MTA - though you might still want to look at hosting this on a VPS environment.

Solution 3:

Our own SysAdmin told us it is not difficult at all to have our own MTA, but I'm afraid he might have oversimplified this.

Either he is some kind of uber-geek, or he doesn't understand the problem.

Running an MTA is relatively simple. Running a MTA delivering a high-volume of bulk-emails while maintaining good deliverability is very, very complicated.

cvaldemar suggests using DKIM, however makes no mention of SPF (these are not mutually exclusive, however the latter has much higher rates of adoption). In addition to the points mentioned in that post, you also need to enable throttling by destination, intelligent bounce handling and pro-active list management (to avoid poor reputation for bounces).

Running a server on an address range assigned to you will gain a much higher rep than on a hosted server. The also simplifies the process of setting up PTR records (also boost your rep).

Running spamassassin internally will help you to identify problems earlier in the process.

Solution 4:

If you have the required experience, you can do it.

I suggest to not lose the emails, to start testing your new MTA with a small amount of emails. When you are satisfied, you can use it for all you emails.

Solution 5:

If you are doing that volume of email, I expect you have an automated system sending the email. Based on the amount of email you are generating, it appears that to some extent your are in the business of sending email. How important to your business is it that your email get delivered. If it is important, you need to get a good handle on how your email is handled. However you implement your solution you will want to ensure proper feedback so that:

  • you remove dead addresses;
  • you detect misconfiguration; and
  • you get notifications if you get added to a blacklist.

Setting up your own MTA is not that difficult, and once configured they tend to run with little maintenance. There are standards and conventions to be followed, and failure to follow them will hurt your ability to deliver mail reliably. Unfortunately, some of the organizations in the business of sending high volume mail for others don't follow them. Using a third party service may result in your mail being classified as spam.

I posted a rant on Running an Email Server aimed mainly at the uninformed. It explains a fair bit about what is involved in running an MTA. My Email Policy provides additional resources as do other postings I have done on Email.

For this kind of mailing consider using a dedicated sub-domain and server. The tuning for high volume bulk email may be significantly different from what you want for person-to-person email. Ensure that your accept and review email sent to the postmaster and abuse addresses. If you have invalid email addresses in your list(s) you may run into queue size issues initially. You can register your domain with many of the big volume mail hosting services like Gmail, Hotmail, etc.

EDIT: Running your own MTA for a service like this does not mean you need to run your own MX. Your MX (Mail Exchange) and MTA for regular correspondence can be handled by a third party. Use a dedicated sub-domain for handling bulk and/or automated email. Manage it according to your needs.

Related

192.168.1.x more exploitable?
IIS 7.5 - Disable Overlapped Recycle property not being obeyed when web.config is updated
Network Error: no buffer space available
Shinken - Anyone using it? [closed]
Ansible: Is it possible to "cat file" and export it's output to screen while playing a playbook and not as debug?
Problems with DNS propagation 10 days after a change was made
Turn on Home Computer Remotely [closed]
Can someone please explain easyrsa vars options for PKI generation
Zinc Whiskers in Data Centers
What does NT_STATUS_BAD_NETWORK_NAME mean in Samba?
Reliability of SSD vs HDD (Over large temperature variations)
Monitoring/controlling Intel Turbo Boost in Linux