Sebastian Nielsen
2020-Oct-26 04:51 UTC
SV: Looking for a guide to collect all e-mail from the ISP mail server
>> why not just point them at a hosting service like google apps, and letgoogle keep things up to date? Costs money, and also the problem is that gmail imposes heavy spam filters and "reputation blocks" meaning smaller providers with low email volumes, are put in the spam folder, even if they never send spam, just because their email volume is so low (ergo, they must prove they don't spam before getting out of ispam folder) Another thing is that you cannot impose IP restrictions when using Google Apps, or have SSO with trusted access from inside the office. (for example - scan your badge at the office door, your personal computer is automatically logged on and you get access to everything). With locally hosted servers, of course you have to keep them updated. Most linux distributions can keep them updated automatically. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5715 bytes Desc: S/MIME Cryptographic Signature URL: <https://dovecot.org/pipermail/dovecot/attachments/20201026/3026ce11/attachment-0001.p7s>
Peter Blair
2020-Oct-26 07:25 UTC
Looking for a guide to collect all e-mail from the ISP mail server
At 26 October, 2020 Sebastian Nielsen wrote:> > >> why not just point them at a hosting service like google apps, and let > google keep things up to date?Oh they most certainly do :)> Costs money, and also the problem is that gmail imposes heavy spam filters > and "reputation blocks" meaning smaller providers with low email volumes, > are put in the spam folder, even if they never send spam, just because their > email volume is so low (ergo, they must prove they don't spam before getting > out of ispam folder)OP is trying to come up with a solution to handle transactional email within members of the office and some vendors/clients, not bulk email like you're describing. As for "costs money", well everything in life does. You can't get a branch office's email system setup for free.> Another thing is that you cannot impose IP restrictions when using Google > Apps, or have SSO with trusted access from inside the office. (for example - > scan your badge at the office door, your personal computer is automatically > logged on and you get access to everything).Eh, sure -- I suppose if the country you're operating in doesn't have open communications with google ( https://transparencyreport.google.com/traffic/overview ) then yeah, you're gonna have a hard time. But this seems like a stretch for an argument against using a hosting provider.> With locally hosted servers, of course you have to keep them updated. Most > linux distributions can keep them updated automatically.My question was directed at OP as it sounded like they were coming in to set something up once then moving on in life. I wouldn't say that _any_ major linux distro updates automatically. Rolling OS distros like arch are constantly getting wedged and requiring a bit of manual attention to nudge things along. Distros like fedora can sorta kinda run with a `dnf upgrade` happening in a cron if you like to... I guess. Maybe something like RHEL can be set and forgotten, but if you're paying for a RHEL license then you're likely not going to abandon the host.
Marc Roos
2020-Oct-26 08:06 UTC
SV: Looking for a guide to collect all e-mail from the ISP mail server
> and also the problem is that gmail imposes heavy spam filters and"reputation blocks"> meaning smaller providers with low email volumes, are put in the spamfolder, even if> they never send spam, just because their email volume is so low (ergo,they must> prove they don't spam before getting out of ispam folder)How do you know that?
Sebastian Nielsen
2020-Oct-26 08:32 UTC
SV: SV: Looking for a guide to collect all e-mail from the ISP mail server
Because when I email to friends that are using gmail, my mail ends up in spam unless my friends put me in whitelist. Seems to vary however, and seems to get better with time. -----Ursprungligt meddelande----- Fr?n: dovecot-bounces at dovecot.org <dovecot-bounces at dovecot.org> F?r Marc Roos Skickat: den 26 oktober 2020 09:07 Till: dovecot <dovecot at dovecot.org>; sebastian <sebastian at sebbe.eu> ?mne: RE: SV: Looking for a guide to collect all e-mail from the ISP mail server> and also the problem is that gmail imposes heavy spam filters and"reputation blocks"> meaning smaller providers with low email volumes, are put in the spamfolder, even if> they never send spam, just because their email volume is so low (ergo,they must> prove they don't spam before getting out of ispam folder)How do you know that? -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5715 bytes Desc: S/MIME Cryptographic Signature URL: <https://dovecot.org/pipermail/dovecot/attachments/20201026/b29f8017/attachment-0001.p7s>
lists
2020-Oct-26 09:08 UTC
SV: Looking for a guide to collect all e-mail from the ISP mail server
I have no problems with Gmail from Digital Ocean. But I have both spf, DKIM, DMARC and a reverse pointer. You need to not look spammy. One advantage to using a VPS is your IP is unique. That is you don't share it with a spammer. Not so with hosted services. ? Original Message ? From: M.Roos at f1-outsourcing.eu Sent: October 26, 2020 1:06 AM To: dovecot at dovecot.org; sebastian at sebbe.eu Subject: RE: SV: Looking for a guide to collect all e-mail from the ISP mail server> and also the problem is that gmail imposes heavy spam filters and"reputation blocks"> meaning smaller providers with low email volumes, are put in the spamfolder, even if> they never send spam, just because their email volume is so low (ergo,they must> prove they don't spam before getting out of ispam folder)How do you know that?
@lbutlr
2020-Oct-27 15:02 UTC
Looking for a guide to collect all e-mail from the ISP mail server
On 25 Oct 2020, at 22:51, Sebastian Nielsen <sebastian at sebbe.eu> wrote:>>> why not just point them at a hosting service like google apps, and let >> google keep things up to date? > > Costs money,Yes. That is a *good* thing. Running an unmaintained mail server is a BAD thing.> and also the problem is that gmail imposes heavy spam filters > and "reputation blocks" meaning smaller providers with low email volumes,I think you are confusing gmail and google apps (or whatever it is called now, seems to change all the time).> Another thing is that you cannot impose IP restrictions when using Google > Apps, or have SSO with trusted access from inside the office. (for example - > scan your badge at the office door, your personal computer is automatically > logged on and you get access to everything).Wow. That sounds sooooooper not secure.> With locally hosted servers, of course you have to keep them updated. Most > linux distributions can keep them updated automatically.You cannot keep a mail server automatically updated, sorry. That is a fantasy. You can either spend money on someone know knows what they are doing in-house (more secure, more control, more money), or you can spend money on outsourcing someone who knows what they are doing (less money). The other option involves a pair of smoking boots and a crater and I do not recommend it. -- Nothing like grilling a kosher dog over human hair to bring out the subtle flavors.
Sebastian Nielsen
2020-Oct-27 15:25 UTC
SV: Looking for a guide to collect all e-mail from the ISP mail server
>> Running an unmaintained mail server is a BAD thing.Of course. You maintain it.>>I think you are confusing gmail and google apps (or whatever it is callednow, seems to change all the time). Google apps uses the same restrictions. What I recall, you can disable SPF and DKIM checks for trusted sources, but you cannot disable reputation checks.>>Wow. That sounds sooooooper not secure.How? Of course, you must have some sort of secure communication between the access controller system, and the system that manages logins for the computers and such. Then when you scan the badge at your personal office space (where only you have access), the access controller tells the system to automatically logon the computer. Another way is to have a RFID card reader where you put the badge to login computer, and remove badge to logout. Also a easy and secure system, but requires lots of integration work if you want to use it with third-party services. If you have own in-house servers, you can just tell those servers to check on-the-fly with the access control system if there is a valid card on the reader before giving computer X access to account Y - making it secure, since you can then not tamper with anything to bypass the auth check - the server, which is located in secure space, formally asks the access controller "master", which is also located in secure space, if user X is authenticated at reader Y.>>You cannot keep a mail server automatically updated, sorry. That is afantasy. You can. Ubuntu have packages with mail servers automatically updated. However, sometimes manual intervention is required to change the config when some security holes appear that cannot be resolved with patches. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5715 bytes Desc: S/MIME Cryptographic Signature URL: <https://dovecot.org/pipermail/dovecot/attachments/20201027/6a3e53ed/attachment.p7s>
Possibly Parallel Threads
- SV: Looking for a guide to collect all e-mail from the ISP mail server
- SV: Looking for a guide to collect all e-mail from the ISP mail server
- SV: SV: Looking for a guide to collect all e-mail from the ISP mail server
- SV: SV: Looking for a guide to collect all e-mail from the ISP mail server
- SV: SV: Looking for a guide to collect all e-mail from the ISP mail server