I use Postfix, Dovecot, SpamAssassin, CrowdSec , Let's Encrypt on Ubuntu 22.04 with 4 domain names running on an AWS t4g.micro. I've done this since about mid 2015 (seems a lot longer somehow). I've tried to configure DNS, DKIM, DMARC etc correctly. I think the entire setup is at least mostly right, though I'm sure it can still be improved.
To make it do what I want, the mail configuration is a bit complicated. Well it is for me, doing it once every 2+ years and forgetting most of how it all works in the meantime. Presumably it's not complicated compared to large-scale setups or for people who do this as their main job.
Upgrading the OS every 2+ years is a pain, because there tend to be quite a few configuration file changes in the new OS, sometimes different software packages, I have to review everything well enough to understand it, then merge my own changes from the previous setup. And in fact the last time I tried the upgrade failed anyway, I don't know why. Very possibly nothing to do with my mail setup though.
So I've concluded that for OS upgrades it's probably as quick to install on a new VM and reconfigure everything from scratch. That takes me me about a day in total, working from my bad notes, comparing the old and new systems, copying data files etc. Which does not seem like a good way to do things, but it does mean I end up with a clean installation. Also I've been able to switch the underlying VM, so now I'm on the allegedly faster/cheaper ARM instead of Intel architecture. That would not have been possible otherwise, because the OS and application software binaries are different for the different architecture. Also the underlying SSDs are the newest types, and the latest ones are allegedly faster/cheaper.
I have seriously considered trying to script the setup or updates somehow. But I think there are enough changes in the OS between upgrades that for a single system it's just not worthwhile. I'd have to review and fix the scripts, then run them once, then not use them for another 2+ years. Plus learn the tool (Ansible?). Plus I would guess some of my configuration changes are not common so I'd probably be writing custom stuff for the tool as well.
And... I almost never have problems with it. As far as I know mail is sent and received reliably, and for years the server almost never went down. More recently it did hang a few times, though I don't know why. But I suspect it was because the wimpy VM just gets overloaded sometimes. It's not easy to find the reason though, and I didn't want to spend much time on it. Also since that happened I've upgraded from Ubuntu 20.04, and for whatever reasons, it's been fine so far.
Whether this is all worthwhile or not I'm not really sure nowadays. Originally for me it was to learn about the mail software, also because some software I wrote for an older project did a lot with email, so I had a kind of professional interest. Also I wanted to use my own domains and be independent of an ISP. Plus I sometimes use the VM for other things, such as a rarely used OpenVPN server in the past, replaced with Wireguard now. Also technical experiments sometimes. And if I could think of anything worthwhile to have on a website I would use it for that.
But if you just wanted easy and cheap email with your own domain(s), I think the best way could be a "traditional" hosting service. Compared to what I'm doing, you could get far better performance, storage space, bandwidth, backups, reliability, maybe security, everything else. And probably more cheaply, with near zero time and effort and hassle, and without having to be try to be a biennial mail configuration expert. Plus if there were any problems the hosting company would fix them, or provide support for you.
So for most people I think it's difficult to justify running your own mail server. There'd have to be some specific reason. Which might just be that you want to!
This is not a bad idea, though i would guess that if these guys change IPs, then it will be annoying to spend your time sneding emails, etc. But, then i thought: why not automate this with some simple scripts? You have al;ready outlined your recipe, so simply automate the steps...But the more i thought of the automation around this, you need to be creful not to turn into a "spammer of sorts, constantly sending emails...certainly, you wouild be sending legitimate emails, but if they change their IPs more often, that might trigger your automatiomn more often, somewhat turning you into a mild "spammer", right? :-) I'm not suggesting you abandon your apporoach, but simply to remember to not overdo it with big scale of emails sent out. ;-)
Aha, some more good ideas there! But you're right, there's tradeoffs and dependencies and uncertainties throughout, so it's not easy to even guess in advance what would work or be worthwhile. Plus as you say there could be negative consequences from a kind of arms-race, with the solution becoming a problem in itself.
It's not the same thing, but I'm reminded now of email in the past, when you would usually get an undeliverable message if something went wrong. But later that was almost entirely stopped - because of spam. Massive volumes of spam was sent from forged addresses, and much of it led to those replies. So that made things worse by doubling the volume, plus the innocents whose addresses had been forged got deluges of confusing undeliverable messages!
I think you're right in that changing IPs would be easy for them. But, changing hosts would be significantly more work and hassle. So if the abuse reporting worked, that could have much more of an impact...
I have almost no experience of this, and nothing recent, so I don't know. But I'm not surprised at what you say, given the amount of abusive stuff that happens online nowadays.
Ah yes... Those stories we read where even a hint of a DCMA request results in a takedown, so that the host avoids the legal risk. That could be extremely effective in this case?!
Lots of great ideas here.
A slight variation or emphasis on some: Specifically aim to advertise your own site on the other one. While you can anyway.
Free advertising to their (should be your) audience, in return for what they're doing...
Seems fair!
