Best Practices for Running Your Own Email Server

Plesk Premium Email, powered by Kolab lets you become your own mail service provider in a few easy steps. It’s like creating a personal Gmail service, one that you control from top to bottom. Running the mail server allows you to store your own email, access the mail server’s logs, and access the raw email files in a user’s mailbox. 

However, one key concern when running your own mail server is email deliverability. Without being able to effectively reach your customer base, you cannot do business. So, how do you ensure your emails do not end up as spam?

It’s important to follow common rules and best practices when operating a mail server to guarantee your emails always reach their destination. In this quick guide, we’ll walk you through a few things to consider, to make sure that your emails always end up where you intend.

Reputation Management

Much of email delivery depends on your reputation, which is attached to your IPs and domains.

Please note that there might be different types of setups where you can either influence these things or not:

• If you’re running your own server (or VPS – virtual private server) or a bunch of servers with Plesk for shared hosting with WHMCS, you have full influence and control about the following settings.
• If you’re an end customer or reseller of a service provider or hoster using Plesk, unfortunately only your hosting provider can do these modifications for you. In case you want to regain control of your environments, it’s time to move your shared hosting account to your own VPS!
• If you run Plesk on one of the hyperscale cloud providers such as DigitalOcean, Linode, AWS/Lightsail, Azure, or Google, your default email / SMTP (Port 25 or not) might be blocked on the infrastructure level. If that’s the case, you might need to contact their support to unblock it. In addition, also check that you’re receiving a reverse DNS entry for your IP that is required for operating an email server properly.

The two key-factors that we can influence are:

1. Ensure other servers can distinguish between genuine email coming from your server and spam coming from other servers, pretending to come from your server. If you don’t, a spammer can burn your hard-earned reputation while delivering their spam.

You can ensure this by enabling DKIM/DMARC and SPF protection in Plesk under “Server-Wide Mail Settings”.

2. Ensure your server does not send spam. While less of a problem if you don’t allow for public sign-ups, it is important to maintain vigilance against spammers on your own systems, otherwise your reputation will be impacted. If a spammer can gain illegitimate access to an account on your system, your reputation can be severely damaged.

To address these points you should:

• Use Plesk Premium Email to protect yourself against Cross-Site Request Forgery attacks that can be used to gain access to accounts.
• Maintain good password hygiene.
• Protect all your domains with valid TLS certificates.
• Use Plesk Email Security for outbound anti-spam and anti-virus:

• Use rate limitations on outbound email. This is especially important in shared hosting environments where multiple customers or domains are sharing the same IP. So you can avoid IP reputation issues if one of your customers is making problems. And avoid that one customer is impacting others. 

Finally, there are factors that we can’t completely control:

• The age of your domain will affect your reputation; a very new domain will always have a lower reputation.
• If you share your IP(s) with other people on the same system, you share part of their reputation. This is for example the case if you have only a shared hosting or reseller account of shared hosting companies.
• And in case you want to be in a better shape, we highly recommend that you run your own VPS/VM. You might also want to check your IP address that you get from your provider against its reputation before you take your server into production.

By following these guidelines you can successfully run your own email server, and be confident that your emails will arrive unscathed at their intended destination.

Further Measures

• Set a maximum message size for outbound email. Most email services have a limit on the message size, and you should make sure that you are not sending messages larger than that limit. A good standard default is 35 MB.

• Require authentication for mail relays to keep an attacker from abusing your mail server.

Review Your Work

As your business continues to grow, it’s important to ensure your messages are delivered to the intended inboxes as planned. MxToolbox helps you check your deliverability. You can head over to MxToolbox and check if your system is set-up correctly.