Using cloudflare as a Reverse Proxy to get rDNS?

Hey there! I’m looking at the possibility of building a self hosted email server. While I already have a pretty good idea about the software stack I want to use (NixOS and simple-nixos-mailserver work apparently well enough, and are easy enough to configure), one of the big hurdles towards NOT being marked as spam is getting rDNS working (if you don’t know, DNS corresponds an address example.com to an IP 1.2.3.4, rDNS does the opposite, corresponding 1.2.3.4 to example.com). Now, getting my ISP to give me a fixed IP is fairly costly (15$ a month). My question is if using Cloudflare as a Reverse Proxy would give me what i want when it comes to rDNS, which is important if you want your emails not to be marked as spam.

Of what I know about spam detection is that rDNS isn’t as big as it once was. While having rDNS setup will help, SPF, DKIM and DMARC seem to be more in favor than before.
What many spam detectors are doing is using the “connection type” from GeoIP or checking the ASN for the IPs. If it’s “Cable/DSL” or some known value that marks an IP as residential, you won’t be even allowed to connect.
Also, getting an rDNS entry on a residential fixed IP might not be even a thing for your ISP. Cloudflare or another gateway service might be required if you want to host from home.

In my opinion, hosting a mail server as a hobby is a bad idea. You will be bombarded with connection tries. If just one gets through, you just helped another spammer get a fresh server. Unless you put an email gateway in front of that mail server, I wouldn’t want to put that onto the internet. I don’t know if Cloudflare provides any SMTP and IMAP protection.

1 Like

Regarding rDNS at home, it is likely, since my home is also a business, and I do have a business contract with my ISP. Secondly, wouldn’t fail2ban or some service of that sort be enough to block such abusive accesses? Besides, wouldn’t cloudflare’s DDOS protection manage that sort of attack?

Also, another option I do have is to use a VPS as a reverse proxy, which would come to a more bearable 5€ a month

1 Like

not sure if it helps but Wendell did a video (actually a series) on this

Another good food for thought on the mail server is confirming that your ISP is not blocking the ports you intend to use. I know a lot of ISP’s block 25, 465, 587, and even 2525 unless you have a business line.

oh no, it is not blocked, i already have an experimental version up and running hehe

1 Like

GitHub - stalwartlabs/mail-server: Secure & Modern All-in-One Mail Server (IMAP, JMAP, POP3, SMTP) seems like alot less pain but unless you’re able to monitor it daily it’s probably going to cause more issues than it solves…