I have a raspberry pi running postfix. I Realised unless I open port 25 I absolutely cannot receive emails (I have 587 open and can send but not receive them). However I heard there are scaries online which someone could potentially send emails from your server without consent. I believe as well my ISP doesn’t block port 25. Is there anything I should do right now before opening port 25, or should everything be safe enough?
Don’t do that
Hi, I recommend you read the book “Run Your Own Mail Server”. The fact that a book exists for this topic is all the proof you need to not do this decision. But if you absolutely must, this is the way.
IMHO a RasPi is just not reliable enough. Your internet connection is just not reliable enough. You are going to lose some of your incoming mail and NOT notice it, unless you have somebody who hosts a secondary MX for your domain.
Chances are also that it’s not powerful enough when some of these automated attacks come knocking.
If you follow the ISPMail guide at https://workaround.org/ you’ll be safe.
I heard there are scaries online which someone could potentially send emails from your server without consent
That’s called an open relay and websites like https://mxtoolbox.com/diagnostic.aspx can test for it.
Either way your biggest issue won’t be that, if you’re running on a residential internet connection the IP is already flagged as such and will have a very low reputation with other e-mail providers causing Microsoft, Google and any other large provider will simply refuse your email. You’ll also need reverse DNS for your IP pointing at the domain you’re using that your ISP is most likely not going to provide.
Many ISPs will also block inbound SMTP unless you have business account (and sometimes even then) because it’s a common malware/spam vector.
If you insist on going through with this the key thing is to make sure that you’re not an open relay.
