[CentOS] email Server for CentOS 7

Mon Oct 1 20:45:51 UTC 2018
Rainer Duffner <rainer at ultra-secure.de>

> Am 01.10.2018 um 18:54 schrieb Kenneth Porter <shiva at sewingwitch.com>:
> --On Monday, October 01, 2018 6:37 PM +0200 Peter Eckel <lists at eckel-edv.de> wrote:
>> I fully agree with most of the former, except for the Google part. Google
>> is to privacy what a shark pool is to a carp. If possible, avoid Google
>> at all cost, and particularly for E-Mail. There are services around that
>> cost a very small amount of money (e.g. mailbox.org or posteo.de),
>> provide a very reasonable service and do *not* peek into your mail for
>> advertisement targets and sell your data to their customers.
> Fastmail looks attractive to me as it's IMAP-friendly. I run my own server but I'm recommending to my family that they move their accounts there if I "get hit by a bus".
> <https://en.wikipedia.org/wiki/FastMail>
> I mostly run my own server because it's easy to create an infinite number of disposable "plussed" addresses as website login names. I've got a sendmail rule that lets me use a dot instead of a plus sign in such addresses to get around the websites that refuse a plus sign in an address.
> <http://mozilla.wikia.com/wiki/User:Me_at_work/plushaters>
>> You should also run your own DNS in that case, as many modern features of
>> secure mail services are tightly linked to DNS (e.g. SPF, DKIM, DMARC
>> etc.). DNSsec is preferred.
> This can be split. I let my hosting provider host my public domain name on their DNS servers. But I run a caching nameserver on my mail server to do the various lookups it requires. A forwarding nameserver for blacklist lookups is NOT recommended because of the way the various DNS-based blacklisting databases license their service.

I run my own mail-server on FreeBSD and qmail (setup mostly using a script from Matt Simerson: https://github.com/msimerson/Mail-Toaster-6).
I need to re-do it at some point.

I’m always debating moving to Zimbra (OpenSource Edition, or Zimbra Suite).

If I wouldn’t run my own, I’d probably switch to Protonmail. 
Fastmail is also an option.

DNS (authority) is best run at your hosting-provider or even at a specialized DNS provider, depending on requirements.

Everything else is just asking for trouble.