Table of Contents
Resources for mail server operators
Incoming email
Be careful not to accept email and then send a failure notification (this is especially important if you're running a backup server, because it needs to behave the same as the primary server and then primary server needs to accept everything from the backup - even if it's now spam or contains a virus).
Outgoing email
Try to restrict your outgoing email to be from a specific list of known domains. Ideally don't go sending email from some default root@localhost.localdomain
address.
Try to check your outgoing email for spam too, and quarantine it if it's really high.
Try to apply a rate limit to your outgoing email, quarantining it if you're sending an unusual volume of email.
Forwarders and mailing lists
Don't run mailing lists unless they're double opt-in. You also need to respond promptly to bounces which may indicate the email is being marked as spam.
Forwarding email is a nightmare. Ensure you don't send failure notifications to the original sender (direct them at yourself instead). Try not to forward spam. If at all possible don't do any forwarding because it's hard to maintain a good reputation unless you're a known big forwarder.
Additional information
Register your IP with:
- Microsoft SNDS for early warning of issues
- DNSWL for extra points off on SpamAssassin