I created my own email server using postfix and implemented a catch-all email approach. I am a beginner in creating and running my own email server but read few articles and successfully ran it.
The approach I followed is written in here https://naveenhonestraj.in/creating-an-incoming-email-server-and-sending-data/
My end goal is to catch all the email sent to a specific domain, say (@example.com) and make a POST call(something like a webhook action) with payloads that contains all the information of the email sent.
I successfully made this and now can make those POST call with proper payload, but I am not aware of the problems/cons along running own server with the catch-all approach.
If somebody who worked on the similar lines can share their thoughts and opinions on this, it would be very very helpful. Thanks.
Top comments (9)
Where you actually host the email server will have some implications with local law. For example, most consumer ISPs don't want mail traffic over their network, and would have a problem with you hosting an email server from home.
Incoming mail has a lot fewer concerns than sending mail, so your risks are relatively though.
However, what you've essentially created is the same thing as an unauthenticated api. This means there's always a risk for request flooding. Because your input is email, your ability to restrict and control traffic will be a bit harder as well.
I would suggest building some middle process that would work to reject as many obviously garbage requests as possible, so as to not flood whatever software is pushing your POST requests.
Thanks @brandinchiu for the inputs. I wasn't aware of the local law and thanks for pointing that. I'll probably look into that.
And on the side of request-flooding, after you mentioned, now, I am thinking of adding SPAM FILTER alongside Postfix to filter (to some extent) and also thinking to add-in ratelimit or a queuing system to validate and then process towards POST request. Your inputs are very helpful, Brandin :))
Yeah this is really the only thing to worry about. Any filtering you can do will be helpful.
The last thing you'd want is to be running your server in the cloud and have something send you 2 million fake emails and run up your bill :)
Hahaha! true that. :))
Thanks for your valuable inputs, Erick. But, say I am trying to build a functionality like, something in a ticket management systems like Zendesk, where each organisation has their own incoming email address, which they receives emails and creates ticket. So, for N organisation, there are N email, but the catch here is, everything is sent to one single server with all the information.
Do you think, this particular case could possibly fit in the case you mentioned? Or do you know any other services that can fit one?
The Postmark blog is a great resource for email. It's super helpful for learning about problems that may come up. They often frame it in a "here's what we're doing for you" kind of way which is super useful for learning about the details. Here's an example: postmarkapp.com/blog/monitoring-yo...
Wow. This is a wonderful resource!! Looking into it. Thanks Derek 🤩
Wow., thanks for taking time to read the article and sharing your thoughts, Erick 😁
Sure, I'll take a look at the repo as well. If not it serves the current purpose, it will definitely going to be a good learning and might come in handy at some other point of time. Thanks again for the share. :))
I'll try giving it a shot this weekend. Thanks for pointing me there. Meanwhile if I figure out a new thing or learn something from others too, I'll keep this discussion thread updated with that.