Electronic mail Server Internet hosting and Deliverability on Devoted Servers

The Devoted IP Benefit for Electronic mail

IP Fame and Shared Internet hosting Threat

Main inbox suppliers (Google, Microsoft, Yahoo) consider inbound e mail based mostly on the sending IP’s status historical past. Spam complaints, excessive bounce charges, and identified spam sources all degrade an IP’s status rating. On shared internet hosting, you haven’t any management over what your IP neighbors ship.

On a devoted server with a devoted IP, your sending status is solely yours to construct and preserve. A clear IP with constant sending quantity and low criticism charges achieves good deliverability inside 4-6 weeks of warmed-up sending. That status persists so long as you preserve clear checklist hygiene.

IP Warming for New Devoted Servers

Beginning transactional or bulk e mail from a brand-new IP requires a warmup interval. Inbox suppliers are suspicious of a brand new IP all of a sudden sending excessive quantity. The usual strategy: begin with 500-1,000 emails per day in week one, double weekly for 4-6 weeks, and monitor bounce charges and spam complaints all through.

For organizations sending important transactional e mail (password resets, order confirmations) from day one, preserve the brand new IP solely for transactional messages throughout warmup. Hold bulk or advertising e mail on a separate IP or service till the first IP is absolutely warmed.

Postfix and Dovecot: The Linux Mail Stack

Structure Overview

Postfix handles SMTP (sending and receiving mail). Dovecot handles IMAP and POP3 (consumer entry to saved mail). Collectively they type the commonest self-hosted Linux mail stack. Each are mature, well-documented, and run effectively on devoted {hardware}.

For a company with 200 mailboxes and average e mail quantity, the useful resource necessities are modest: Postfix and Dovecot collectively eat below 2GB of RAM throughout regular operation, leaving a lot of the server’s reminiscence obtainable for different providers or for a big Dovecot mailbox index cache that speeds IMAP folder operations.

Authentication Configuration: SPF, DKIM, DMARC

These three DNS-based authentication mechanisms are usually not non-obligatory if you would like dependable inbox placement. All three must be configured earlier than sending any manufacturing e mail from a brand new server:

• SPF (Sender Coverage Framework): A TXT report in your DNS zone itemizing which IP addresses are licensed to ship mail on your area. A strict SPF report with -all (onerous fail) for unauthorized senders reduces phishing utilizing your area.
• DKIM (DomainKeys Recognized Mail): Postfix indicators outbound messages with a non-public key. Recipients confirm the signature towards the general public key in your DNS. Opendkim integrates with Postfix and handles key rotation. Use 2048-bit RSA keys; 1024-bit is not ample.
• DMARC (Area-based Message Authentication): A coverage report specifying what receiving servers ought to do when SPF or DKIM checks fail. Begin with p=none to watch failures, then tighten to p=quarantine and finally p=reject when you affirm all legit sending sources are authenticated.

DMARC reporting (rua= tag) sends XML stories from main inbox suppliers exhibiting authentication failures. Arrange a DMARC report parser (dmarcian or a self-hosted parser) to evaluate these stories in the course of the first 30 days after launch.

Anti-Spam Configuration

SpamAssassin and Rspamd

SpamAssassin is the standard Linux spam filter, rule-based and extensively deployed. Rspamd is a contemporary various with considerably higher efficiency (handles 1000’s of messages per second vs. SpamAssassin’s tens or a whole lot), Bayesian filtering, and a cleaner configuration mannequin. For brand spanking new deployments in 2026, Rspamd is the higher selection.

Rspamd integrates with Postfix by way of the milter interface. Configure it to reject messages scoring above 15 (clear spam), quarantine messages scoring 6-15 (possible spam), and cross messages beneath 6. Tune these thresholds based mostly in your first month’s false optimistic fee.

DNS Blocklists and Actual-Time Checks

• DNSBL checks: Configure Postfix to reject mail from IPs listed on Spamhaus, Barracuda, and related blocklists on the SMTP connection stage. This stops spam earlier than Rspamd has to judge it.
• Greylisting: Briefly reject mail from unknown senders; legit mail servers retry, spam bots sometimes don’t. Postgrey or Rspamd’s greylisting module handles this.
• Price limiting: Postfix’s anvil daemon tracks connection charges per sending IP. Limiting connections per minute per IP stops burst-sending from compromised accounts.

Storage Planning for Mailboxes

Capability Calculation

Mailbox storage necessities rely closely on retention insurance policies and person habits. A practical planning system: common mailbox dimension x variety of mailboxes x retention issue.

Dovecot’s maildir format shops every message as a separate file. On NVMe storage, IMAP folder itemizing and search operations that will be gradual on spinning disk full shortly even for big mailboxes with tens of 1000’s of messages. Customers on Dovecot-backed IMAP with NVMe storage discover sooner folder switching and search vs. hosted e mail providers that provision shared storage.

Dovecot Full-Textual content Search

Dovecot’s FTS (Full Textual content Search) plugin indexes mailbox contents for quick server-side IMAP SEARCH operations. With out it, IMAP search scans each message file sequentially. With it, search queries towards a 50GB mailbox full in milliseconds. Solr or Flatcurve (Dovecot’s newer built-in FTS backend) present this functionality. FTS indexes require roughly 15-20% extra storage overhead relative to mailbox dimension.

Microsoft Change on Devoted Home windows Servers

Change Server requires Home windows Server licensing and considerably increased {hardware} necessities than a Linux mail stack. Change 2019 minimal specs are 128GB RAM for the Mailbox position, although manufacturing deployments ought to plan for extra. This aligns effectively with InMotion’s Excessive Devoted Server at 192GB DDR5 ECC RAM.

Change licensing (or Microsoft 365 E3/E5 for hosted Change) provides substantial value on prime of server infrastructure. For organizations standardized on the Microsoft ecosystem with Outlook purchasers, Groups integration necessities, or Unified Messaging wants, Change on devoted {hardware} stays the appropriate selection. For organizations evaluating contemporary, a Linux mail stack with Roundcube or SOGo webmail is considerably decrease value.

Compliance Logging Necessities

HIPAA Electronic mail Compliance

HIPAA requires that e mail containing Protected Well being Data (PHI) be encrypted in transit (TLS) and at relaxation, with entry logs demonstrating who accessed which messages. Postfix enforces opportunistic TLS on outbound mail; configure necessary TLS with certificates verification for identified healthcare associate domains. Dovecot logs all IMAP connections and folder entry occasions.

SEC 17a-4 and Authorized Maintain

Monetary providers companies topic to SEC Rule 17a-4 should retain enterprise communications for 3-7 years in a non-rewritable, non-erasable format. Self-hosted e mail with write-once storage (or a compliance journal configured to repeat all mail to an immutable archive) satisfies this requirement. Third-party archiving instruments like MailStore Server combine with Postfix/Dovecot to supply compliant archiving.

Authorized Maintain for Litigation

When litigation locations e mail on authorized maintain, the power to protect and produce particular mailboxes or date ranges is important. Self-hosted e mail with direct filesystem entry makes this easy: protect the maildir directories, export by way of a forensically sound course of, and supply chain-of-custody documentation. Hosted e mail providers add lawyer and discovery charges to this course of that devoted internet hosting eliminates.

Server Configuration Suggestions by Scale

• Below 100 mailboxes (Important): Postfix + Dovecot + Rspamd matches comfortably with 64GB RAM. IMAP index cache makes use of 4-8GB. Storage ample for 5-year retention at common mailbox sizes.
• 100-500 mailboxes (Superior): Identical stack; extra RAM headroom for FTS index and Dovecot connection dealing with below increased concurrent person load.
• Change Server (Excessive): 192GB DDR5 ECC meets Change 2019 manufacturing necessities. ECC RAM prevents bit-flip corruption in Change database recordsdata.

Getting Began

InMotion’s APS group can help with Postfix and Dovecot preliminary configuration below Premier Care. For organizations migrating from hosted e mail to self-hosted, InMotion Options handles the mailbox migration course of, which is usually probably the most time-sensitive a part of the transition.