How would one set this up using a secondary external server? The ideal layout would be to have a relay/edge/webmail out on a VPS which would do initial spam filtering, then relay to a home server which essential houses all the mailboxes. The connection between the VPS and home server would either be via Tailscale or non-standard ports (ie. not port 25).
The idea is should there be an issue with the home server, I am in control of the message queue (not relying on sender retries). Also, to bypass mail server hosting blocks on the home ISP.
So you’re just looking for a service that sends emails on behalf of your server and something to manage incoming emails if the server is down?
Not exactly sure how to set it up in MIAB, but for smtp relay, have you considered a service like mailgun or aws ses? It’s very easy to set up and they have a whole range of IP’s that will rarely ever get black listed, so you’re very safe in that regard.
As for managing email on the way in, I believe there are services that act as an incoming email relay. They can hold emails until your server is back up. I believe they also do spam filtering too.
There’s a popular one that has been mentioned on this forum quite a few times, but for the life of me I cannot remember it! I’ll see if I can dig it up for you. In the meantime, if you search enough for smtp relays, you’ll likely find it.
Something to manage both incoming, outgoing and webmail. Really, the ingress/egress point to the mailbox database sitting at home.
It would solve:
reputation issue of a home ISP IP address (ie. rDNS…)
being able to control and queue inbound mail should home server be unreachable
proxy webmail/pop3 access. This might fall back to nginx reverse proxy I’ve already deployed on the VPS/docker. Just a nice to have if you were able to say this MiaB is the external/relay, and this is the internal as a function.
So bottom line, function something like a Barracuda Spam firewall or Ironport… or I suppose more closely, Mimecast. Of course, not looking for a paid option