rooshvforum.network is a fully functional forum: you can search, register, post new threads etc...
Old accounts are inaccessible: register a new one, or recover it when possible. x


Advice for third-party email services
#1

Advice for third-party email services

From last week's DDOS attacks, I learned that it's best to host email on a separate sever to minimize avenues of attack. Two things I need:

1. Ability to hide origin IP address. When the server sends out mail using SMTP, I don't want the server IP address displayed in the headers.

2. Ability to set up email forwarders to non-domain accounts. For example:

[email protected] -> [email protected]
[email protected] -> [email protected]
[email protected] -> [email protected]

It's okay if a company only has one feature but not the other, because I can mix and match. Any suggestions?
Reply
#2

Advice for third-party email services

1. Assign a new ip address to the server. Make sure that all traffic out from the new IP address is done through a VPN. Then, use that IP number for SMTP. You might need to configure the VPN client used on the server to only route traffic from your new ip number via the VPN, not affecting your old ip addresses. I've never tried this, but it should work I guess.

2. More or less any web hosting company could help you with that. It might be a more advanced solution though if all mail through 'mydomain.com' isn't going through that web hosting company.
Reply
#3

Advice for third-party email services

Make sure that the VPN provider hasn't prohibited the use of SMTP.
Reply
#4

Advice for third-party email services

Another solution is to set up an external SMTP server on a new server, so all mails are sent out from this server. You could use a firewall to this server and configure it so it looks like all traffic into the server is coming from a local IP number. With this solution your new SMTP server's IP address will be displayed though but not the IP address of the server which originally sent out the e-mail.
Reply
#5

Advice for third-party email services

There is no need to use the same service for incoming and outgoing email.

I would suggest:

Incoming (mailboxes @rooshv.com/rooshvforum.network/rok.com) - Yandex for your domain. It's free: https://domain.yandex.com/domains_add/
Or Google Apps, but it costs $50/year/mailbox

Outgoing (from MyBB) - Sendgrid: https://sendgrid.com/pricing
Set MyBB to use Sendgrid's SMTP relay server in: AdminCP --> Settings --> Mail Settings --> Change Mail Handler to SMTP
smtp.sendgrid.net, port 587, use TLS. https://sendgrid.com/docs/Integrate/index.html
Or you can configure your server's email server to pass messages off to Sendgrid for delivery. This is more complicated to set up, but more robust from a performance perspective. https://sendgrid.com/docs/Integrate/Mail...stfix.html
Reply
#6

Advice for third-party email services

It's not a third-party email service, but there is an add-on called AnonymoX that can be used with Firefox and Google Chrome that lets you browse anonymously. It blocks your IP address and lets you pick new ones that are not specific to your computer. Some are from the US, some are from other countries like the UK or the Netherlands.

Here is what the description says when you download it:

"Easy anonymous web browsing and bypassing of web censorship. No proxys or other programs needed. With many functions to protect privacy.

AnonymoX is an initiative for anonymization on the internet. The aim is to restore the users right of anonymity in the web. Most websites monitor the behaviour of their users, giving the websites hosts the ability to analyze the general users behaviour and create detailed user profiles, which are frequently sold to third parties.

A threat for freedom of speech on the internet manifests in the repression through federal or private organizations. More and more governments censor websites with the excuse of child safety, copyright infringement or the fight against terrorism and thereby limit the freedom of speech. Also blocking users based on their origin with GeoIP-Blocks is applied often, for example at media platforms like YouTube."


I've mentioned AnonymoX on here before, but can't find where because I can't get the search feature to work. So if you've heard this from me before, sorry, but I thought this was worth bringing up again. While AnonymoX might not be a permanent fix like a VPN, it is good to have in a pinch when you need to obscure your identity.

You can, obviously, turn it on and off and keep it on only when you need it. Also, when you use it, you have to re-sign in to email, Facebook, etc., since they won't recognize you with a strange IP.
Reply
#7

Advice for third-party email services

Quote: (09-05-2015 11:10 AM)DaveR Wrote:  

Outgoing (from MyBB) - Sendgrid: https://sendgrid.com/pricing
Set MyBB to use Sendgrid's SMTP relay server in: AdminCP --> Settings --> Mail Settings --> Change Mail Handler to SMTP

Make sure that sendgrid doesn't reveal the origin IP.
Reply
#8

Advice for third-party email services

So if using Sendgrid and Yandex, for example, there are two things you should do:

1. Delete all existing MX records from each domain (in Cloudflare DNS control panel) and replace with: mx.yandex.net
detailed instructions here: https://yandex.com/support/domain/records.xml

2. change "sender policy framework" (SPF) to indicate that Sendgrid and Yandex are authorised senders. This is to ensure that email from the forum and via Yandex isn't marked as spam.

You'll need to add a TXT record to each domain's DNS:
v=spf1 includeConfusedendgrid.net include:_spf.yandex.net ~all

Current SPF settings are:
rooshv.com: v=spf1 +a +mx +ip4:192.254.214.226 ?all
rooshvforum.network: v=spf1 ip4:192.254.214.226 a mx include:websitewelcome.com ~all
returnofkings.com: not set



Quote: (09-05-2015 11:21 AM)Cheetah Wrote:  

Quote: (09-05-2015 11:10 AM)DaveR Wrote:  

Outgoing (from MyBB) - Sendgrid: https://sendgrid.com/pricing
Set MyBB to use Sendgrid's SMTP relay server in: AdminCP --> Settings --> Mail Settings --> Change Mail Handler to SMTP

Make sure that sendgrid doesn't reveal the origin IP.

It doesn't.
Reply
#9

Advice for third-party email services

You could also use Mailgun (by Rackspace) for outbound mail from MyBB. It might work out cheaper than Sendgrid, depending on your monthly email volume: http://www.mailgun.com/pricing

It's slightly more complicated to set up as they require DKIM as well as SPF. The SPF record would look something like this:
v=spf1 include:mailgun.org include:_spf.yandex.net ~all

Full instructions including DKIM settings here: https://documentation.mailgun.com/quicks...nding.html
Reply
#10

Advice for third-party email services

Dave's answers are solid. I'll work on his recommendations and report back. [Image: thumb.gif]
Reply
#11

Advice for third-party email services

I use an offshore email provider which is located in Russia. At least it's better than having one in the U.S. which is near Canadian jurisdiction. I'm quite amazed that SJW's will actually try to discover I.P addresses and search e-mails for their feminist cause. In the U.S. the only way that email providers and ISPs are obliged to release such confidential information is if there is a warrant, and criticizing feminism online does not constitute a need for a warrant (the exception to the rule might be feminist Canada or cities such as Toronto).
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)