I have been running my own ‘family/SoHo’ mail server for 25-30 years now. Started with sendmail on NeXTSTEP with local delivery on the machine into Mail.app accounts (yes, I’m that experienced = old ), then moved to postfix on NeXTSTEP (ported it myself), then used Mac OS X Server for as long as it supported mail services, and I am now running a mail server setup using postfix, dovecot, rspamd, clamav, solr8, dovecot-sieve via MacPorts on macOS with some geofencing added at low level IP. (Internally, I also run nginx, MinIO, unbound/nsd (in a split DNS-setting). Because so far I am able to keep on renewing my APNS certificates, I also have push notifications running to the Apple devices that make use of my server.
I have been eying Helm for a few years as a possible replacement to see if that would reduce my workload in keeping everything running, up to date, and secure. I have a few questions which I have been unable to find out about:
- What technology does Helm use for email protection? I have rspamd/solr8/clamav integrated and it works pretty good. The move from spam assassin to rspamd a while back really improved spam filtering a lot. It did require a specific DNS setup in unbound, though, to make sure requests from rspamd were not routed via my main upstream DNS (Cloud9).
- There is a dovecot extension one can use to send Apple Push Notifications. It requires that you still have access to a APNS certificate that you can renew (I do). Is Helm capable of this on its own using its own APNS certificates (like Gmail, Mircosoft and other medium/big players can)? If not, will it get this in the future? Without push, your devices need to poll and that is bad for device battery life.
- How configurable is the postfix server? I.e. I have canonical maps, client connection count & rate limits (to stop noise and attacks), I use postscreen settings to quickly drop a lot of spammers/scammers/breakin attempts, greylisting (currently running without), extensive use of mail aliases, virtual domains and addresses. There will be limitations in what I can manage on a Helm, so the default settings become interesting.