Toes♀

Avoiding spam filters and ISP blocks are a common issue with self hosted email.

Ideally you’ll have a mature domain, dkim configured and an IP that’s not blacklisted on a network that allows email traffic.

OVH offers pretty cheap email hosting if you just want a turn key solution.

Otherwise if you want your home lab to work this way you may need to configure something akin to a forward proxy on a VPS to act as a gateway for your homelab.

This could be achieved using wireguard and iptables. By routing the email traffic to your homelab.

I’d suggest using OVH. https://help.ovhcloud.com/csm/en-ie-dns-dynhost?id=kb_article_view&sysparm_article=KB0051641

Depending on your country you may need to use ovh canada

Syncthing like others suggested is probably the way to go.

But if you want more options you can do a lot with WebDAV. https://www.digitalocean.com/community/tutorials/how-to-configure-webdav-access-with-apache-on-ubuntu-18-04

Hey I just had another thought. Do you have your ISP provided router in bridge mode? That would help if you’re not using it for anything else.

If your lan devices only have a fe80, your clients are not receiving a proper router advertisement.

Which routes and firewall rules should I be checking?

Since the OPNsense device is getting a ipv6 address and is able to ping ipv6 devices on the internet.

It sounds like you don’t have ipv6 configured for the LAN. Try enabling “Assisted” mode.

https://docs.opnsense.org/manual/radvd.html

Confirm the ipv6 addresses your clients in the LAN are being assigned an ipv6 address within the scope of what your ISP is assigning.

If you are check default routes and firewall rules.

If you aren’t, investigate “router advertisement”.

I like that idea.

I’d suggest OVH or Digital Ocean.

If you think a DDoS attack is possible I’d suggest azure for that.

Sounds like an issue with your registrar more so than the domain authority?

Do you have any information to distinguish that?

Does anyone here know if they are the same entity?

This is probably a bit extreme. I think it has a way to tie into your phone’s calendar too.

But you could use redmine and create tickets and reoccuring tasks.

Using a whitelist in this manner with cloudflare may be challenging as this list can potentially change. They do have means to query it though. https://developers.cloudflare.com/api/operations/cloudflare-i-ps-cloudflare-ip-details Additionally, have you considered ipv6 support?

if you haven’t solved the problem yet, I would consider switching to Apache for your reverse proxy and using mod_remoteip.

Track the CF-Connecting-IP field instead of the IP address to get the client.

https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-visitor-ips/

I found this docker option.

https://hub.docker.com/r/apache/james#!

Although it’s pretty cheap to have someone else host it.

https://www.ovhcloud.com/en/emails/mail-hosting/

Yeah it’s even more intimate than they could even begin to imagine.

That must be a very unfortunate situation where you don’t have control of your network for that to be a concern though. in which case I wouldn’t expect it to be suitable for a internet facing homelab?

Like I’m struggling to think of scenarios for this.

I suppose you could be trying to setup a homelab on a college network or using someone else’s internet connection where you have no input on the matter.

Perhaps, I could see a case for CGNAT like another user mentioned, where the whole town shares an single IP for example. But I’d imagine such a network would offer poor performance.

But in all those scenarios, a VPS is cheaper and you can do everything this service offers and more.

Yeah that’s a fair point, much like a VPN I could see this being useful in scenarios where you have limited control over your network.

It’s fairly straightforward to do for free with Hurricane Electric. Some home routers even have it built in as an option. https://tunnelbroker.net/

I’m assuming anyone who’s playing around with servers is capable of implementing it.

Go on eBay, punch in the price you’re looking to spend and search for an old server. Keep in mind some manufacturers use proprietary connectors.

Look for servers with lots of ECC ram, clean photos of the internals.

They probably won’t have a drive that’s pretty common.

To meet that 16 core requirement, you’ll probably be looking at older dual socket systems.

Edit: a quick search I found this. https://www.ebay.com/itm/225978893065?

Not a perfect match but the price is pretty good.

Many moons ago, I was in a campaign that featured a time traveling building.

Instead of progressing the story, we decided to test all the possibilities to essentially force the DM to establish which style of time travel is occurring. What was meant to be one session turned into 6 and we had a blast using dr.who logic to kill the big bad guy.

At the start of each turn mittens will cast Power Word Kill on a d4 targets.

Oh I hope you got a party of spellcasters.

Some divination, scrying and arcane eye might get you that egg.