2 points I’m not sure got mentioned here

1. There is a new hero on the block - his name is mox and he is bloody awesome! It’s a single binary written in go, that takes care of (citing) …IMAP4, SMTP, SPF, DKIM, DMARC, MTA-STS, DANE and DNSSEC, reputation-based and content-based junk filtering, Internationalization (IDNA), automatic TLS with ACME and Let’s Encrypt, account autoconfiguration, webmail… pretty much everything. As somebody who maintains few mailservers for living - this is a wet dream come true. It implements eg MTA-STS that I haven’t seen even on many commercial offerings yet. You run it once - it returns a long file with DNS records for MX, SPF, DMARC, DKIM etc… You run it second time with some switch - it generates its systemd file. Then you just spin it up - and that’s it. I always wanted to write something like this but I am nowhere near clever enough. There may be some performance constrains, it’s probably not “production grade” yet - but I’ve been using it for over a year with stellar results.

2. There has been a lot of gatekeeping (they call it security strengthening) going on lately. In my experience even year ago If you managed to fit into your DKIM / DMARC / SPF rules stated in your DNS records you could still deliver pretty much everywhere. Even with a dynamic IP. As of June 2024 google started enforce PTR records and M$ I believe followed (meaning if your ip doesn’t have a correct PTR record your mail isn’t deliverable to Google / Microsoft mailservers). Most residential ISPs will not enable you to edit your PTR and since more and more people / companies use bloody google /M$ cloud services I don’t think it’s worth running mailserver just from home because the deliverability would be a hit and miss. You need at least to proxy the outgoing mail through some cheap VPS with public ip that you can set a PTR on.