I have asked a question on postfix’s mailing list that, if a message from mail.ru (who has p=reject setting in their DMARC) was forwarded by Pobox to gmail, will gmail reject this message?

The list member @raf gave a wonderful answer below. I much appreciate it.

Maybe. It depends on lots of stuff. A DMARC check
passes if either SPF or DKIM pass, but (for DMARC
purposes), SPF only applies (and therefore can only
pass) when the From: domain matches the envelope sender
domain, and (for DMARC purposes) DKIM only applies (and
therefore can only pass) when the From: domain matches
the DKIM signing domain (d=).

If pobox.com uses its own envelope sender when
forwarding the email, then mail.ru's SPF doesn't apply
(because it wouldn't be the envelope sender domain
anymore). Instead, pobox.com's SPF applies (because
it's now the envelope sender domain). But pobox.com's
SPF doesn't apply to mail.ru's DMARC check. So SPF
wouldn't contribute to a DMARC check for mail.ru.

If pobox.com uses the original mail.ru envelope sender
then mail.ru's SPF will apply and it will fail (because
pobox.com won't be authorized by mail.ru's SPF). So it
won't contribute to a DMARC check for mail.ru either.

So, you can't count on SPF to get it through a DMARC
check for mail.ru.

The only other possibility is if the email was
DKIM-signed by mail.ru as well. If it wasn't, then
DMARC fails. If it was, and the email wasn't changed en
route in any way that invalidated the DKIM signature,
then DMARC passes. If the mail was modified too much,
then DMARC fails, but if pobox.com is just forwarding,
then it shouldn't have modified it in a way that
matters to DKIM.

And the DKIM signature has to have been signed with
mail.ru's DKIM key. Any other signing domain doesn't
apply for DMARC purposes.

So, if it's DKIM-signed by mail.ru, and pobox.com just
forwards it, and does nothing else other than adding
headers along the way, then it'll probably pass a DMARC
check for mail.ru. Otherwise, it won't.

Having said all that, what gmail does with it upon
arrival is entirely up to gmail.

I bought Yandex Mail 360 service, which gives me another 100GB disk space.

But, the access to Yandex disk via API is very slow. I tried it with two ways from one of my VPS.

• access with yandex disk plugin of rclone, whose endpoint is “cloud-api.yandex.com“
• access with webdav protocol, whose endpoint is “webdav.yandex.ru“

Unfortunately, both ways failed to work.

I uploaded a file of 245MB to Yandex disk with the methods above, they can’t finish the jobs in about 1+ hour.

The network connection from my VPS to their service endpoints has no problem. As you see below:

$ ping webdav.yandex.ru -c 10 
PING webdav.yandex.ru (213.180.204.148) 56(84) bytes of data. 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=1 ttl=247 time=40.9 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=2 ttl=247 time=40.9 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=3 ttl=247 time=40.9 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=4 ttl=247 time=40.9 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=5 ttl=247 time=41.0 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=6 ttl=247 time=40.9 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=7 ttl=247 time=41.0 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=8 ttl=247 time=40.9 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=9 ttl=247 time=40.9 ms 
64 bytes from disk-webdav.stable.qloud-b.yandex.net (213.180.204.148):  icmp_seq=10 ttl=247 time=40.9 ms 
 
--- webdav.yandex.ru ping statistics --- 
10 packets transmitted, 10 received, 0% packet loss, time 9008ms 
rtt min/avg/max/mdev = 40.964/40.988/41.044/0.182 ms 

$ ping cloud-api.yandex.com -c 10 
PING api.disk.yandex.net (213.180.204.127) 56(84) bytes of data. 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=1 ttl=54  time=40.6 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=2 ttl=54  time=40.7 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=3 ttl=54  time=40.6 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=4 ttl=54  time=40.7 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=5 ttl=54  time=40.7 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=6 ttl=54  time=40.7 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=7 ttl=54  time=40.6 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=8 ttl=54  time=40.7 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=9 ttl=54  time=40.7 ms 
64 bytes from cloud-api.yandex.net (213.180.204.127): icmp_seq=10 ttl=54  time=40.7 ms 
 
--- api.disk.yandex.net ping statistics --- 
10 packets transmitted, 10 received, 0% packet loss, time 9015ms 
rtt min/avg/max/mdev = 40.671/40.723/40.776/0.204 ms 

When uploading, the command ‘vnstat’ shows the bandwidth usage for transfer out is only 139.28 kbit/s. This really sucks.

eth0  /  traffic statistics 
 
                           rx         |       tx 
--------------------------------------+------------------ 
  bytes                    31.21 MiB  |       49.41 MiB 
--------------------------------------+------------------ 
          max             537 kbit/s  |    19.34 Mbit/s 
      average           87.96 kbit/s  |   139.28 kbit/s 
          min               3 kbit/s  |        0 kbit/s 
--------------------------------------+------------------ 
  packets                     525460  |           10556 
--------------------------------------+------------------ 
          max                924 p/s  |         121 p/s 
      average                176 p/s  |           3 p/s 
          min                  5 p/s  |           0 p/s 
--------------------------------------+------------------ 
  time                 49.60 minutes 

Then I tried their official client for Linux, the help page is here. The result is surprised.

Yandex disk’s linux client works very fast. I uploaded a file about 1GB, it got finished in several minutes.

So in conclusion:

• Don’t use API to access Yandex disk, neither rclone nor webdav. Yandex may have bandwidth limits on it.
• Use their official clients, for instance, Mac, Windows and Linux’s.

Backup is important when you run a website. For me I backup this blog which is powered by wordpress automatically, once the blog’s content gets updated.

This is the perl script to run in crontab, which checks the database to see if there is any update, if yes a backup will be implemented.

#!/usr/bin/perl
 use strict;
 use MySQL::mycrud;
  
 my $db = MySQL::mycrud_>new('my_user','127.0.0.1',3306,'my_database','my_passwd');
 my ($last_id) = $db->get_row("select ID from wp_posts order by ID desc limit 1");
 $db->disconnect;
 
 open HD,"/tmp/last-id.txt" or die $!;
 my $record_id = <HD>;
 close HD;

 chomp $record_id;

 if ($last_id > $record_id) {
     system "/path/to/backup.sh";  # implement a bash script
     open HDW,">","/tmp/last-id.txt" or die $!;
     print HDW $last_id;
     close HDW;
 }  

And, this is the bash script called by perl above, which implements the full backup for a wordpress site, including the site files and database.

#!/bin/bash

 cd /tmp
 DATE=`date +%Y-%m-%d`
 DIR="mysite.$DATE"

 mkdir -p $DIR
 
 # copy the site files from webdir
 sudo cp -rf /var/www/mysite/ $DIR/

 # dump database
 sudo mysqldump -uroot my_database > $DIR/my_database.sql
 sudo chown -R your_user_id $DIR
 
 tar zcf $DIR.tgz $DIR/
 rm -rf $DIR
 
 rclone copy $DIR.tgz dropbox:webbackup 

You should change the script to mach your use case, such as dir name, database name, user ID etc. And I upload the backup file to dropbox via rclone, you maybe want to change it with another way.

Gmail has great email features. Most people I know like their service.

But gmail for domain hosting is not cheap, the cheapest plan is $6/month in their pricing page. Here I show a way which is cheap and solid for your domain email hosting on gmail.

Firstly you need a pobox.com basic account, which is $20/year, much cheaper than gmail workspace.

What features does pobox provide? It includes:

• Email forwarding: forward all your incoming email to the destination, such as gmail.
• Outgoing SMTP relay: you can send email using pobox’s solid SMTP server.
• Email antispam: it has good antispam capability which can filter most spams for you.

After you have got pobox account, you can setup your domain there. Just add domains in their management panel, and point your domain’s MX to their servers.

For example, my blog domain is using pobox’s forwarding service. MX setup:

tech.postno.de. 299 IN MX 5 mx-1.pobox.com.
 tech.postno.de. 299 IN MX 5 mx-2.pobox.com.
 tech.postno.de. 299 IN MX 5 mx-3.pobox.com. 

SPF setup:

tech.postno.de. 299 IN TXT "v=spf1 include:pobox.com ?all" 

Then, create an email address in pobox’s management panel, setup the destination to your gmail. Such as:

[email protected] --> [email protected]

Now, pobox will forward domain email to gmail. You can test it by sending a message to domain email, it will appear in your gmail inbox.

The last step, in gmail’s “Accounts” setting, create an outgoing email address, using pobox as SMTP server. The sample setting as below:

The setting details:

• SMTP server: always be smtp.pobox.com
• Port: 465 for SSL
• Username: your domain email created on pobox
• Password: the “App-specific Password” for pobox account, you must create one before using their SMTP service.

After the setting done, you can use “smtp.pobox.com” as outgoing server for sending email. All your outgoing messages will be relayed via pobox’s SMTP servers. Pobox has been stayed in email delivery industry for almost 30 years, they are solid enough for delivering your messages.

And, you are using your domain email as the real sender when sending email through pobox’s SMTP servers. If you have used gmail’s SMTP as outgoing server, the real sender would be gmail itself, not your domain email.

That’s to say, pobox would not leak information for your real email address (gmail). This is important for privacy protection.

Until now, all is doing well. You can begin to use your domain email, which is hosted by pobox.com, and operated by gmail.

These three providers: Virmach, Hosthatch, and Naranja, are active on LET. They have got good reputation due to their good products or service etc.

I have VPS on all of them. So I took a benchmark with yabs.sh for the comparison of their performance, networking, disk IO etc.

This is the result of Virmach:

Mon Mar  1 08:51:38 HKT 2021
 
 Basic System Information:
 ---------------------------------
 Processor  : Intel(R) Xeon(R) CPU E5-2660 0 @ 2.20GHz
 CPU cores  : 2 @ 2199.998 MHz
 AES-NI     : ✔ Enabled
 VM-x/AMD-V : ❌ Disabled
 RAM        : 1.2 GiB
 Swap       : 256.0 MiB
 Disk       : 19.4 GiB
 
 fio Disk Speed Tests (Mixed R/W 50/50):
 ---------------------------------
 Block Size | 4k            (IOPS) | 64k           (IOPS)
   ------   | ---            ----  | ----           ---- 
 Read       | 42.03 MB/s   (10.5k) | 485.07 MB/s   (7.5k)
 Write      | 42.09 MB/s   (10.5k) | 487.62 MB/s   (7.6k)
 Total      | 84.12 MB/s   (21.0k) | 972.70 MB/s  (15.1k)
            |                      |                     
 Block Size | 512k          (IOPS) | 1m            (IOPS)
   ------   | ---            ----  | ----           ---- 
 Read       | 621.31 MB/s   (1.2k) | 332.98 MB/s    (325)
 Write      | 654.32 MB/s   (1.2k) | 355.16 MB/s    (346)
 Total      | 1.27 GB/s     (2.4k) | 688.15 MB/s    (671)
 
 iperf3 Network Speed Tests (IPv4):
 ---------------------------------
 Provider        | Location (Link)           | Send Speed      | Recv Speed     
                 |                           |                 |                
 Clouvider       | London, UK (10G)          | 488 Mbits/sec   | 182 Mbits/sec  
 Online.net      | Paris, FR (10G)           | 543 Mbits/sec   | 216 Mbits/sec  
 WorldStream     | The Netherlands (10G)     | 719 Mbits/sec   | 342 Mbits/sec  
 Biznet          | Jakarta, Indonesia (1G)   | busy            | busy           
 Clouvider       | NYC, NY, US (10G)         | 679 Mbits/sec   | 653 Mbits/sec  
 Velocity Online | Tallahassee, FL, US (10G) | 530 Mbits/sec   | 327 Mbits/sec  
 Clouvider       | Los Angeles, CA, US (10G) | 551 Mbits/sec   | 383 Mbits/sec  
 Iveloz Telecom  | Sao Paulo, BR (2G)        | 556 Mbits/sec   | 206 Mbits/sec  
 

 Geekbench 5 test failed. Run manually to determine cause.

As you see, Virmach’s disk IO and network speed are common, not bad and also not good. But their CPU is very worse. This is a VPS with double cores, it even can’t finish geekbench’s test.

Then, this is the result of Hosthatch:

Mon Mar  1 09:05:59 HKT 2021 

 Basic System Information:
 ---------------------------------
 Processor  : Intel(R) Xeon(R) CPU E5-2690 v2 @ 3.00GHz
 CPU cores  : 1 @ 2999.998 MHz
 AES-NI     : ✔ Enabled
 VM-x/AMD-V : ❌ Disabled
 RAM        : 1.9 GiB
 Swap       : 64.0 MiB
 Disk       : 19.6 GiB
 
 fio Disk Speed Tests (Mixed R/W 50/50):
 ---------------------------------
 Block Size | 4k            (IOPS) | 64k           (IOPS)
   ------   | ---            ----  | ----           ---- 
 Read       | 121.41 MB/s  (30.3k) | 1.26 GB/s    (19.7k)
 Write      | 121.73 MB/s  (30.4k) | 1.26 GB/s    (19.8k)
 Total      | 243.14 MB/s  (60.7k) | 2.53 GB/s    (39.5k)
            |                      |                     
 Block Size | 512k          (IOPS) | 1m            (IOPS)
   ------   | ---            ----  | ----           ---- 
 Read       | 2.20 GB/s     (4.3k) | 2.32 GB/s     (2.2k)
 Write      | 2.32 GB/s     (4.5k) | 2.48 GB/s     (2.4k)
 Total      | 4.52 GB/s     (8.8k) | 4.80 GB/s     (4.6k)
 
 iperf3 Network Speed Tests (IPv4):
 ---------------------------------
 Provider        | Location (Link)           | Send Speed      | Recv Speed     
                 |                           |                 |                
 Clouvider       | London, UK (10G)          | 466 Mbits/sec   | 6.24 Mbits/sec 
 Online.net      | Paris, FR (10G)           | 615 Mbits/sec   | 311 Mbits/sec  
 WorldStream     | The Netherlands (10G)     | 608 Mbits/sec   | 241 Mbits/sec  
 Biznet          | Jakarta, Indonesia (1G)   | busy            | busy           
 Clouvider       | NYC, NY, US (10G)         | 598 Mbits/sec   | 383 Mbits/sec  
 Velocity Online | Tallahassee, FL, US (10G) | 494 Mbits/sec   | 405 Mbits/sec  
 Clouvider       | Los Angeles, CA, US (10G) | 626 Mbits/sec   | 476 Mbits/sec  
 Iveloz Telecom  | Sao Paulo, BR (2G)        | busy            | busy           
 
 Running GB5 benchmark test... *cue elevator music*
 Geekbench 5 Benchmark Test:
 ---------------------------------
 Test            | Value                         
                 |                               
 Single Core     | 574                           
 Multi Core      | 578                           
 Full Test       | https://browser.geekbench.com/v5/cpu/6738467 

Hosthatch is well known for its storage VPS, their disk IO is always good. As you see above, the IO test gets a good result. Networking and CPU seem common.

The last part is for naranja:

Mon Mar  1 09:11:19 HKT 2021
 
 Basic System Information:
 ---------------------------------
 Processor  : AMD EPYC 7302 16-Core Processor
 CPU cores  : 1 @ 2999.998 MHz
 AES-NI     : ✔ Enabled
 VM-x/AMD-V : ❌ Disabled
 RAM        : 985.0 MiB
 Swap       : 1024.0 MiB
 Disk       : 19.7 GiB
 
 fio Disk Speed Tests (Mixed R/W 50/50):
 ---------------------------------
 Block Size | 4k            (IOPS) | 64k           (IOPS)
   ------   | ---            ----  | ----           ---- 
 Read       | 192.76 MB/s  (48.1k) | 816.09 MB/s  (12.7k)
 Write      | 193.27 MB/s  (48.3k) | 820.38 MB/s  (12.8k)
 Total      | 386.03 MB/s  (96.5k) | 1.63 GB/s    (25.5k)
            |                      |                     
 Block Size | 512k          (IOPS) | 1m            (IOPS)
   ------   | ---            ----  | ----           ---- 
 Read       | 1.06 GB/s     (2.0k) | 1.15 GB/s     (1.1k)
 Write      | 1.11 GB/s     (2.1k) | 1.23 GB/s     (1.2k)
 Total      | 2.17 GB/s     (4.2k) | 2.39 GB/s     (2.3k)
 
 iperf3 Network Speed Tests (IPv4):
 ---------------------------------
 Provider        | Location (Link)           | Send Speed      | Recv Speed     
                 |                           |                 |                
 Clouvider       | London, UK (10G)          | 920 Mbits/sec   | 606 Mbits/sec  
 Online.net      | Paris, FR (10G)           | 923 Mbits/sec   | 374 Mbits/sec  
 WorldStream     | The Netherlands (10G)     | 906 Mbits/sec   | 932 Mbits/sec  
 Biznet          | Jakarta, Indonesia (1G)   | busy            | busy           
 Clouvider       | NYC, NY, US (10G)         | 830 Mbits/sec   | 68.2 Mbits/sec 
 Velocity Online | Tallahassee, FL, US (10G) | 831 Mbits/sec   | 139 Mbits/sec  
 Clouvider       | Los Angeles, CA, US (10G) | 801 Mbits/sec   | 151 Mbits/sec  
 Iveloz Telecom  | Sao Paulo, BR (2G)        | 739 Mbits/sec   | 84.0 Mbits/sec 
 
 Running GB5 benchmark test... *cue elevator music*
 Geekbench 5 Benchmark Test:
 ---------------------------------
 Test            | Value                         
                 |                               
 Single Core     | 934                           
 Multi Core      | 926                           
 Full Test       | https://browser.geekbench.com/v5/cpu/6738468 

Naranja is using AMD CPU, as you see geekbench for a single core can even get 934 scores. This is far better than Virmach and Hosthatch. Besides CPU performance, their disk IO and network speed are also not bad.

So my simple summary:

When you need a VPS for study purpose, Virmach is good, their price is cheap for the scale. That test configuration needs only 13 USD/year.

When you need a storage VPS with good disk IO, Hosthatch is suitable. Their storage plan especially the BF ones, are cheap and good.

When you need the CPU power as well as not bad IO/networking, Naranja is great choice. And their price is cheap, my test configuration needs only 9.x EUR/year.