There is hardly a market on the Internet as competitive as web hosting. Particularly in the lower and middle price segment, providers repeatedly undercut each other in the prices for all-round carefree packages. They usually include storage space, a domain, databases and e-mail inboxes. Complete packages are inexpensive and definitely recommended for beginners. In professional and business use, however, problems can quickly arise with many consequences, especially with e-mail communication. In this guide, we explain which problems occur in detail and how you can prevent them.
Business email communication: Problems without a separate email server
It is estimated that there are about 1.5 billion e-mails on the road in Germany every day. A large proportion of these are business e-mails containing important information. Most companies depend on their e-mails with offers, order and dispatch confirmations, newsletters and business correspondence reaching the recipient on time. However, this is not always guaranteed with a cheap shared hosting provider.
Shared web hosting means that several users share one physical server. Think of the server as an apartment building with up to several hundred parties. Although each tenant has its own domain, they share a common (IP) address. The individual domains route to this IP address. If a user's website is now hacked, the attacker may be able to use the security hole to send spam mails via the server. This has far-reaching consequences for all users.
IP address ends up on blacklists
Webmail providers automatically detect a frequent spam volume from an IP address and report it to the various spam blacklists. What does this mean for you? Since many email servers use blacklists to pre-sort mails, the server may evaluate and sort your emails as spam. E-mails from senders that are on the blacklist usually do not reach the recipient. They are often deleted directly or end up in the spam folder. If the web host makes an effort to eliminate the security gap, the blacklist entry can be reversed. Unfortunately, many affected people only notice the problem once the proverbial child has already fallen into the well. Many only become aware of it when, for example, the first customers or business partners complain because they do not receive replies to e-mails.
However, the problem can hit you not only on a shared hosting account, but also on a rental server if you don't have a separate email server. For example, if you are using open source software on your server like WordPressDrupal or Typo 3, special caution is required. Due to their widespread use, content management systems are popular targets for attacks. Almost daily new security vulnerabilities appear, for which there are regular updates. Whoever omits one or more updates risks a hack of the server. If a mail server is installed on the affected server, there is also the threat of a blacklist entry if spam is sent.
The solution: Strict separation of web hosting and email server
A strict separation of web hosting and email server reduces the risk of email communication restrictions due to hacks. You can achieve this separation by outsourcing your website to a server and your email communication to a vServer. It is important that both servers have their own IP address and that no other users use the IP address of your email server. The separation of the subdomains for accessing the website and for sending mail is done via the DNS entry (the so-called MX record).
In practice, the separation works as follows:
- The subdomain mail.domain.de redirects to the IP address of the mail server.
- The subdomain(s) www.domain.de and/or domain.de to the IP address of the web server.
In this way, you retain full control over the reputation of your IP address.
Further advantages of the separation of Webspace and e-mail communication
A separation of e-mail and web hosting is also an advantage in case of a failure of the web host. Normally in this case neither your website nor your e-mail address can be reached. Through the separately set up email server, you remain accessible for customers even if your website fails.
The separation also comes with a security benefit. If you operate your own server for your web hosting, its operating system and all associated software packages must be kept up to date on a regular basis. With so-called managed servers, the web host takes over this task. With a self-managed server, the customer is responsible for this himself. On servers are especially the mail functions such as Sendmail and Postfix a popular point of attack for hackers. When separating web storage and email, it is not necessary to install a Mail Transfer Agent (MTA) on the web server. By separating them, you automatically close a security hole.
Unlimited email addresses and storage space
Finally, operating a separate server for e-mail traffic has another advantage: Compared to standard offers from webhosters, you have no limit to the number of possible e-mail addresses. With the e-mail server on your own vServer, you can set up as many mailboxes, aliases, autoresponders and forwardings as you like. There is also no limit to the storage space. Most web hosters limit the storage space for incoming e-mails in their offers. A separate mail server limits the storage space only by the size of the hard disk.