[plug] Bypass CGNAT for hosting website and email

[Brad Campbell]

On 24/10/25 14:31, James Henstridge wrote:
> On Wed, 22 Oct 2025 at 14:25, <alex at spottedmouse.com> wrote:
>> For some time I have been researching options to host a website and email behind CGNAT. Cloudflare tunnels seemed to address the website nicely, but doesn’t support SMTP etc.
>>
>> Hosting a VPS and directing traffic over a VPN is another option. Any recommendations ?
>>
>> Ideally I am not looking to spend a lot of money on this as it is only for my home lab.
>>
>> Much appreciate any guidance and advise.
> 
> Having gone through some of this with the recent PLUG server move, you
> will want a static IP address with reverse DNS pointing to your
> domain. Without that, you may have difficulty getting other servers to
> accept email from you.

I'd re-phrase that as "Without that, nobody in their right mind will accept mail from you". You must have a reverse delegation and a static IP really, really helps build "reputation".

I run a tiny VPS in Sydney that handles my outbound mail. It also acts as a secondary MX and a tertiary DNS server. Costs me about $110/yr. Not ideal, but it does the job.
I have an openvpn pipe from home and my local MX uses the VPS as a smarthost for mail transmission.

I have no issue at all using my home VDSL as the primary MX. I'm with AussieBB so I have a "sticky" IP. I just can't send from it. 
It has only changed once in 10 years, but if it was likely to happen more I also have a dynamic dns setup.