At Phyramid we've been using Google Apps in order to manage our accounts and email addresses since we founded the company. We decided to go for Google Apps as it required little to no experience managing mail.
A couple of months ago I decided we should change that, and try building a mail server that would handle all our addresses.
I had previously configured email servers with DKIM, SPF but it was used only as a relay for server alerts of a network of servers I managed. But never actually configured a server that would offer the same tools GMail offers.
I already knew that building this would be a challenge, taking in consideration that I also wanted to migrate our DNS server from Gandi's free DNS service to our own private DNS server.
Luckly, I found an open-source solution that would offer most of what GMail currently has. I deployed the entire package on one of our servers and after a couple of hours of reading the documentation and configuring it we had our own mail server up and running!
I thought that we were done, but, I was so wrong. I realised that despite the fact that we had DKIM, SPF and a properly configured mail server (ran multiple checks on mxtoolbox), all our sent mails were getting into the Spam folder of all major mail services.
We didn't understand why, also tested our sent mails against multiple SpamAssasin deployments including DCC, and other filters.
Well, then I started reading and searching through forums, mailing lists and various websites about the filters most major mail service providers use. Only to realise that Google, for instance will refuse your mail if you're not part of a trusted network. And to avoid getting into that person's spam folder you needed to add him to your contact list.
At first I thought that Google and other providers may try forcing people to switch to their services by simply refusing your mails if you're not part of a trusted network, for fun and profit.
Actually I was wrong, a month after setting up the mail server we started receiving spam. Lots of them.
Even if we had our own deployment of SpamAssasin we were still getting a lot of spam. Then I started digging for solutions to this problem, most of the emails had common issues like invalid DKIM signatures. Therefore, we just increased the score an invalid DKIM signature triggers.
We installed various filters like DCC for SpamAssasin and finally there was no more spam. I then realised all these major mail providing companies are refusing the mail they get in order to avoid trying to filter to billions of spam mails received by their customers. They simply drop unknown sources.
Google states that the receivers of your mails must click the "Not spam" button, Yahoo after a period of time of noticing we don't send spam using our servers started adding our mails directly to the inbox.
What's the solution? As a company, you either pay and don't worry about all this, or try building your own email server, have all the space, privacy and accounts you want, but fight not only with spam but with the filters of other servers.