Unfortunately, mail is a complex subject. Those folks are generally right. I’ve been doing this awhile, and know what I am doing. My solution will blow the doors off of canned solutions in both performance and lack of false positives. But it is a custom solution and I do not recommend it for most people. I had toyed with the idea of putting a management console on the thing, but for the effort involved, I didn’t feel it is worth it these days with barracuda and proxmox mail gateway products out there.

One big item to deal with if you self host these days is to be on IP address space that is not blacklisted by most spam filters. Comcast’s non-business IP space, for example. Linode for another. If you are in this situation, you can relay through a third party, but you are then not controlling things end to end.

Another issue now is that many recipient providers are requiring valid dmarc, dkim, and spf records. You will need to have all three properly configured for the domains that you manage.

What you might want to do, though, is perhaps host your own mail security relays that stand in front of your ‘ready to go’ mail provider of choice. This is much slower than mine, but is what I would use if standing something up for a company these days: https://www.proxmox.com/en/proxmox-mail-gateway/overview

Or if you want to host everything yourself, there are some solutions out there so you no longer need to piece it together. Search for ‘self hosted email’. I would still put a mail gateway like proxmox in front of it for your edge security and filtering though.