I keep the MX record all time and just block port 25. Before using it again I just double check that the global IP is the same still or if the MX record needs to be updated.
> But at that point, why not run your own MTA all the time and then just have your firewall cut port 25 off?
You could do that as well for sure. Mainly I do it the way I do simply because the mail server I am running on my desktop that I linked to is run from the terminal and I routinely close terminals which I am not using.
But for example instead of running the server from your desktop you could use the same general idea and have it always running on a Raspberry Pi and block port 25 like you say.
> But at that point, why not run your own MTA all the time and then just have your firewall cut port 25 off?
You could do that as well for sure. Mainly I do it the way I do simply because the mail server I am running on my desktop that I linked to is run from the terminal and I routinely close terminals which I am not using.
But for example instead of running the server from your desktop you could use the same general idea and have it always running on a Raspberry Pi and block port 25 like you say.