I have a small piece of static IP4 space (5 IPs, /29) and general Linux sysadmin capabilities. I have run SMTP servers before, but I don't know what the current state-of-the-art for email and spam-filtering is.
I can set up the necessary authentication features to prevent spammers from abusing my server, but I'm concerned that mail from my site will be spamholed, RBL'd or refused for some authentication thing that I either don't know about or can't reasonably implement. (I guess one example would be if a neighboring /29 block was spamming, and the RBLs just kicked everything in the /24 out. That would be miserable.)
I would prefer to run my own server, because my experience with non-Google service providers is mixed (I'm not a big enough customer to get or afford RIGHT NOW tech support when they have problems) and I don't want Google reading my mail any more than they do already.
Is SMTP something that a "small company"-level entity can reasonably run themselves in 2020/2021? Or is the attack surface too large (so it requires a lot of administration)? Or do other mail exchangers downgrade/refuse mail from non-backbone sources in order to cut down on their spam?