[HN Gopher] Running your own email is increasingly an artisanal ...
___________________________________________________________________
Running your own email is increasingly an artisanal choice, not a
practical one
Author : throw0101a
Score : 491 points
Date : 2021-12-24 11:50 UTC (11 hours ago)
(HTM) web link (utcc.utoronto.ca)
(TXT) w3m dump (utcc.utoronto.ca)
| j3th9n wrote:
| Things to get right and you're good to go:
|
| - Reverse DNS
|
| - SPF record
|
| - DKIM record
|
| - DMARC record
|
| - limit outbound number of emails to catch possible spamscripts
| designium wrote:
| Just use mailinabox https://mailinabox.email/
| EVa5I7bHFq9mnYK wrote:
| As far as spam filters go, too many good emails end up in spam
| folder nowadays. It has become a common place - "check you spam
| folder". I find it's easier to have a few manual filters and just
| delete all the remaining spam manually as it arrives, because the
| alternative is to check two folders every time - Inbox and Spam
| folder, with all the spam still there of course.
| johnklos wrote:
| It's amazing how quickly people with strong feelings about email
| come out when any mention of self hosting is made.
|
| They can't prove a negative, but they valiantly try, often using
| the very points that are excellent reasons to self-host as
| reasons we should all just give up.
|
| "It doesn't work for me, so it won't work for you" is rather weak
| when the reasons aren't articulated, when generalizations are
| made without detail, when hardly any attempt at all was made to
| find the root of the problem. Your failure is not the same as my
| quarter century of success.
|
| They also tries to make everything all or nothing, which plainly
| lacks any imagination. I wouldn't want an admin on my staff who
| tries something, then gives up at the littlest of hurdles.
|
| There are plenty of issues, but there are also plenty of
| solutions. You're having issues sending because your netblock
| sucks and you don't have money for something better? Pay a few
| dollars to smarthost, for instance.
|
| With Google and Outlook, you get no determinism, no accessible
| logging, no clear view about their filtering rules, no assurance
| that your outgoing email won't get blocked, anyway, because of
| the tremendous amounts of spam these monopolies allow...
|
| We should encourage MORE people to self-host email, not less. We
| should never just assume the monopolies are the best we can do.
| jasode wrote:
| _> "It doesn't work for me, so it won't work for you" is rather
| weak _
|
| Maybe I missed it but I scrolled through the comments and I
| don't see anyone in this thread claiming the above. In fact, I
| see the people who had problems with personal mail server
| deliverability _acknowledge that others may have success_ and
| "that's good for them."
| jagged-chisel wrote:
| Seemed to me an inditement of the general malaise of all
| previous discussions, not only this one.
| micromacrofoot wrote:
| unfortunately as long as you're sending email to other people
| you're subject to Google's filtering rules, so it may be easier
| to work with a provider that operates at a scale google cares
| about... it's all a racket if you ask me... their algo can doom
| any individual self-hoster to perpetual spam hell and they've
| got zero service
| mcguire wrote:
| " _Pay a few dollars to smarthost, for instance._ "
|
| Do you mean pay a few dollars to use someone else's email
| infrastructure? Or do you mean pay a few dollars more to set up
| a dedicated mail host in a better neighborhood?
| [deleted]
| Dunedan wrote:
| > There are plenty of issues, but there are also plenty of
| solutions. You're having issues sending because your netblock
| sucks and you don't have money for something better? Pay a few
| dollars to smarthost, for instance.
|
| I do and outlook.com still gives a shit and doesn't accept
| incoming emails. There is also no way to get their attention
| for this issue, as they simply don't reply to complaints about
| that. How to solve issues like that?
|
| > We should encourage MORE people to self-host email, not less.
| We should never just assume the monopolies are the best we can
| do.
|
| That's something I can wholeheartedly agree with.
| dqv wrote:
| What kind of mail are you sending? Are you getting anything
| on your abuse@ address? Are you getting any feedback on JMRP
| [0]? If all else fails, the mailop mailing list [1] can get
| you closer to someone on one of these networks to help.
|
| >There is also no way to get their attention for this issue,
| as they simply don't reply to complaints about that. How to
| solve issues like that?
|
| At one point, after getting one-too-many rejections for a
| particular recipient, I started sending the postmaster of the
| recipient's service an email every time I needed to contact
| the recipient. That resolved the issue pretty quickly. You
| can always try annoying the postmaster.
|
| [0]: https://postmaster.live.com/snds/JMRP.aspx
|
| [1]: https://www.mailop.org/
| Dunedan wrote:
| > What kind of mail are you sending?
|
| Just personal emails. Volume would be somewhere around one
| email per month or so.
|
| > Are you getting anything on your abuse@ address?
|
| Nope.
|
| > Are you getting any feedback on JMRP [0]?
|
| That seems to require a Microsoft account and that's
| something I neither have nor want. I believe sending emails
| has to work without having to register an account for each
| provider you're interacting with.
|
| > If all else fails, the mailop mailing list [1] can get
| you closer to someone on one of these networks to help.
|
| Thanks for the tip, although I'm not sure if I'm the right
| audience for this list, as I just run a personal mail
| server with very low volume.
|
| Funnily enough the "Best practices" section of the Mailop
| website contains a dedicated point
| (https://www.mailop.org/best-practices/#large-providers-
| gmail...) stating that there might be unresolvable issues
| when sending to large providers:
|
| > If you want to send mail to recipients who have accounts
| at big email providers, be aware that all of the above
| cannot guarantee that these providers won't reject your
| mail, put it straight into recipient's spam folder or just
| silently discard it - they just impose their own rules on
| anyone and you virtually can't do anything about it.
|
| My guess is, that the reason for the problems is the same
| as quoted in another comment
| (https://news.ycombinator.com/item?id=29673347), stating
| that the mail volume is just too low for outlook.com to
| establish enough trust in the sending mail server.
|
| If you look around on the internet, there are plenty of
| other people with the same issues with outlook.com. To me
| it seems Microsoft is doing something fundamentally hostile
| to small mail servers there. Interestingly enough sending
| to Office 365 hosted email addresses works just fine.
| dqv wrote:
| >That seems to require a Microsoft account and that's
| something I neither have nor want. I believe sending
| emails has to work without having to register an account
| for each provider you're interacting with.
|
| Yes it does require signing up with them. I see that
| you're taking a moral stance on this so I guess the best
| action is to just ask people to not use Microsoft email
| products, which is perfectly reasonable in my opinion.
|
| For what it's worth, I do have an account with them and I
| am very small scale and don't have any deliverability
| issues with Microsoft.
| mrich wrote:
| In my dealings with outlook postmaster my experience is as
| follows:
|
| They ignore any argument you make or proof you show them that
| their servers are accepting emails and then silently dropping
| them. So that's basically the experience you mention.
|
| However they will immediately unban your IP when you mention
| that you will recommend your customers switch away from
| Outlook email since it is unreliable.
|
| That's for a totally clean IP with no spam issues.
| dreamcompiler wrote:
| How are you going to make that recommendation to your
| customers if they can't receive your emails?
|
| (Of course I'm being facetious; other communication
| channels exist. But the idea made me think of the
| interrogation scene in _The Matrix_ with Microsoft in the
| role of Agent Smith.)
| mrich wrote:
| :)
| draw_down wrote:
| dqv wrote:
| I've said elsewhere in the thread, but everyone has a circle of
| influence. Big Mail needs to maintain a reputation of being
| reliable. I can and have convinced people that _e.g._ Yahoo
| mail is not reliable for receiving mail and to stop using it.
| And those people will do the same with their people. I think
| that 's why it's important for people to keep at it with these
| "artisanal mail servers" (with the help of mail packages that
| do automatic configuration). More people can pressure Big Mail
| and demand that they let us deliver our (legit) mail as
| smoothly and easily as possible.
| charcircuit wrote:
| They also need to have a reputation of being able to block
| spam.
| dqv wrote:
| The issue is the spam still gets through on every single
| one of these providers, so that reputation isn't nearly as
| important. Reliably receiving emails is. If _that_ aspect
| of their reputation is damaged, it may never recover.
| gnopgnip wrote:
| You get access to logging etc. with an outlook business account
| jabroni_salad wrote:
| Yup, between the message trace and just reading the headers I
| have not been wanting for visibility... and as the Exchange
| Online admin I've found that 99% of deliverability issues end
| up resting with the outside party failing to read their own
| infra's NDRs anyways.
| johnklos wrote:
| Good to know! Thanks :)
| dheera wrote:
| Yes. I want to create a mail server that auto-rejects e-mail
| with externally hosted tracking pixels and returns a Mailer-
| Daemon error that tells the sender to re-send without malware.
|
| Of course with Gmail I disable automatic image loading to avoid
| being tracked, but I want to take a more active stance against
| the practice.
| dreamcompiler wrote:
| If you do this you might not be able to go on a "paperless"
| billing plan with your bank or insurance company. I disable
| images too but financial institutions interpret "no tracking
| image requests" as "client's email address doesn't work" and
| they start mailing me paper again. Took me years to figure
| out the reason for this brain-dead lossage.
| dheera wrote:
| That's their fault then, I'll start returning their postal
| mail as undeliverable and if they give me further troubles
| I'll find another institution to do business with.
| CogitoCogito wrote:
| What's your method of detecting tracking pixels? Is it just
| as simple as scanning for size 1x1 images?
|
| I mean this as an honest question. I don't really know
| variety of tracking pixels out there. Are there other similar
| things one should block?
| dheera wrote:
| I would just block all images loaded from external URLs,
| since any of them could be used for tracking, but the
| newsletters are less my concern, it's more the individuals
| that I would be concerned about, and they tend to be a
| almost-fully plain text e-mail with a 1x1 image from one of
| many well-known domains for tracking.
| authed wrote:
| Personally, I use email less and less, thanks to Matrix. I wish
| websites would stop requiring an email address for signing up
| though (and phone numbers for that matter).
| kw-maller wrote:
| Is the article sponsored by Google or Microsoft? We're not in
| 1995 still, and I would say that it has become practically more
| doable for each year, given the affordable (sometimes even free)
| and easy access to software, hardware, and internet connectivity
| required to put up an e-mail server.
| andix wrote:
| It's not so bad to run your own email server. Im doing it,
| because email is very sensitive data, and I don't want to share
| it with Google or Microsoft or any other cloud provider.
|
| The worst part is, that you can't use any fancy email clients,
| because they all use proprietary protocols and once again cloud
| services. But imap and activesync works well enough too.
|
| The most important thing is, to get a clean IP address. Don't
| ever try to host your Mailserver on digital ocean for example,
| their IPs have such a bad reputation that some providers even
| block them on network level. Their whole subnets can't connect to
| them, no possibility to get unblocked at all.
|
| Once you found a legitimate hoster, check that your IP is not
| bkacklisted at any major provider. If it is, try to get other
| IPs, until you get a clean one. Don't try to go through unblock-
| processes, that often won't work.
|
| And then you need to set up your server well. SPF, DKIM, DMARC,
| ...
| arichard123 wrote:
| I've had real trouble with digital ocean as they just don't
| want to get involved in helping email providers at all. They
| don't want to do anything with managing IP reputation.
| andix wrote:
| I know. I think there is a study, that showed digital ocean
| is the provider that sends the most spam emails, and just
| doesn't care. As self defense, some providers just block
| their ips because of that. And if you try to unblock such an
| ip, they require you to do a lot of erfrort. You can skip it,
| if you get an IP from a provider with good reputation. AWS
| for example doesn't kid around if you send spam. You need a
| special permission in the first place to even be able to use
| port 25 outgoing.
| [deleted]
| lnxg33k1 wrote:
| As a person running his own email system, I think it's taking
| more efforts from people to convince everyone to don't run their
| email systems than managing it effectively, and I don't have any
| bouncing even towards gmail et similia. As a company the only
| concern for me is not managing an email, is more to give third
| party private for profit companies access to all my
| communications (even if I guess sending it to other unaware
| people using gmail / 365 has the same effect), but for me it's
| crazy that the world has accepted that
| vbezhenar wrote:
| Yeah, when everyone uses gmail, that's kind of pointless to run
| your own server, because Google will have most of your
| conversations either way.
| mcguire wrote:
| The latest edition of Nemeth, et al., _Unix /Linux System
| Administration_ says basically the same thing. Spam filtering,
| for example, is a whole horrible thing that will be essentially a
| full-time job for anyone running a mail host.
|
| Hell, about two years ago _I_ gave up on self-hosting. Unwanted
| email got to be the vast majority of what I was receiving and
| spam filter software ate more memory than my itty-bitty host had,
| meaning I would have had to get a bigger, specific mail host. (As
| it was, the IMAP server was the biggest process running on my
| host.)
| api wrote:
| This has been true for a very long time. Spam really destroyed
| SMTP as an open protocol just like it did for all the other old-
| school federated protocols.
| throwoutway wrote:
| I want to, but I can't afford getting my email silently swallowed
| when I'm contacting attorneys, etc.
| betaby wrote:
| I like my email artisanal just like my bread.
| strzibny wrote:
| General email server? No, I would be worried too.
|
| But I think you _can_ set up an email server for your _own_
| tasks, like sending yourself some notifications. It 's also nice
| to know how this works in theory.
|
| These are the reasons I included some basic e-mail setup in my
| book (Deployment from Scratch), although also advising to depend
| on some reputable IP addresses.
| emptybottle wrote:
| I'm starting to think that "don't self host" messages like this
| are coming from people with incentives to steer people towards
| paid mail hosting.
|
| A big reason it's getting harder to self host is because so few
| people do.
| bachmeier wrote:
| Not the best choice of title. I didn't realize until I got to the
| end that this was about large organizations. No doubt for a large
| university or company this is true.
| awinter-py wrote:
| email is totally broken. this article is right but the answer
| isn't let goog read your messages, it's invest in new
| communication protocols
|
| tons of serious players don't trust email at all today
|
| some, like my health insurance + bank, are dinosaurs who are all
| but licking the molten shockwave of a meteor. But still -- they
| have real reasons they email me that my 'secure message inbox'
| has a new message. Oscar uses 'secure email powered by virtru' to
| tell me they're not going to reply to my reply to their email,
| wtf, huge indictment of oscar, but also indictment of email.
|
| but it's not just dinosaurs -- _amazon_ , who has had a tough
| month but is generally savvy, doesn't trust email. they won't
| send me itemized receipts because they don't want google to read
| them.
|
| I half believe we're about to see a renaissance in self hosting
| for individuals + businesses. this article is calling the bottom.
| ineedasername wrote:
| Last time I hosted was ~2004. I had a very tight qmail
| implementation, but even then I seem to be getting black-holed or
| marked as spam. Maybe it was because I was self hosting on my
| local home ISP and using dyndns to get around potential changes
| to my ip address from my ISP. Maybe spam filters didn't like
| inconsistent IP addresses? I don't know. But asking people to
| whitelist me was a hassle.
|
| At the time I was a heavy Mac user though so I ended up switching
| to mac.com email, and then Gmail when Apple EOL'ed Mac.com.
|
| Today though there's probably an easy turnkey VM or docker image
| well-configured to work without too many false positive spam
| flags... I hope?
| znpy wrote:
| I run my own mailserver and I've been doing that for the last ~10
| years.
|
| I have a static ipv4 at home, and my biggest problems are the
| following:
|
| - residential providers won't delegate a reverse dns zone or set
| a reverse ptr record for you -- or at least my ISP (Fastweb) will
| not do it for a residential contract
|
| - spam lists (spamhaus etc) will blacklist residential ipv4 pools
| by default applying what effectively is a prejudice (and
| defamation).
|
| Some considerations:
|
| Major providers will effectively do as much as they can to
| prevent other organizations (let alone individuals) deliver their
| own mail.
|
| Google is particularly shitty in this regard: it regularly
| delivers my mail to spam despite having both SPF, DKIM and DMARC
| in order. My gmail inbox however is full of SPAM because google
| decided that I really have to look at those promotional email.
|
| Microsoft is surprisingly good instead: upon rejecting mail
| initally they're going to direct you to an automated procedure to
| de-list your domain from their spam services, and it works. Kudos
| to microsoft.
|
| SPAM, surprisingly, isn't really a problem: if you have
| sufficient checks for incoming mail (does SPF for the domain
| allows this ip to send email? do DKIM signatures check out? are
| they using SSL/TLS for their connection? et similiar) you
| basically won't receive spam.
|
| Most OS vendors (Red Hat / Debian / Ubuntu) deliver postfix with
| poor cryptographical default settings, meaning that the default
| settings will connect to plaintext SMTP to deliver outgoing email
| and will not setup submission (tls) by default, not even with a
| self-signed certificate. In the time of letsencrypt being
| available, this is a dumb choice.
|
| Running low-volume mailserver is surprisingly light on resources.
| A raspberry pi is likely overpowered for the task. You can use
| pretty much anything and it's going to work, as long as it powers
| on and doesn't lose data.
|
| Running a mailserver is also surprisingly versatile. The
| possibilities are pretty much endless. You want to alter outgoing
| emails? No problem, look at PCRE maps and postfix's header_checks
| (or similar). Want to have mail aliases? no problem. Want a
| catch-all address? easy. Want to hook a service into mail
| delivery chain? look at the milter protocols.
| danlugo92 wrote:
| Zoho has a 1 dollar a year plan.
| vladoski wrote:
| Where have you seen that?
| lixtra wrote:
| > ... general security will not be as good as they have.
|
| > Entirely "on premise" email is now an inferior thing for almost
| everyone.
|
| I disagree on this one. Placing your email with a big player
| means that by definition, they have access to your mailbox (with
| sensitive stuff hopefully encrypted). To allow that you have to
| trust the big player and the countries where they reside.
|
| They can drop you any time for political reasons, for dealing
| with a country that is considered an enemy of the host country of
| your provider. They may sell out your data.
|
| You may still choose a big player, but understand how screwed you
| are.
| jms703 wrote:
| Once you've sent or received email containing "sensitive stuff"
| you no longer control your data. Folks need to come to grips
| with the fact that email security is dead and hosting it
| yourself doesn't fix this.
|
| The author of the post should have included that in his post.
| rsync wrote:
| "Folks need to come to grips with the fact that email
| security is dead and hosting it yourself doesn't fix this."
|
| Sort of, but not entirely true ...
|
| If you run your own mailserver then users of that mailserver
| can send and receive mail, to each other, without traversing
| a network. The mail never goes out on the net. That can be
| valuable/interesting.
|
| This is true in both the webmail use-case (the text goes to
| the browser, ephemerally, encrypted with SSL) or the
| terminal/console (alpine) use-case (the text goes to the
| terminal, ephemerally, encrypted with SSH).
|
| There's a certain cloud storage provider I know of whose
| internal / intra-company emails have never traversed the
| Internet ...
| sneak wrote:
| Most people have no idea that email is not secure.
| foxfluff wrote:
| They may also kick you out any time for arbitrary reasons.
|
| "Your account has been suspended for suspicious activity."
| walrus01 wrote:
| I just did a ctrl-f here for "IP space reputation"
|
| not mentioned yet?
|
| One of the very important things is choosing what ISP to host
| your self-hosted email at. And the spam blacklist (or
| opaque/impossible-to-know) likely blacklist status of your IP at
| things like office365, gmail, etc.
|
| Assuming for a moment that you are a person who is perfectly
| capable of setting up your own postfix and dovecot server.
|
| No matter how _perfect_ your rDNS, SPF, DKIM, DMARC setup is, and
| how flawless your theoretical postfix or other smtp daemon
| configuration is... If it 's not hosted in the right place,
| outbound mail deliverability is the main problem you'll run into.
|
| For the persons who are not ready to host their own SMTP and mail
| storage, I'm going to second the other suggestions made in this
| same thread that say a good first step is to control the
| authoritative DNS for your own domain, so that you can choose
| where to point the MX records at, and make an educated/informed
| choice of third party mail service provider.
| LeonM wrote:
| > (with DMARC signatures and other modern email practices)
|
| DMARC does not provide signatures, DKIM does.
|
| DMARC adds the DKIM 'alignment' requirement. Meaning that not
| just any DKIM signature will do, the public key (the DKIM DNS
| record) must be published under the administrative domain (the
| part after the '@' in the sender address).
|
| DMARC also mandates SPF alignment (not that your should rely on
| SPF), meaning that the rfc5321.MailFrom and rfc5322.From address
| should be from the same administrative domain for the SPF to pass
| DMARC.
|
| When either SPF or DKIM is aligned, you have a DMARC pass.
| Because SPF breaks with forwarding services, you shouldn't rely
| on it. DKIM + DMARC is the way to go.
|
| Also funny that the author calls DMARC 'modern practice', since
| DMARC was introduced in March 2015, almost 7 years ago.
| morsch wrote:
| I suppose that's relatively recent for a technology that's 40
| years old.
| switch007 wrote:
| > Also funny that the author calls DMARC 'modern practice',
| since DMARC was introduced in March 2015, almost 7 years ago.
|
| Oh come on, in terms of protocols, that's modern.
|
| Your other points have merit but that's just a pointless dig at
| the author.
| teekert wrote:
| I was doing well with my own email server until I got on some
| blacklist from Microsoft, all my outlook.com contacts didn't
| receive my email anymore, not even in their spam folder. I pushed
| hard on support, eventually they told me they don't control the
| process ??
|
| I gave up. In retrospect I should have used another smtp gateway
| (perhaps from my provider), but back then the thought never
| occurred to me.
|
| For a time it was nice, (basically) unlimited storage, unlimited
| aliasses, being able to send 200 mb (only to my wife admittedly)
| easily. I did really learn a lot, which it what I tell people
| now: Try and do it to learn, but it's really unpractical. I now
| pay for email.
| sys_64738 wrote:
| Isn't the fear getting your domain blacklisted? You'd never know
| unless somebody contacted you through alternate means to ask
| about lack of response.
| dqv wrote:
| It's obvious when your domain (well, the IP really) is
| blacklisted. You either get a nasty error from the mail system
| saying it didn't go through or that the server was unreachable
| or what have you. You're always going to get some notice that
| it failed. In that case I contact the recipient a different way
| and say, "hey, you're mail server is broken, can you please fix
| it?" Usually this means them contacting their mail provider and
| asking why they are blocking mail from someone they need to
| communicate with. If it's someone like Google, they'll realize
| they can't actually get any support and think twice about using
| Google for mail.
|
| A lot of people will say, "no they'll blame you for it not
| going through", but that's rare. Most people will be receptive
| to your insistence that you're trying to send them mail but
| their provider is in the wrong.
|
| Now, if you mean blacklisting in the sense that the server has
| shadowbanned you and is sending back "221 OK", then, again, you
| have an affirmative defense: "hey, you're mail server said it
| accepted the mail, can you please check with your provider on
| what they did with it?"
|
| In either case, this is actually not a good thing for the
| recipient's mail provider _especially_ if they pay for that
| provider. _" Why did you accept the email from the sender but
| not put it in my mailbox? Who else have you done that for? Why
| am I using you as my mail provider again?"_
|
| I have a circle of influence... about 100 people. All 100 of
| those people would switch mail providers if I asked them to.
| And I think a lot of people have a circle of influence around
| this size as well. So there actually is an amount of control
| over these bigger mail providers. They will be receptive to "I
| just told your customer to switch because you won't let me
| email them" especially if it's widespread. In exchange for that
| "power", I make sure my mail server is as clean as possible and
| quickly respond to any notices sent to my abuse@ address.
| ziml77 wrote:
| Running your own email is impractical because it's the only way
| for many people and services to get in contact with you. You
| really don't want it to fail. And it's entirely on you to ensure
| that you have monitoring to notify you when it does fail (through
| some non-email mechanism). And you better be prepared to solve
| the issue for yourself in a timely manner.
| mattbee wrote:
| Pffff people said this 15 years ago.
|
| Hotmail is an occasional pain for the self-adminstered email
| server, everyone else works fine IME.
| pyrale wrote:
| I would really say that "running your own email" is a set of
| things that can be done independently:
|
| - Getting your own domain and using a provider such as fastmail
| or proton is a first step that gives you lots of security fom
| arbitrary. Because you own the doorstep, you can change provider
| without having to inform all your contacts of the move. You're
| also more secure from unilateral moves from your provider.
|
| -Hosting your own mail server means that you are responsible for
| the persistence of your mail. It's a nice artisanal thing to do,
| and you may be satisfied to know that no one is reading your
| mail.
|
| -Sending your mail yourself is the real hard part, because you
| need a stable IP that is accepted as a legitimate mail sender.
| Moreover, you need to monitor this property in the long term.
| Every mail server has their own way to choose who is a legitimate
| mail sender, and it's an ongoing pain to check that.
|
| You're not forced to go all the way, you can simply pick a domain
| to secure the frontdoor, or you can host your mail server without
| sending mail by yourself, etc. You can also self-host, and change
| your mind later without much impact.
|
| I personally would incite everyone to do at least #1 for safety
| reasons, #2 if you want to fiddle with the system to know how it
| works, and to avoid #3.
| stiray wrote:
| Internet was meant to be decentralized. Lets leave it this way.
|
| I am running my server for 15 years and couldn't be more happy
| with "artisan" infrastructure.
|
| I don't want or use webmail (sluggish), I don't want others
| fingerpoking my emails, I don't want various compulsory
| registration systems (like requiring my phone number out of
| """security""" reasons like google), giving others the ability
| to kill my account and do me a huge amount of work and on the
| top of that, it breaks the sites registration schemes, I have
| set up a script that accepts any email with some special
| structure and each and every registration gets a specially
| customized mail address (that I can calculate in my head, no
| configuration needed) that can be resolved back to the
| registration.
|
| Getting spam? I am sick of you, whatever? No issue, just REJECT
| the whole address. It is used by only one site, like smart
| people don't reuse passwords, I don't reuse email addresses.
|
| And you would be surprised, how many sites sell email addresses
| to others, and I know it as every one gets its own email
| address.
|
| Rspamd eats the spam just as good as "ai infrastructure" /s
|
| Even if you go for 3rd party email infrastructure, registering
| a domain is a must, so you can switch the provider fast if it
| gets vampirized.
|
| Out of my whole infrastructure (100% self hosted, as said, for
| 15 years, actually more but not 100%), the email server is the
| part that needs the least attention.
|
| The response to the author would be: nice that large providers
| have webmails and some other quirks that I don't want or need.
| Feel free to use them, but I have freedom.
|
| postfix. dovecot. rspamd.
| chriscjcj wrote:
| Honest and non-rhetorical question here: Have any of your
| customers had an e-mail they've tried to send not arrive
| because the recipient's system was using a black-hole list
| that, for some erroneous reason, had you blocked? If so, were
| you able to successfully communicate with and/or reasonably
| work through whatever issue got you black-holed?
|
| I haven't administered e-mail servers for 20 years, but back
| when I did, this started to be a problem that eventually
| became insurmountable. I used to manage a small business
| oriented ISP. We were multi-homed with a /18 that we used for
| everything. I had a customer that was a reasonably sized
| organization that dealt with tourism and conventions for a
| major city. On one of their websites, (which we hosted with
| IPs that came out of the same /18 as their mail server,) they
| had a directory of vendors who were associated with them. ONE
| of those members had a website that had been hacked/defaced.
| This got our entire /18 on a blac-khole list. They had an
| employee that was trying to send e-mail to someone on a
| system that was using this black-hole server to filter spam.
|
| When we explained to them what the problem was, we got
| glassy-eyed stares back at us and a, "just fix it." I told
| them that, they would need to remove the link to their
| partner's site from their website in order to get them AND
| all of our other customers using numbers inside our /18 de-
| listed from this particular black-hole. They asked, "We have
| hundreds of partners who pay for membership in our
| organization and being listed on our website is one of the
| benefits. How can we possibly police every one of those
| websites every day to make sure there's no defacement or
| serving of any problematic material from any URL in any of
| those domains?" That's a decent argument in my opinion. And I
| tried to explain that different black-holes have different
| policies and no black-hole is demanding that anyone use their
| system for filtering. I tired contacting the organization
| that was using that black-hole to explain the situation to
| them, but they weren't interested in discussing it. As far as
| they were concerned it was our problem to deal with.
|
| This kind of problem happened dozens of times with varying
| degrees of severity but with increasing regularity and it was
| one of the primary reasons we quit hosting e-mail and started
| re-selling another vendor's solution. That was a long time
| ago, and maybe black-hole lists aren't a thing anymore.
| denton-scratch wrote:
| > Have any of your customers had an e-mail they've tried to
| send not arrive because the recipient's system was using a
| black-hole list [...] ?
|
| Yes. Twice.
|
| In the first case, the mail provider was our ISP; and they
| got themselves in some mainstream blacklists. The problems
| getting that sorted out were part of the motivation for
| bringing mail in-house.
|
| In the second case, there was some academic departmental
| mailserver and they were using some list incorrectly; using
| an extremely-opinionated list to block when it should at
| best be used to score.
|
| This wasn't in itself a big deal, but one of my boss's
| correspondents was a senior professor in this department
| and they had some important business; and the postmaster
| was a dick, and wouldn't help. Boss didn't want to use some
| secondary email address; I had to show him how to set up an
| alias on some commercial server, which was second-best, but
| he was in a hurry.
|
| Boss was angry with me and barked at me. If you run a
| mailserver for some group, one you assembled yourself, then
| people expect _you_ to take responsibility for sorting out
| _any_ mail problems. Well, they 're right: you have taken
| on that responsibility. You made it, and you're running it:
| who else can they complain to?
|
| [Edit] My point is that it's not hard to set up an artisan
| mail system; what's hard is that you create a job for
| yourself that is at the same time networking, user-facing,
| and technical. It's an interesting learning point, and I
| recommend it. But don't underestimate what you are taking
| on.
| bsder wrote:
| > [Edit] My point is that it's not hard to set up an
| artisan mail system; what's hard is that you create a job
| for yourself that is at the same time networking, user-
| facing, and technical. It's an interesting learning
| point, and I recommend it. But don't underestimate what
| you are taking on.
|
| This. So much this.
|
| I will happily run my "artisinal" mail system for myself.
| Would I put customers on it? Oh, hell, no.
|
| I, sadly, always recommend that companies pay money to
| Microsoft for email. You are really paying for the
| _customer support service_ rather than the email service.
| einpoklum wrote:
| Please don't recommend to people to pay money to have all
| their email communications read and stored by Microsoft,
| the US government and possibly other parties.
|
| There are plenty of other email providers which are worth
| considering, and I'm sure some of them have half-decent
| customer support.
| lostlogin wrote:
| > Well, they're right: you have taken on that
| responsibility. You made it, and you're running it: who
| else can they complain to?
|
| Assuming logic applies to humans is painfully wrong. I
| wish it wasn't.
| xyzzy_plugh wrote:
| For what it's worth I've run into the same set of issues at
| corporations using Google and Microsoft's hosted offerings.
| Hell, sometimes you can't even send it mail between
| customers!
| kortilla wrote:
| That question seems completely unrelated to running a
| personal mail server?
| belorn wrote:
| (Running a email system for a few thousand users)
|
| > If so, were you able to successfully communicate with
| and/or reasonably work through whatever issue got you
| black-holed?
|
| Yes. Practically all black-lists have a de-list form that
| one can use, and most seem to auto-delist fairly fast as
| soon they don't get any more reports from honey-trap and
| other sources.
|
| We do have a few custom written ways to detect hacked
| accounts, and we don't allow users to set their own
| passwords. We also tend to discourage/deny users who do
| newsletters and other "higher risk" form of email. All
| emails sent by websites is sent through different servers,
| which also mean that a hacked website does not impact the
| reputation of the email servers.
|
| Events with black lists maybe occur once a year and as I
| mentioned above, fixed fairly fast. One good tip is to keep
| an automated eye on the mail queue and react quickly when
| things start to look wrong.
| ananonymoususer wrote:
| It's better now, but in the early days of organized
| blacklists (more than 20 years ago) it was somewhat
| chaotic. Many large ISPs ran their own blacklists and
| some were poorly managed. AOL was the worst of them all.
| Their admin staff was unprofessional and unresponsive
| when I provided a PoC for their defective spam control
| system.
|
| There are a few sites where you can plug in an IP address
| to see if it's on any blacklists. A handy thing to do
| before setting up a new server is to work with your
| provider to find a clean IP address beforehand. Here's
| one that I have used:
| https://mxtoolbox.com/blacklists.aspx
| iamtheworstdev wrote:
| > And you would be surprised, how many sites sell email
| addresses to others, and I know it as every one gets its own
| email address.
|
| So much this. I've actually contacted companies to tell them
| they've been compromised because I started getting phishing
| emails. I quit after the third time of reporting it and being
| told "we haven't been hacked, someone in your friends group
| has and you just can't read email headers".. right because
| someone in my friends group emails
| "mylocalgym.com@mypersonaldomain.com" to schedule group
| activities.. then six to twelve months later I get an email
| from HIBP telling me said website was hacked and my email was
| compromised.
| FemmeAndroid wrote:
| It's funny to hear this experience. I've been doing this
| consistently for about 5 years now and have noticed 2
| instances where this occurred, and in both there were prior
| disclosures about a security failure.
|
| I tend to sign up for a lot of things (I'm seeing over 150
| unique email addresses I receive emails from using this
| scheme), but I guess I'm just getting lucky.
|
| Also, just out of curiosity, where does one sell email
| addresses, and how much are they worth? I take signups on a
| few websites, and I'd never sell my users' email, but I'm
| just curious to learn more.
| EvanAnderson wrote:
| I've discovered two previously unknown data breaches this
| way. I was gratified when the operators of the sites
| thanked me for reporting it. Most times, though, I get the
| treatment you're describing.
| pid-1 wrote:
| > Getting spam? I am sick of you, whatever? No issue, just
| REJECT the whole address
|
| I started using that with Fast mail, they call that Masked
| address. Best spam filter ever.
| mcguire wrote:
| What are the memory requirements for postfix, dovecot, and
| rspamd these days?
| m3nu wrote:
| Using the same stack and have to agree. Once it's up, it's
| rather low maintenance. I wouldn't start again from scratch,
| though today.
|
| There is also a guy, Jar, who runs a rather his own email
| service, mxroute, quite successfully. Users love it and he
| seems to know his stuff.
| lostlogin wrote:
| It's not so much that I want to go all the way and do it
| myself, but I'm interested to see the gold standard way and
| as per the OP, perhaps go part the way (ie not send) - do you
| have a resource you could point me at that you recommend or
| rate? Not trying to get you to do my dirty work, just
| wondering if you have a resource you use.
| electric_mayhem wrote:
| Your post is super insightful.
|
| Option 2 in particular is super appealing.
|
| I've tried a bunch of pricacy-focused email services and have
| been let down by one or more aspects of their service. Pretty
| much all of them managed to handle sending Ronny satisfaction,
| though.
|
| So setting up inbound to run on my own gear and paying a couple
| bucks a month for others to deal with dkim and and domain keys
| and all that other crap... that's brilliant.
|
| Thanks for the idea!
| im_down_w_otp wrote:
| FWIW, someone is still reading your email. The owner of the
| infrastructure of your message recipients. If you've gone
| through the trouble of hosting your own email to avoid Google
| harvesting your messages, but you're exchanging emails with
| someone whose email is hosted by Google, then your emails are
| still being harvested and/or are harvestable.
| vaylian wrote:
| Good point. But it is still one person/company less that
| reads your e-mail, if you and your correspondent used
| different e-mail providers previously.
|
| There are also correspondences where you are only the
| receiver. For example, when you order things online. Gmail
| doesn't need to know what you are shopping for.
| im_down_w_otp wrote:
| Unfortunately, they can still close the loop on purchase
| history and ad impressions through indirect, lazy
| association.
|
| It's a very, very impressive edifice that's been created
| for identifying and tracking pretty much everybody
| irrespective of their direct, immediate interaction with
| the entity doing the tracking. I honestly think it's kind
| of funny that such a potentially insidious system was
| manifest for something as principally vapid as ad
| targeting.
| hackerfromthefu wrote:
| Yes, quite the trojan horse.
| unethical_ban wrote:
| Yep! I do #1 despite researching controlling the whole stack. I
| still like the idea of doing it someday, if only with a
| development domain.
|
| I pay $12 a year for email hosting, $10 a year for the domain.
| I use name.com and I presume (though I have not tested) that if
| I needed a human to talk to, I would have much better luck than
| with Google. I also don't have to worry about a snarky Youtube
| comment getting me locked out of Youtube, Youtube TV, Gmail,
| GDrive and everything else.
| chefandy wrote:
| I think #1 is a super solid idea. I'd love to go beyond that--
| I'm familiar with the tech and love the satisfaction of a more
| DIY approach-- but other end users preclude my doing so.
|
| The author mentions _quality_ in big email service but only
| passingly mentions what that encompasses. Smooth, responsive,
| well-worn, ceaselessly preened, and smoothed-over end-user UIs
| are important. Unfortunately, the open-source alternatives are
| comparatively rough.
|
| _(As a long-time developer and more recent designer, I write a
| lot of open-source code myself. I understand that these are
| complex and tedious problems to solve. However, without frank
| critique, "Open-Source Alternatives" will always be
| "Alternatives.")_
|
| Every interface I saw needed fundamental design work. My recent
| research showed 2+ decade old interface layouts w/new features
| just bolted on, visually complex toolbars, menus, and lists,
| little editing for views and controls, and comparatively
| unattractive designs(, which even if it doesn't matter to you,
| that doesn't invalidate its importance to others.) Even this
| crowd-- people accustomed to configuring complex applications--
| lament the clunky interfaces.
|
| To me, _most_ open-source interfaces are like eating on a diet.
| Your sense of accomplishment offsets the discomfort... at least
| for a while. End-users, however, don 't have or need, that
| holistic view of the service. To them, the interface IS the
| service. DIY/tech accomplishments are abstract and indirect
| factors, at most. For most, it's like eating on-diet, but
| someone else loses weight. Attractive alternatives make that
| unsustainable.
|
| So the real hard part isn't technical-- it's assembling an
| email stack where users don't feel deprived for having chosen
| it.
|
| The solution is more collaboration between design and
| development expertise within the FOSS. If you have a position
| of authority in any FOSS projects, I implore you to be open-
| minded when presented with interface design ideas.
|
| Happy to talk about productive ways to engage with designers
| and design feedback.
| Ginden wrote:
| > most open-source interfaces are like eating on a diet.
|
| Because there aren't open-source contributing UX/UI
| designers. Almost all open source interfaces are quick work
| done by mostly backend developers.
| ip26 wrote:
| I was determined to make #3 work for years. But despite a
| golden reputation for my IP, perfect dkim, dmarc, dns, and
| everything else, plus exclusively personal mail (no bulk mail
| ever) I could never get out of the spam box at several major
| providers. Never could figure it out, even with all the tools.
| Finally gave up.
|
| I have come to suspect new MX servers are spam-holed by default
| until enough people click "Not Spam", which is an absurd hurdle
| for a single user hobby server.
| lytefm wrote:
| > I have come to suspect new MX servers are spam-holed by
| default until enough people click "Not Spam", which is an
| absurd hurdle for a single user hobby server.
|
| Yes, a fresh (or: previously sending spam) IP requires some
| warmup time until providers like GMail will let you anywhere
| near the inbox.
|
| And if you're not sending out a high enough volume of emails,
| no chance.
| 3np wrote:
| #2 has practical reasons as well, such as security and privacy
| (yes, other mail servers on the internet can catch your mails
| in flight; that's quite different from a mail provider having
| full retention of your email at any point in time)
|
| I'd add another thing:
|
| - Hosting your own mail client. You can self-host
| roundcube/mutt/thunderbird/or even an imap server that just
| fetches (and possibly deletes) email from the remote server
| using something like mbsync. This mail client/server doesn't
| need to interact with any other mail server apart from the mail
| provider that receives the incoming email, be that gmail or
| fastmail. While paid ProtonMail can be used for this, it's a
| bit of a hassle with their lack of native imap support.
| judge2020 wrote:
| > other mail servers on the internet can catch your mails in
| flight
|
| This also shouldn't be a problem most of the time if your
| email server supports TLS; Google currently sees 81% outbound
| email encryption[0], so you can imagine roughly 4/5ths of
| email servers support it.
|
| 0: https://transparencyreport.google.com/safer-
| email/overview?h...
| 3np wrote:
| Indeed. It was more of an inb4 of the common reply of
| "there is 0 privacy gains of self-hosting email since most
| of the people you're mailing with will be on one of the big
| providers anyway", which is tired and defeatist.
| tzs wrote:
| I'd like to see something to make it easy to address the case
| where you are doing #1, but your provider does unilaterally
| kick you off with short notice for some reason. The email
| equivalent of a bug out bag [1].
|
| This would be something that provides in a single package an
| SMTP server, an IMAP and POP server, pre-trained spam
| filtering, and maybe a web server with a web-based email
| client, and a simple setup program that asks a few basic
| questions such as your domain name and configures everything on
| your end and provides help for configuring things elsewhere
| (such as with DNS, such as telling you what to put in your SPF
| and DKIM and DMARC records).
|
| This is meant as something to handle your mail during the time
| it takes you to find another provider. It is meant to be
| something you can quickly install on a VM somewhere, point your
| MX record at it, get a Let's Encrypt or similar certificate for
| it, and not be losing mail while you are between providers.
|
| It should have a quick start guide that includes details on
| signing up and getting a Linux VM up at major inexpensive VM
| hosting places. Amazon Lightsail, Hetzner, and such.
|
| It should make minimal assumptions about your Linux
| environment. Probably it should not use the SMTP, POP, and IMAP
| servers that are packaged by your Linux distributor. It should
| use minimal servers that are written specifically for the
| emergency mail kit.
|
| [1] https://en.wikipedia.org/wiki/Survival_kit
| rnotaro wrote:
| https://mailinabox.email/ does most of that.
|
| I have my own domain since when I was about 15 years old and
| used that for a while on a digital ocean droplets. It's
| incredibly easy to set-up.
|
| The only issue I had was that other people were not getting
| my mail and I sometimes it was not even reaching their spam
| folders. Probably because Google/Microsoft were blocking that
| IP range of Digital Oceans.
|
| Nowadays I just pay for a personal Gsuite license and use
| Google Infrastructure.
|
| Much simpler that way and I'm almost guaranteed that my mail
| will reach the recipients. You only need to set-up your DMARC
| / SPF records and point your MX records to the ones that
| Google provides.
| pas wrote:
| We've been running a small mail host for ~10 years (less
| than 100 accounts, but outgoing monthly newsletter to a few
| thousand addresses) ... we had basically zero problem with
| delivering to Gmail. Their spam filter, while strict and
| applies throttling (and a bit of greylisting) is completely
| livable, compared to the balls-to-the-wall insane
| Outlook/Microsoft "protection" (
| https://news.ycombinator.com/item?id=28982434 )
| croutonwagon wrote:
| Don't even get me started on outlook.co/o365.
|
| If you put an address or domain in the safesenders list;
| they do literally nothing. Like you can just totally
| spoof the domain entirely.
|
| However if you use transport rules as per their rec,
| there's all sorts of stuff that will still get flagged,
| and you have to to reference ATP, anti-phishing, anti-
| spam policies. Much of which aren't even in the Exchange
| admin panel, rather they are in "security" and buried in
| hamburger menus galore.
|
| And what's best. They don't even have any documentation
| for how these modules interact or what order mail is
| processed in. I had a case open for months thst finally
| got escalated to someone that was able to explain the
| issues we had with specific list serves/domains getting
| flagged.
|
| In the end my only option was to whitelist emails classes
| as phishing and route them to junk rather than keeping
| them in quarantine. Even though it was a 99% accuracy
| rate sans this single domain.
|
| The guy was really only able to commiserate with me. We
| are but a number and not a big enough one to get Ms to
| change a thing. Their best recommendation was to deploy
| an edge device like proofpoint/proofpoint hosted and just
| handle it from there.
|
| I get what they want to do. They are trying to make the
| crazy email RFCs easy for devops guys thst don't give a
| damn about how e-mail works. But it's still hard to keep
| up with as they constantly just move stuff around and
| change their own standards on a near monthly basis.
| anamexis wrote:
| That safesenders list thing sounds insane. How many
| companies add their own domain to that?
| croutonwagon wrote:
| Well....that's how I found out about it when I took on my
| current role. We had pretty solid phishing attempt slip
| through. I was able to spin up a VPS as test it on mine
| and some other known tenants as well (with their
| permission). And since o365 uses a predictable name for
| their SMTP receivers for a tenant (domain-com-net-
| whatever.mail.protection.outlook.com)its easy to kind
| of....select targets and test it out.
|
| So even if its not listed on the domains MX record but
| you can suss out they are an office365 tenant receiving
| mail, you may be able to relay off it and spoof to high
| heavens (especially if the edge device reccomends
| you....ahem...whitelist your own domain and not use
| transport rules). In fact especially if you can do this.
|
| For example i think MS forced proofpoint to change their
| config recommendations as an outcome.[1]
|
| from the page on [1]:
|
| "Due to major complaints, Proofpoint has opted to change
| change to the format of ensuring Proofpoint mail is not
| scored via the O365 system. This rule will allow external
| email to come in still, but will follow O365 scoring.
| This is to ensure no mail is lost."
|
| [1] https://web.archive.org/web/20200807173336/https://he
| lp.proo...
| ananonymoususer wrote:
| I've been running my own (and other) email servers for over
| 25 years. About four years ago I switched mine over from
| sendmail (with a bunch of add-ons like spamd/spamassassin,
| rbl, etc.) to mailinabox. Mailinabox is full-featured,
| secure, and reliable. It doesn't take anywhere near the
| level of effort required to maintain vs. other solutions.
| gnopgnip wrote:
| Cream does cloud backups for office 365. Most other business
| focused backup software will do mail server backups in some
| form
| SteveNuts wrote:
| iredmail does this pretty well
|
| https://www.iredmail.org/
| [deleted]
| codazoda wrote:
| I use a domain, registered at Namecheap, and I forward to my
| gmail account. If gmail "goes away" I simply configure my
| email to forward elsewhere. If I'm unhappy with Namecheap
| forwarding, I point my DNS at another forwarding provider. If
| I'm unhappy with Namecheap, I transfer my domain to another
| provider.
|
| It gives me all the flexibility I need with almost no work or
| maintenance.
|
| There are enough mail providers that I could easily switch to
| that I don't need a piece of software. Switching from gmail
| to yahoo, proton, apple, outlook, or juno is a simple domain
| adjustment and has me back receiving mail within the TTL
| period.
| mwexler wrote:
| When you reply to emails, does google let you put your
| custom domain address as the sender so folks don't see the
| underlying gmail address?
| trillic wrote:
| Yes.
| pas wrote:
| In fact Gmail requires you to add your SMTP if you want
| to send from a non-gmail address.
| kaetemi wrote:
| But what if... the TLD owner decides to 10x the domain
| price?
| deadbunny wrote:
| As someone who de-googled about 5 years ago by buying a
| nice three letter .io address this hits right in the
| feels.
|
| I could go through the process again (not fun) with some
| ridiculously long .com/.net or other OG tld which are
| probably somewhat more resistant to rent seeking
| practices like this or I just suck it up and hope it
| remains pricey but not egregious.
| kaetemi wrote:
| Are there any truly "community-owned" TLDs for the tech
| community? Would such a thing be possible and/or useful?
| noizejoy wrote:
| For Canadians, .ca seems a generally well behaved and
| managed TLD under community control.
|
| EDIT: .ca is not particularly tech community related, but
| that doesn't matter to me.
| cubesnooper wrote:
| For personal domains, I bite the initial cost and buy the
| domain for 10 years, then every year top it up to 10
| again. For a $20/yr domain that's only $200 up front, and
| if the cost suddenly goes up or some other TLD policy
| changes that I hate, I have plenty of time to gradually
| move to a cheaper/better domain.
|
| One thing I'm not sure of is what happens if I want to
| switch _registrars_ in that time--will the full 10 years
| of ownership transfer to the new registrar?
| kQq9oHeAz6wLLS wrote:
| Transfer the domain. You can generally find a deal for
| transferred domains.
| zbuf wrote:
| Does gmail actually trust the incoming forwarded email? Or
| mark a lot of it as spam.
|
| My understanding is that SPF makes forwarding like this no
| longer possible if the original sender's address is to be
| preserved.
| shartte wrote:
| If they are using GMail for work, the DNS just points to
| GMails actual server and authenticates using DKIM as
| well. Google for Work will provide you with the necessary
| DNS entries to set. Obviously this will not work with
| their free offering, you'll need to fork over $6/month
| for this.
| spadros wrote:
| > Sending your mail yourself is the real hard part
|
| No, having quality spam and fraud filtering, and quality
| security, that you host yourself, is by far the much harder
| problem. I would argue that outsourcing your email to Proton or
| Tutanota is not running your own "artisanal" email server. By
| the way, even with those email providers, I still have terrible
| spam and fraud emails getting through filters that I never
| would have seen with my GMail.
| tjoff wrote:
| Well, on the flip side unless you constantly check your spam
| folder (which pretty much completely defeats the purpose of a
| spam filter) you most definitely have lost important mails
| thanks to gmail.
|
| I just don't see what people see in gmail part from the
| google brand - which surely isn't a good thing anymore.
| coffeecat wrote:
| I'm not here to be a Google apologist, but in the 10 or
| more years that I've used gmail, I don't think I've ever
| had an important email go to spam.
| avsteele wrote:
| Google workspace sends yes/no meeting confirmations that
| you make in workspace, to people within your own
| organization, to spam unless you specifically make a rule
| to allow them.
| bbarnett wrote:
| Incredible.
|
| Most people I know? It is almost a daily occurrence.
| Including if senders are in address books, and "not spam"
| is clicked when found in the spam folder.
|
| Most people I know see legit emails in the spam folder,
| all the time.
| lytefm wrote:
| For me, this was the main reason to move away from
| MSFT/GMail to Mailbox.org where I could set the Spam filter
| to as low as they'd allow.
|
| So far I've been lucky to rarely receive actual spam, but
| I've often missed out on important emails too often.
| kiwijamo wrote:
| I still have a @gmail.com account and every time I check it
| there's a whole lot of spam sitting in the inbox waiting to
| be classified as spam. Very strange as my main address (which
| I've had as my main address for almost 20 years) is on
| FastMail and hardly gets any spam despite the address being
| much more exposed e.g. it's found on many public mailing
| lists and it's been part of more data breaches than I can
| count. Yet it's Gmail that gets the torrent of spam including
| many obvious ones ending up in the inbox. YMMV of course but
| I don't rate Gmail highly compared to FastMail and even
| Office365.
| jpalomaki wrote:
| Security of your own domain depends a great deal on the
| security of your domain registar and dns provider.
|
| If you are going this route for security purposes make sure
| they have proper policies and are not a susceptible to social
| engineering.
|
| At least Cloudflare is offering such thing, but it's enterprise
| option [1]. I would assume many others have similar offerings
| as well.
|
| [1] https://www.cloudflare.com/en-
| gb/products/registrar/custom-d...
| koolba wrote:
| There's a midpoint at #1.5 where you control the domain and
| rely on an external host, but also have a continuous archive of
| your historical mails on your own server. Otherwise with a
| standard IMAP setup, if your provider locks you out, you're
| limited to only the most recent N messages on connected
| devices.
| charwalker wrote:
| Buy a domain for $20, get a GSuite account with it for $6 a
| month or similar, then archive all your mail via Outlook or
| your desktop email app of choice. You also get a lot of other
| tools and storage space for very low cost which I find
| useful.
|
| It's still using Google but it allows plenty of control and
| management, and I can take my domain anywhere with minimal
| stress. It's a decent compromise.
| danlugo92 wrote:
| > $6 a month
|
| Zoho has a $1/yr plan.
| indigodaddy wrote:
| And Yandex has a $0/yr plan (unless they got rid of it
| and I'm just grandfathered, not sure..)
| Zopieux wrote:
| Can't find anything below ~1/month at zoho for just
| mails; care to share a link?
| bxparks wrote:
| Just make sure that you use a different domain registrar
| than Google Domains, and make sure your admin email address
| is not gmail. Because if Google bans your account, you will
| be totally screwed.
| patja wrote:
| You can have the best of both worlds with self-hosting received
| mail and achieving good deliverability by using a service such
| as Amazon SES. SES will probably cost you less than $10 a year
| for personal email sending volumes. I use it for my business
| and it is less than $15/yr. Rarely get a bill for more than $1.
| They hold you accountable for any abuse/complaints, which is a
| good thing.
| OJFord wrote:
| I use it for personal use, would also recommend. It's not
| 'self-hosting' of course, but that's not what I actually care
| about personally, more interested in 'running my own'
| regardless of whether it's physically my hardware or not.
|
| (Or rather given everything I've read about self-hosting
| email, _not_ regardless, this is my preference...)
| tarunupaday wrote:
| This is great advise. I do #1 and #2 but not #3. I use
| sendgrid.com for #3. They have one of the highest (if not the
| highest) deliverability rates in the world and mails arrive
| really fast (faster than gmail).
|
| As a bonus: I get to see report which of my emails were
| classified as spam or not opened.
|
| Also, first 100 mails per day are free (which has been enough
| for me so far).
| noizejoy wrote:
| Using sendgrid would seem to have similar or worse privacy
| implications to using gmail, outlook and their ilk.
| vultour wrote:
| You put tracking pixels into private emails? That's pretty
| upsetting, luckily I've had images disabled for years.
| [deleted]
| nimbius wrote:
| you could argue dmarc, dkim, and SPF were all invented as
| barriers to entry for small mail servers as the majority of
| internet SPF is permissive and the majority of DKIM is
| misconfigured. imo, senderbase and other reputation/policy
| proprietary shit-lists used by anyone with a Symantec or Cisco
| email product only served to convert the unwashed to a
| corporate license as most of these mechanical turks just paid
| the same spammers by night to show up in a delhi office complex
| day job to identify their own campaigns. DMARC and DKIM/SPF
| just wrapped email in a mandatory layer of arbitrary complexity
| to "solve" a problem that RBL's had largely managed to tackle
| as an independent entity.
|
| that they exist in part to force the hand of small companies
| and users to simply submit to a big player for their email is
| something i have long considered.
|
| DISCLOSURE: I proudly run my own email server.
| dmw_ng wrote:
| > Sending your mail yourself is the real hard part
|
| It's possible to punt on this by using SES for outbound, while
| continuing to handle inbound a different way. Obviously SES
| doesn't count as fully self-hosted, but it does solve (or at
| least significantly ameliorate -- zero issues here) the
| reputation problem
| judge2020 wrote:
| I think that's what they're talking about in terms of 'you
| don't send your own mail', but it is a good solution and
| SPF+DKIM means you should have very few issues with
| deliverability and reputation.
| blibble wrote:
| spammers tend to set up SPF/DKIM
| judge2020 wrote:
| I mean that SES gives you SES IP reputation, and they
| force you to have a low bounce rate & complaint rate,
| thus SES specifically is usually not blocked by big
| providers nor small enterprise networks.
| gruez wrote:
| >It's possible to punt on this by using SES for outbound
|
| How does this work? Do you just sign up for aws, then set
| your outbound SMTP to whatever SES provides?
| z0f wrote:
| Yep, you just configure your outbound SMTP server to be the
| SES credentials and adjust your SPF/DKIM records.
| Icathian wrote:
| I've done #1, it didn't occur to me that you could split up #2
| and #3. That sounds like a really interesting project. Thanks
| for the idea!
| xchip wrote:
| Having your own computer with Linux should also be considered an
| artisanal choice and quite an unpractical one.
| 6c696e7578 wrote:
| qmail since 2003. No intention of changing, well, maybe to
| postfix.
|
| There's several advantages for me, I can easily backup Maildir
| with find -mtime +90, tar and purge.
|
| Using mutt to read my own mail makes filtering off spam very
| easy.
|
| Maybe gmail has some advantages, somehow the domain looks more
| "professional" than hotmail or outlook addresses do. Can't
| explain that though.
|
| If you run your own mail, you have a domain, so running your own
| web site comes naturally too.
| jms703 wrote:
| This. Also, your email isn't secure just because you host your
| own server. Once you've sent or received email, you longer have
| control over that data.
| bruiseralmighty wrote:
| Not to accuse any one person specifically of anything nefarious,
| but I do find the historical timing of these articles bemoaning
| self-hosting of email rather odd.
|
| Currently, there are only a handful of large technology companies
| in control of most of the world's inbox. Google is the first that
| comes to mind. At the same time we've just had some of our most
| highly publicized hearings involving these tech companies
| (facebook and google) as well as our first hearing on
| cryptocurrency and the larger web3 infrastructure. There is a
| rising public awareness and therefore political will to regulate
| these technologies and companies. This would formally fold google
| and the like into the USG despite their long standing less formal
| arrangements with the intelligence agencies.
|
| The one way to make this regulation and upcoming legislation
| moot? Decentralization by any other name. Self-hosting of email
| servers, or distributed computing and storage with web3. Perhaps
| its is only my latent paranoia, but I can't help but shake the
| feeling that the glut of the 'don't bother hosting your own email
| server' sentiment is, at least in part, artificially amplified in
| order for the coming formal regulations to have more of an
| impact.
|
| It wouldn't surprise me at all if google themselves was helping
| to facilitate this in order to steer conversation towards
| stalling any potential competitors as a part of the new
| regulatory framework. It is for instance a lot easier to argue
| that outlawing self-hosting of email servers (or requiring a
| license to do so) makes a lot more sense if you can point to a
| 'general public sentiment' that hosting your own email server is
| 'too complicated' and 'less useful' and 'less secure' and
| therefore would only be done by antisocial actors such as
| 'criminal elements' and 'terrorists'.
|
| Seeing as we are at the cusp of a new distributed infrastructure
| movement, all this feels like preemptive damage control to me.
| epaulson wrote:
| My email is still the free/legacy version of Gsuite, from before
| it was called Gsuite and it was just a way to have your own
| domain but serviced by Gmail.
|
| It's kind of a pain, because it's both not really a Google
| account, but also not a real Gsuite setup, and Google keeps
| quietly removing features from the legacy version of Gsuite. (You
| used to be able to use an external SMTP server to send as a
| different domain, but Google removed the UI to configure that in
| the free version)
|
| I've been really hesitant to upgrade to modern Gsuite, because
| I'm worried about upgrading and having something go wrong in the
| process - Google support doesn't have the greatest reputation.
| yosamino wrote:
| > Your IMAP access might be as good as theirs, but things like
| your webmail, your spam filtering, and almost certainly your
| general security will not be as good as they have.[...] >
| Especially, open source can't compete on features like webmail
| and performance in things like spam filtering.
|
| If anything roundcube is a better webmail client than many of the
| mail-provider ones. And that's ignoring all the ads and tracking
| that these come embedded with, even if you pay for them.
|
| I haven't used gmail-for-organizations but if it's anything like
| the normal gmail interface then ... I guess some power users will
| prefer it? But in my experience many people prefer roundcube,
| because it's simple and usable. Not that it's perfect or better
| in all the ways, it's just from my experience and the users I
| talk to, it is just as good and fills a need that gmail doesn't.
|
| Same goes for spam-filtering. It's not that
| spamassassin/amavisd/rspamd/postscreen/RBLs/whatever is 100%
| perfect, it just get's you pretty far, and from my experience
| also gmail, as the main contender, has varying success on how
| close they achieve 100%.
|
| And even security is not magic. A large mail provider doesn't
| have access to magically different security tooling than everyone
| else. They have a threat model that is slightly different and
| their scale allows them to do some things that not everyone can.
| But wrt to one's userbase it's perfectly possible to be "just as
| secure".
|
| Running your own org-mailinfrastructure is certainly not
| "artisanal" - for some reason this comes off slighly dismissive
| in the article - it's just that, as anything, it's work that you
| have to want to invest in. A trade-off where it often does make
| sense to outsource. But then email is not so different from any
| other service you want to provide.
|
| ... but then I see that the article seems to partially be writing
| off of the experience of using the U of Toronto mail system,
| which seems to be using squirrelmail and procmail. I didn't even
| know squirrelmail was still developed - this impression kind
| supported by there being no news between 2013 and October 21,
| 2021 on the frontpage https://squirrelmail.org/ while procmail is
| unsupported since approximately forever (it _feels_ like pre-9
| /11 but I am not sure).
|
| If you compare _that_ experience with outlook.com - then I can
| certainly see why one could come to the conclusion in this
| article.
|
| EDIT: Heh: my guess of procmail being pre-9/11. Wikipedia says:
| "Final release 3.22 / September 10, 2001"
| goodpoint wrote:
| > A large mail provider doesn't have access to magically
| different security tooling than everyone else.
|
| Actually various big FAANG companies have very privileged
| access to vulnerability disclosures.
|
| However, the threat model can make small mailservers way more
| secure. Breaking into gmail is worth billions.
|
| Breaking into your personal mailserver is not worth the time of
| any skilled attacker unless you have very valuable secrets.
| sascha_sl wrote:
| Also, a lot of software in the field has never made sense to me.
| I know what the parts do, but I couldn't tell you how to assemble
| it all. It all seems very old and seperate software more for
| historical reasons than anything else.
|
| I ran mailinabox for a year or two, but eventually I just didn't
| want to maintain a piece of software I didn't understand where
| the documentation seemed actively hostile and presumptuous about
| me having read all the other parts. I'm sure the postfix docs
| make an okay reference, but understanding it as a whole, god no.
| I'd rather do Kubernetes from scratch.
|
| Fastmail is just fine for me.
| joshdata wrote:
| > I ran mailinabox for a year or two ... the documentation
| seemed actively hostile
|
| Maintainer of Mail-in-a-Box here. I'm sorry you had that
| experience. Definitely was not the intention of the project to
| be hostile (but I can see how it might come off that way).
| sascha_sl wrote:
| Hi Josh. I should've specified I meant the postfix
| documentation here. MiaB was wonderful, save for maybe
| skipping one Ubuntu LTS and leaving not quite a lot of time
| to migrate.
| TheOtherHobbes wrote:
| Postfix and Dovecot are classic magic word projects -
| completely useless unless you can work out the magic words, and
| then they work fine.
|
| The docs for magic word projects never to seem to prioritise
| essentials. So [obscure feature someone last used in 1984] gets
| equal billing with [essential fundamentals] and you have no
| idea which is which because - you haven't understood the docs
| yet.
|
| I'm still running my own servers. I sorted out the spam issues,
| and they're basically zero maintenance now. But it certainly
| took a while, and a fair amount of copying other people's ideas
| of what a config file should look like, with plenty of trial
| and error.
| ssl232 wrote:
| Agree regarding learning the magic words. There''s probably
| no substitute to just diving in and setting up a server with
| a domain you can afford to get blacklisted for a few weeks
| while you make mistakes. But once you know the magic words,
| Dovecot's documentation is actually fairly decent these days:
| https://doc.dovecot.org/.
| throw0101a wrote:
| Useful step-by-step instructions:
|
| * https://workaround.org/ispmail
| fareesh wrote:
| If I have business outcomes that are dependent on people
| receiving my emails, it's difficult for me to be in a situation
| where the other person may need to, at some point, be told that
| they aren't getting my emails because I'm on some kind of
| "hipster email system" which they are no doubt going to perceive
| it to be.
|
| They're probably going to wonder why they are wasting their time
| with me when I can't even get something "as simple as email"
| right.
|
| For personal email I'd probably consider it.
| tommek4077 wrote:
| Hipster mail system. Also known as "mail like we've done it the
| last 4 decades". Strange!
| Underphil wrote:
| I think the commenter was trying to prove that point. It's
| not a hipster email system, but non-technical folks will
| perceive it as such.
| zyftay wrote:
| It is a wonderful world we live in. Everything from salary
| negotiations to love affairs is on someone else's servers, all in
| plaintext. Apart from email this also applies to Slack, which is
| a goldmine for keeping dossiers on developers.
|
| This is one thing the authoritarians like Biden (Clipper Chip,
| Patriot Act) won't want to fix. There will be no law that
| companies with more than 100 employees must accept mail from
| individual servers (they would still have the correspondence
| anyway, but it would be a start). There will be no law that all
| mail must be encrypted.
| tootie wrote:
| I think you can extend this a whole host of other domains. A lot
| of the bread and butter of 2000s era IT departments are being
| replaced with a highly competitive SaaS market. Building brochure
| sites, email, CRM, CMS, e-commerce, directory services,
| accounting and ERP. Twenty years ago you'd do a months-long
| procurement process for enterprise licenses, set SLAs, size the
| hardware, buy servers, hire integrators and you'd get your
| software up an running in 8 months if you're lucky. Now you type
| your credit card into a website and get unlimited capacity and
| 99.9% uptime instantly.
| jacquesm wrote:
| Except of course that it isn't an artisanal choice, a very
| practical one that is made increasingly impossible by the few
| very large email providers that are left. It should be as simple
| as hosting a web server.
|
| Speaking of which, how long before it won't be possible to host
| your own web server?
|
| On another note: the biggest source of spam is gmail itself, and
| guess what, that makes it to my inbox just fine, because what
| could possibly be wrong with someone using google as their
| source. Spam was annoying but it was never an actual problem. The
| consolidation of the internet into a handful of players _is_ a
| problem.
| alufers wrote:
| > Speaking of which, how long before it won't be possible to
| host your own web server?
|
| It's increasingly getting harder and harder. Recently I was
| trying to watch a TV show with my friends using a self-hosted
| Plex server, which was located in one of my friend's house,
| connected via a gigabit, albeit residential link. Another
| friend was using LTE internet at that time. He couldn't watch
| the show, because his connection was so slow, but when he did a
| speed test the download speed was good enough (100+ Mbit).
|
| Turns out the mobile carrier was throttling connections to
| select IP ranges to about 1 Mbit (we tested that with a few
| other IPs). I reckon it was to cripple peer-to-peer protocols.
| So I guess it's a matter of time until you will be allowed only
| to connect to certain IP addresses owned by the biggest
| companies (AWS, Azure, GCP) and nothing else.
| velcrovan wrote:
| Why net neutrality would have been nice, exhibit 78
| kortilla wrote:
| Net neutrality wouldn't fix this is if the issue is a
| peering problem (which is very common today). The internet
| has become so centralized that ISPs cheap out on transit
| and just direct peer to all of the big content providers.
| tdrdt wrote:
| _" Except of course that it isn't an artisanal choice, a very
| practical one that is made increasingly impossible by the few
| very large email providers that are left. It should be as
| simple as hosting a web server."_
|
| I don't get this one. How do large email providers make it
| difficult to host your own email?
|
| I host my own email. It was a pain to setup so I try not to
| touch it since it is running fine. Setting up email on your own
| server is just complicated unless you install server management
| software. I am not sure big email providers are to blame for
| this.
| vetinari wrote:
| > How do large email providers make it difficult to host your
| own email?
|
| By not delivering mail sent by your mailserver to mailboxes
| hosted by them. There's not much use for an own server, if
| your mail won't be received by most users on gmail or
| hotmail.
| hamilyon2 wrote:
| Even if your ip address/domain is not in the blacklist right
| now, it only takes a few people marking your correspondence
| as spam for it to be blacklisted. Since everyone is on these
| big free providers, nobody will ever see a single email from
| you any more. With less centrally controlled email, that
| would not be possible. I think that is the problem everyone
| is talking about.
| grishka wrote:
| People generally know to check their spam folder if they're
| waiting for an email but it doesn't arrive.
| kiwijamo wrote:
| I generally don't check my personal spam folder. I've
| honestly not seen any false positives with Fastmail. But
| I certainly do have to check every now and then for my
| work O365 account which is pretty bad at marking
| legitimate mail as spam. YMMV of course.
| teekert wrote:
| You'll get it when Microsoft decides you are a spammer for no
| other reason then sending email from port 25 from your house.
| Or when you can't seem to sign up for a service... until you
| use your old Gmail address.
| matt_heimer wrote:
| Yeah, there was (is?) a period of time where viruses were
| used to send spam so if you got infected you'd suddenly be
| sending out a lot of SMTP traffic from a residential IP
| address. The entire industry adopted the practice of not
| trusting residential ips. Then the spammers shifted to
| cheap VPS providers and ip and netblock black lists became
| more common.
| jacquesm wrote:
| > How do large email providers make it difficult to host your
| own email?
|
| By randomly marking your email as spam without any recourse.
| This may be because they blacklist your provider en bloc,
| your IP address or some subnet, because they feel like it,
| it's Tuesday or because their spam filters suck.
|
| But it happens and it happens often enough that running a
| business in that way will cost you money, sometimes lots of
| it.
| Retric wrote:
| Business use of email tends to look a lot like spam and
| people mark it as such. An appointment reminder or
| notification that something just shipped is generally fine.
| Send out mass notification of your holiday sales and that's
| going into someone's spam folder.
| monsieurbanana wrote:
| > generally fine
|
| So you're saying that anything can get you blacklisted if
| you're unlucky enough? I think that's the point of the
| people you're arguing with.
|
| At this point we just need to figure exactly how unlucky.
| Retric wrote:
| Not so much a question of luck, sending out sipping
| notifications that for example include advertising is
| risky. Sending a high volume of appointment reminders for
| the same appointment is similarly problematic.
| jacquesm wrote:
| I've never done any of that.
| Retric wrote:
| I don't mean that's the only way to trip up, there are a
| lot of unspoken self hosing email rules. Don't use public
| data centers, don't send news letters etc.
| feanaro wrote:
| My email server is only used as a personal server for a
| few select friends and family. They absolutely do not
| send and have never sent anything that could remotely be
| considered spam. Everything in our setup is picture
| perfect (SPF, DKIM, DMARC, PTR records, etc). We still
| can't get email onto Microsoft's servers without it being
| marked as spam.
| rsync wrote:
| "By randomly marking your email as spam without any
| recourse."
|
| Correct.
|
| I'd like to describe how badly this is implemented:
|
| I run my own mail server and I have a 15+ year history of
| emailing (mywife)@gmail.com.
|
| _On a regular basis_ (mywife)@gmail.com will email me, and
| I will _respond to her email_ and my response will go to
| her junk /spam folder.
|
| And there is no alert, no bounce, no notification.
|
| Let's unpack this:
|
| Google (gmail) knows that these two email addresses
| converse back and forth, regularly, with a 15+ year
| history. Google knows that their own user initiated this
| conversation. Google knows my email is a response to their
| users email. Google knows my address has never been marked
| as spam/junk.
|
| So, what kind of _unimaginably bad_ heuristics would have
| to be in employ to allow this to happen ?
|
| To be honest, this wouldn't bother me that much - I don't
| think google owes me anything and my wife doesn't pay for
| their service. _What makes me so, so angry_ is that they
| behave this way without any notification or bounce email.
|
| That's just shitty.
| jacquesm wrote:
| Same here. And I can't even forward mail from one inbox
| to another because it invariably gets marked as spam. Two
| mailboxes, same browser, same IP.
| feanaro wrote:
| See the Digital Markets Act in the EU. It could be a way to
| force large corporations to cooperate.
| emteycz wrote:
| While completely abandoning hope for the small players in
| the process.
| [deleted]
| Kwpolska wrote:
| The problem with e-mail, and with other forms of
| communication, is that two parties (or their service
| providers) need to co-operate. You can run your own e-mail
| server just fine, but Google, Microsoft and friends might
| consider you to be a spammer or silently block your e-mail
| just because.
| indigochill wrote:
| What if email was based on a whitelist instead of a
| blacklist? So you'd only receive email from addresses of
| people you've already established contact with some other
| way (maybe using conventional email)? This eliminates spam
| and if the big providers supported this, it could also
| enable them to stop blackholing innocent servers (though
| whether they care is another question).
| Anadorr wrote:
| There's quite a lot of small providers left and thriving - I've
| recently migrated from Gmail to mailbox.org, set up inbox
| encryption with my own key and can't be happier about it.
|
| It's not as feature-rich as Gmail, and webmail with your own
| encryption key is not usable, but desktop (Thunderbird) and
| mobile (K9 mail) clients fully cover my use cases. Cheaper than
| Google Workspace, too.
| LinuxBender wrote:
| _Speaking of which, how long before it won 't be possible to
| host your own web server?_
|
| Maybe its just a matter of time for some. For me personally, I
| could not possibly care less if all the _free_ mail providers
| blocked me some day. If something is important I can call
| people and tell them to go to https://mydomain.tld/theirName/
| to grab files. I have used this method with non technical
| people including lawyers without issue. They prefer of course
| to use their own _secure_ portals. I do acknowledge that
| running my own mail server may get more expensive with time as
| I may have to use providers that and more vigilant about
| keeping abusers off their network.
|
| As for web servers why would I not be able to run my own
| servers? I can rent VM's, physical servers, racks, cages.
|
| I am just speaking for myself but I will never give in to the
| bully anti-competitive behavior of the likes of Google and as
| for ISP's I will not use one that blocks ports or protocols. If
| there is any blocking to be done it must be done by me. I would
| never fund an ISP that uses CG-NAT or rate limits something by
| protocol or port. I realize some people have limited options
| but at least in terms of blocking and rate limiting, those
| ISP's are shooting themselves in the feet given that providers
| like Starlink and various 5G providers will be more common
| place soon.
| emteycz wrote:
| GSuite and Office 365 are not free, and make security
| guarantees to their customers.
| pjc50 wrote:
| > biggest source of spam is gmail itself
|
| [citation needed]; is this actually going out from gmail or
| does it just use gmail return addresses?
|
| I too used to run my own email from about 2000-2010, but the
| maintenance overhead is quite stressful especially because it
| always happens for critical times or critical emails.
| ancarda wrote:
| Almost all spam I receive is from Gmail. It's gotten so bad
| I've actually setup a filter that routes everything from
| @gmail.com into spam - except for some whitelisted email
| addresses. G Suite is fine, it's only @gmail.com that is an
| issue
|
| And yes, it's genuinely from Gmail; valid SPF, valid DKIM,
| came from a Google IP address, etc...
|
| To say the biggest source is Gmail might be _technically_
| wrong though - I suspect there 's a large volume of spam that
| Migadu (my provider) is dropping before it even reaches my
| inbox, i.e. emails that it is 100% sure are spam and it can
| just drop. Nevertheless, an overwhelming amount of spam I
| observe/have to deal with is coming from Gmail. Second to
| that is outlook/hotmail.
| zkldi wrote:
| > To say the biggest source is Gmail might be technically
| wrong though - I suspect there's a large volume of spam
| that Migadu (my provider) is dropping before it even
| reaches my inbox, i.e. emails that it is 100% sure are spam
| and it can just drop. Nevertheless, an overwhelming amount
| of spam I observe/have to deal with is coming from Gmail.
| Second to that is outlook/hotmail.
|
| This. It's more likely to be survivorship bias -- the gmail
| emails happen to survive because gmail is more trusted.
| kiwijamo wrote:
| When I ran my own mail server some years ago I was shocked at
| the amount of spam originating from Google. Definitely their
| IP addresses as I would routinely get other legitimite mail
| from the same IP ranges. Was quite a challenge dealing with
| these spam as it wasn't as simple as blocking their ip ranges
| as the vast majority of my personal contacts use Google.
| Never saw the same from Microsoft, Apple, etc.
| Lex-2008 wrote:
| Re: [citation needed];
|
| > Gmail obvious spam still #1 in the quarantine folders..
|
| -- Michael Peddemors, President/CEO LinuxMagic Inc.
|
| https://www.mail-archive.com/mailop@mailop.org/msg14526.html
| jacquesm wrote:
| The citation you are looking for is my inbox. That's the spam
| that still makes it through and there is quite a bit of it,
| conversely some ham consistently gets misclassified as spam
| or just simply disappears entirely.
|
| You are of course welcome to not believe me.
| tpxl wrote:
| I will echo this experience. An example of an email that
| made it through from a gmail.com account (abbreviated, it
| also contained links to some apps (the main purpose I
| assume) and much more text):
|
| shhr mjny `nd lshtrk lsnwy $ l'sy'l@ lshy'`@
| In 1979, LA residents were wearing masks -- because of smog
| Los Angeles Times staff photographer Boris Yaro
| photographed Sera Segal-Alsberg on Crescent Heights
| Boulevard in West Hollywood Segal-Alsberg, an artist-
| instructor, was en route to teach a class at the Los
| Angeles County Museum of Art llmzyd mn l'sy'l@
| -- In another sign of live entertainment's rebirth, Bruce
| Springsteen returned to Broadway over the weekend
| yqwm lmwZfyn btsjyl HDwrhm , nSrfhm lshrkt l`Sry@ m` lstfd@
| lqSw~ mn lmknyt lhy'l@ lty tqdmh ln tknwlwjy l`Sr 'w lhtf
| lmtHrk ( ljwl ) 'w dh knt tstkhdm lHsb fymknk stkhdm 'w
| ymkn lldry tHmyl hdh ltTbyq `l~ jhz tblt shtrk fy lnZm 10
| Diverse yet divided cities wHd 'w `d@ 'jhz@ thm
| yD`h shtrk fy lnZm tsjyl dkhwl fqT fy l'fr` lmsmwH lh
| bltbSym fyh | 'sbw`yn km 'n lmwZf ldyk ystTy` ltbSym fy
| thwn qlyl@ bryd lktrwny hw nZm lktrwny qwy wHdyth ystkhdm
| ltsjyl fhl ymkn stkhdm lnZm fy jmy` hdhh l'fr` 'dkhl bynt
| l'fr` n wjdt lmwZfyn Experts say the Delta
| variant poses a greater chance of infection for
| unvaccinated people if they are exposed The variant, first
| identified in India, may be twice as transmissible as the
| conventional coronavirus strains It has been responsible
| for the rise in cases recently in India, the United Kingdom
| and elsewhere fy mdkhl lshrk@ 'w 'fr`h lmkhtlf@
| ymknk l`tmd `l~ 'y jhz lktwrny Hdyth 'w Ht~ qdym fy tsjyl
| wmtb`@ tbSymt lmwZfyn , `rf lmzyd shtrk fy lnZm mjn , 'dkhl
| bynt lshrk@ wlmwZfyn
| necovek wrote:
| I've got a personal email server and an old gmail address from
| gmail-beta days.
|
| I've never used gmail itself (that model doesn't fit my mind),
| but O do use that Google account for some minor stuff.
| Unfortunazely, I've repeatedly gotten email targetted at someone
| else having same first name initial and same last name on gmail
| (address is in the form of FLastname@gmail.com). I've usually
| been able to get through to those people to stop them and to get
| them to reach their targets, but in the last 24 months, a lady
| from Michigan is repeatedly giving out my email address for
| everything (I've got covid appts, doctor appts, movie tickets,
| responses to home buying inquires...). I have no idea how to stop
| this: this would've never happened with any provider that's not
| owning like 60% of the market.
|
| I am constantly annoyed and I've considered both stopping mail
| forwarding from this account to mine (but then I might miss that
| YT premium notification) and I've tried reaching out to many
| humans on the other side. But I've so far resisted the urge to
| cancel those movie tickets or vaccination appts, but things just
| keep coming in.
|
| I can't imagine how are people not overwhelmed by wrongly
| targetted email: there's more of it than spam I get on my
| personal server, so spam filtering would definitely not move me
| towards gmail. And actual spam also gets through on gmail!
| efficax wrote:
| I also get an endless amount of email for a few different
| people with the same name as me at my Gmail from 2005. I used
| to try to deal with it but now it's just amusing, especially
| the photos, family chain emails etc. My name alike is Canadian
| so it's a little glimpse across the border
| multjoy wrote:
| >Unfortunazely, I've repeatedly gotten email targetted at
| someone else having same first name initial and same last name
| on gmail (address is in the form of FLastname@gmail.com).
|
| That's a user problem, not a technical one. (there is, of
| course, an XKCD for that).
|
| I've got a popular initials/surname combo and I have a number
| of doppelgangers giving it out. The one I feel most sorry for
| is the trumpist and his scary NRA/pro-gun mail. It's really
| fierce stuff, I'm glad it's going into my spam folder rather
| than in front of a real human!
| nkrisc wrote:
| I don't think you can stop it. I have to imagine that this
| woman doesn't have an email address and just gives out what she
| thought was a fake one, since so many things require it.
| Otherwise, how could she not notice she never receives
| anything?
| throw0101a wrote:
| > _Otherwise, how could she not notice she never receives
| anything?_
|
| She may be getting it at f.lastname@gmail.com.
|
| I signed up for Gmail the first or second day it came out
| with first.last@gmail.com, but hardly ever log(ged) in over
| the years. A little while ago I did go into it and noticed
| getting a bunch of message to firstlast@gmail.com.
|
| Now Gmail allows for 'customized' addresses in that you can
| drop a period anywhere and it will still go to your address.
| But this raised the risk of one person signing up with
| first.last and another person signing up with firstlast.
| _Supposedly_ this is prevented, but I think that they did not
| catch this situation in the early days of the service, and so
| a bunch of OG accounts have cross-contamination.
| GekkePrutser wrote:
| Yeah that dot thing is weird with gmail. Could very well be
| the reason. Good luck reaching a human to fix it though!
| [deleted]
| rwmj wrote:
| Someone signed up for an Amex card using my wife's gmail
| address. This was years ago, and she still gets the Amex
| emails regularly (like, between daily and weekly). It's
| incredible both that the Amex customer doesn't notice, and
| also that Amex has absolutely no method whatsoever for a non-
| customer to contact them and fix the problem.
| sys_64738 wrote:
| Somebody signed up with PayPal using my gmail but I can't
| reclaim it without providing sign up info. It works the
| reverse too.
| sen wrote:
| I have a very short gmail address from the beta days and get
| probably 5-10 emails a day addressed to accounts that
| absolutely aren't mine, Eg my username then a dot and another
| word, or my username spelled differently. I don't know why
| google thought fuzzy-matching emails was a smart idea, but it
| really isn't. I've gotten a lot of very private information and
| direct login links to a lot of stuff. I also get countless
| people putting my email address as theirs, to the point where
| I've given up trying to fix it and just delete it instantly.
|
| To even use that gmail address I need to basically whitelist
| senders and filter them into folders and ignore the inbox
| completely.
|
| Gmail, like so many of Googles services these days, is an
| absolute mess. Features no one asked for, blatant spam that
| gets through their checks while your actual emails go to the
| spam folder, and a constantly degrading UI that seems to be an
| experiment in how much you can annoy the user.
| skratlo wrote:
| > It's cute, decent enough, and hand-crafted, but it doesn't
| measure up in usability, features, and performance to the email
| infrastructure that is run by big providers
|
| What a BS, wake up dude.
|
| > usability, features, and performance?
|
| you really make me laugh, it's so bloated it's barely usable.
| lightlyused wrote:
| One of the big email providers that starts with a g has a really
| bad outgoing spam problem through their cloud api. Hard to block
| because you can't block them or you will miss real emails from
| them.
| kureikain wrote:
| I ran an email forwarding service https://mailwip.com (former
| hanami.run) that also support SMTP and IMAP.
|
| IMHO, gmail is the best company out there that can accept your
| emails. The most common issue with gmail is email land in spam
| but they learn quickly and very rare just outrage reject IP. as
| in, gmail won't relying solely on reputation of IP but based o
| sender domain or so.
|
| Compare with hotmail or icloud or some random email hosting
| service, they will reject your IP just outright.
|
| I would say it's definetely tough and stressful to run an email
| services for everyone, but if you run it for yourself only(so you
| know you're good and won't send out random spam), I will say it
| ins't that bad.
| atum47 wrote:
| I'm a well versed software engineer and even I had trouble
| setting up my email. After a while I realized it was not worthed,
| so I keep using Gmail, hoping I don't violate any of their
| policies or get tangled in the algorithm. As I see here, it's a
| hard thing to recover once this go wrong with big tech.
| tommek4077 wrote:
| So you are just not that well versed as you thought you are.
| GekkePrutser wrote:
| Yeah I stopped running my own. I kept getting blocked by
| Microsoft in particular (mainly consumer recipients at live.com
| and outlook.com, strange enough _not_ corporate O365 users!). I
| 'm 100% sure I did not send any spam, the only emails going to
| those addresses were legit from a family member. DMARC and SPF
| were all set perfectly, relays blocked, I was not on any spamlist
| and I never have been either.
|
| Literally every month I got blocked again because my server did
| not have enough reputation. Kept logging tickets to get it
| unblocked and then a month later it was back. One time I did
| manage to get a personal email back from a guy in India. Said
| that it was because my mailserver did not send enough legitimate
| mail for their algorithm to trust it.
|
| So the lack of spam is not enough anymore to be blocked. You
| actually have to send a load of legit traffic to build up
| 'reputation'. Now just being a small time sender is a problem.
| This way the big players can just carve out a bigger market for
| themselves. They basically break the decentralised concept of
| email by doing this.
|
| In the end I moved to O365, which felt bad because I didn't want
| to reward them for their behaviour. But we moved to it at work
| too and I wanted an instance with full admin rights to explore.
| My contract is up next year so I may change then if I can find a
| party that does it well and ideally cheaper.
| andix wrote:
| If you use hotmail.com a lot of legitimate email goes to spam.
| I see it as a problem of the hotmail users, not mine as a
| sender.
| davidhyde wrote:
| I tried office 365 for email this year but couldn't get the
| marketing emails from Microsoft under control. No matter how
| much time I spent trawling through the settings menus. Almost
| every email I got was about some security update or promotion
| from some ms product I did not use and had no intention of
| using. And I was paying for O365 too!
| GekkePrutser wrote:
| It is possible. I managed to stop them in the end. One of the
| many admin sites if I recall correctly (seriously, they have
| an office admin portal, exchange online admin, Azure Ad
| portal and everything is spread out across those)
| feanaro wrote:
| I host my own email and I have the same problem with MS.
| Perhaps this is something for the new Digital Markets Act and
| interoperability laws in the EU to handle.
| ssl232 wrote:
| You may just have been unlucky with your IP block having
| spammers. How were you hosting it - own ISP or another
| provider?
|
| I have not had deliverability issues for years with my Kimsufi
| (OVH France) server. While I am confident my server is well
| configured using best practices, I suspect some of it is also
| just luck not to be in the same IP block as a spammer.
| GekkePrutser wrote:
| I was using a colocation hoster in Belgium. They actually
| moved me to another netblock to test (they were a really nice
| small company). But the same happened.
|
| I heard Kimsufi is indeed pretty bad as it's so cheap people
| tend to use it for 'throwaway' purposes. It's basically the
| white label budget brand of OVH :)
| ssl232 wrote:
| I've had 2 kimsufi email servers and both were fine. It
| shares the same data centres as OVH so I guess IP ranges
| are similar. No problems with blacklisting based on
| anything other than my own misconfiguration so far, and
| it's been maybe 8 years.
| southerntofu wrote:
| I'm sorry this happened to you, but it's a shame. You end up
| giving money to your perpetrators and leaving the rest of us in
| the same situation you were in previously.
|
| Maybe a hosting coop could be an option? Large enough for
| reputation but ethical enough to still federate with smaller
| hosts?
| GekkePrutser wrote:
| Agreed. But I did learn a lot from it. I needed that because
| in our large organisation at work the admin rights are highly
| compartmentalized. And this way I was able to understand what
| other admins were and weren't able to do.
|
| You can actually get a free test tenant from MS for 3 months
| but setting up a real production environment is much better
| than doing some tests.
|
| But yeah I feel lousy about it.
| kiklion wrote:
| > This way the big players can just carve out a bigger market
| for themselves.
|
| Or it's because there is a near infinite number of domains so
| it's relatively simple for spammers to avoid bad rep blocks by
| grabbing new domains and starting fresh.
| GekkePrutser wrote:
| Yeah but then why keep putting me on the Blacklist every
| month? After I've been in touch so many times.
| mcbits wrote:
| > Said that it was because my mailserver did not send enough
| legitimate mail for their algorithm to trust it.
|
| In other words, a small self-hosted email server will be
| considered a spammer until it starts sending out large amounts
| of email? Maybe that can be automated...
| judge2020 wrote:
| 'large amounts' is also pretty relative, I'm sure if you had
| a small team of 10-25 employees on a self-hosted mail server
| (preferably with a static IP via the ISP) you'd be taken
| seriously pretty quickly versus only you sending an email
| once a week or less.
| bijant wrote:
| In theory it would be simple to provide a "cloudworkers
| cooperative" kind of service that just bundles the outbound
| mail so that traffic is sufficiently large to be whitelisted
| by the big providers. The two biggest problems are A. Scaling
| up sufficiently without attracting Spammers. Because even a
| single Spammer can ruin your reputation forever. So ideally
| you'd have a tight knit group of friends or similar. Even
| then you could hardly assure than no one ever gets hacked. B.
| Edge Cases. Even if your US or West European Traffic is
| sufficient to be whitelisted by all major Providers, how do
| you ensure that the occasional Email to a customer of an
| Indonesian ISP does not get blocked by their provider...
| southerntofu wrote:
| Yeah SMTP relaying is quite common. The problem is due to
| email architecture, to my knowledge, that same relay is
| going to be able to read your incoming emails because
| remote servers will block emails from user@endserver.org
| sent from relay.net unless endserver.org has MX entries
| pointing to relay.net.
| EvanAnderson wrote:
| That is less the case today. Back before SPF, absolutely.
| Today, with properly configured SPF records, not so much.
| jacob019 wrote:
| You can configure postfix to relay emails to certain domains
| through a 3rd party SMTP service like SES. The MS domains give
| all of us the same problems, there is no other solution.
| GekkePrutser wrote:
| Thanks I wasn't aware of this option. I'll consider it.
| Thanks for the tip! At least I'm not the only one but I'm
| sorry you're experiencing this too.
| judge2020 wrote:
| Moved away from outlook.com hosting a while ago since so much
| legitimate transactional email went to spam whilst actual spam
| easily got through. Now, when outlook forwards to gmail, gmail
| catch it before it hits the inbox.
| emteycz wrote:
| Corporate O365 users often have their own Exchange server
| (cloud or self-hosted) with custom configuration.
| bijant wrote:
| I had a very similar experience. Is there any cheaper option
| than just using aws SES nowadays ? (for outbound only! don't
| understand why people would pay the same rate for inbound) My
| concern is what happens when aws decides to massively increase
| rates...
| mhitza wrote:
| If you send from an ec2 instance is "always free" (tm) for
| the first 62k outbound emails each month and 1k inbound.
| upofadown wrote:
| Wait, is email spam still a thing? I only get a few spam a day
| and Spamassassin easily identifies them.
|
| I had assumed that the spammers had moved off to other mediums.
| Either that or they are specifically targeting big servers like
| Gmail and are leaving the smaller servers, with their varied
| (artisanal) anti-spam approaches alone.
| scandox wrote:
| A lot of it is luck. You can go years not seeing much of the
| really malicious spam and then one day you're on the list and
| you'll find yourself being bombarded with stuff Spamassassin
| doesn't touch.
|
| Especially if your organization is a potential financial
| target.
| upofadown wrote:
| Replying to myself...
|
| Another reason could be that I live in a country with very
| strict anti-spam and privacy laws (Canada). I have always
| assumed that spammers wouldn't care but who knows...
| flyinghamster wrote:
| If anything, it's worse than ever. The favored technique these
| days is "snowshoe" spamming, where $SPAMMER sends a trickle of
| spam from a large number of IP addresses. About the only way to
| stop it is to block the /24, and then they just move on to the
| next block of IPs they want to ruin. RBLs like Spamhaus are
| helpful, but there will always be a few spammer IPs that
| haven't yet been listed. SpamAssassin can be handy, but it's a
| pain and there's a lot of rope you can hang yourself with.
| Blocking certain TLDs outright (.cam is a good candidate not
| just because of this, but also the phishing potential) can be
| an option.
| GekkePrutser wrote:
| Even a service as big as Microsoft's has pretty bad
| spamfiltering though. It's slightly better than an untuned
| SpamAssassin config but it's really not a lot better.
|
| A lot of legit emails end up in my spam box.
| rwmj wrote:
| It never stopped. What is however more annoying are all the
| "marketing messages" from all the companies you ever bought a
| single thing from in your life. It's incredible how often some
| companies spam you with this (often more than once a day).
| Really not sure what they are trying to achieve, but for me
| it's the resolution never to buy anything from them again as I
| filter their whole domain permanently.
| jacquesm wrote:
| Those I usually forward to their legal department with a
| little extra bit that says that I have stopped doing business
| with them on account of their UCE.
| leephillips wrote:
| The article makes a string of assertions without evidence. For
| example, that an "artisinal" email server will not "measure up in
| usability, features, and performance to the email infrastructure
| that is run by big providers."
|
| One reason that I continue to run my own email server after more
| than a decade of trouble-free operation (thanks Postfix and
| Dovecot) is that it performs better than my Gmail account, which
| I maintain as a 3rd-level backup and for some email lists.
| Delivery and receipt from my personal email is so fast that I can
| use it for real-time conversations with anyone else on a good-
| performing server, almost like chatting on WhatApp. This doesn't
| work with Gmail, because it takes so long for a message to leave
| their servers. Plus on my own system I don't get the spam false
| positives that plague Gmail.
|
| Those are only two ways that a personal server outperforms Gmail.
| I can do plenty of other things with it, because I control it,
| that are impossible with Gmail.
| chmaynard wrote:
| > The article makes a string of assertions without evidence.
|
| Agreed, but the same observation could be made about most blog
| posts. The author is expressing his opinions based on
| experience and judgment. This particular author has a good
| reputation so HN readers take his opinions seriously.
| leephillips wrote:
| Fair enough. But in this case his opinions are incorrect and
| arbitrary.
|
| The reason I and many others maintain our own email servers
| is not to be "cute" (a word used in the article) but because
| we want _superior_ usability, features, and performance over
| what the major providers can offer. Otherwise, why would I
| bother? The only issue is that some people claim to
| experience delivery problems. Others, such as myself, say
| that delivery is at least as good as from major providers.
|
| And _receipt_ is far better than when using a big provider.
| Unlike the unfortunate users of hotmail, I actually get all
| my email.
|
| EDIT: And not only does (for example) Gmail run a poorly
| performing email service, but their web client for
| interacting with email is broken:
| https://lwn.net/Articles/837960/
| zzless wrote:
| I would agree that setting up a robust personal email system is
| difficult and may be exceedingly so for an organization of any
| significant size but I am not sure I would attribute that to the
| quality of services from large providers. Our organization (a
| university) outsourced its email to MS (outlook) and it is simply
| awful. No IMAP or POP, no forwarding (this is of course the
| policy of the university, not MS' fault per se), important emails
| getting lost as 'spam' (including some once in a lifetime
| conference invitations) just because they came from the outside.
| The search is a complete nightmare. No way to send mass emails to
| one's class with, say individually generated temporary passwords,
| which I can easily do from my own server. The interface is clunky
| to say the least. In comparison, even Thunderbird shines
| (although why TB cannot implement its quick search function for
| years now is beyond me). So it is not the quality that the big
| providers supply. Security, maybe (even though they are a large
| target by default) but not convenience.
| jodrellblank wrote:
| > " _simply awful. No IMAP or POP_ "
|
| Microsoft seem to disagree with you there:
| https://support.microsoft.com/en-us/office/pop-imap-and-smtp...
| realityking wrote:
| I suspect OP's organization disabled it. Not really
| Microsoft's fault but that how a lot of Enterprise products
| get a bad name - user hostile configuration.
| zzless wrote:
| As I mention in my post, this is the setting our admins chose
| so I do not blame MS for this (they support both, I know).
| Another setting they chose is to delete emails over six
| months of age and there is nothing I can do about it either.
|
| The search and the interface are entirely the fault of MS as
| are the lack of more subtle features such as mass emails
| (which I have to use often while teaching online).
| jodrellblank wrote:
| I read as "(No IMAP or POP) and (No forwarding which is
| University policy)".
|
| Mass emails via distribution lists are a thing -
| https://www.wisestamp.com/blog/managing-distribution-
| lists-i...
|
| As is sharing links to OneDrive content with a password on
| it: https://support.microsoft.com/en-us/office/share-
| onedrive-fi... (" _Set password: lets you set a password to
| access the file. When a user clicks the link, they will be
| prompted to enter a password before they can access the
| file. You 'll need to provide this password separately to
| anyone you want to share the file with._")
|
| (Poor quality sluggish Outlook client, dropping important
| emails into Spam, not being as configurable as a custom
| mailserver, hit-or-miss search results, those are all
| things I can agree with, I'm not _just_ defending it).
| GekkePrutser wrote:
| They are going to block standard authentication soon though,
| leaving only their 'modern' webbased authentication. So
| basically IMAP/POP as we (and our mail clients) know it will
| no longer work with O365.
|
| They've already delayed it a few times but they keep pushing
| for this.
| jrm4 wrote:
| Much more needs to be said about the _extreme_ advantages of
| paying someone vs. using a free service.
|
| I've said this for over two decades: If you have a business, or
| even just a lot of important stuff going on in email (which is
| like everybody); it strikes me as _insanity_ to not pay for the
| peace of mind that comes with "a human you can call up and say
| 'hey, why can't I get into my email' or 'hey, fix this please"
|
| Versus what SO MANY PEOPLE use, which is "It's possible that your
| email will be removed from you entirely and you will have
| recourse because no one has a contract with you to fix it."
| kortilla wrote:
| > not pay for the peace of mind that comes with "a human you
| can call up and say 'hey, why can't I get into my email' or
| 'hey, fix this please"
|
| That stance would make sense if that were an option with google
| hosted email.
| jrm4 wrote:
| I don't understand your comment? The stance makes sense now
| because it is an option with smaller hosting services. I use
| one myself.
| javajosh wrote:
| Still waiting for Fabrice Bellard to write a bullet proof stand
| alone imap smtp server in 5k lines of c. When that happens I'll
| self host!
| ChuckMcM wrote:
| It feels weirdly like people saying "this is all too complicated,
| only experts can handle it" which is giving up a lot of agency.
| Almost like "Big Tech" is shadow writing pieces to discourage you
| from trying to escape their grasp :-).
|
| Running your own email server and domain, for people who like
| systems, is fun. Just like people who do their own oil changes
| and car maintenance, or people who build their own furniture,
| etc.
|
| Interestingly enough, this suggests there are some startup
| opportunities for folks who want to make this stuff a bit easier.
| Three things I think would be interesting side projects would be
| 'spam killing' (Barracuda does this as a service for Enterprise,
| I bet you could do it in clever ways for individuals), "post
| office" which is a known good relay server with mail agents that
| you can forward your mail through (think Lets Encrypt but for
| mail delivery), and a remote access client for phones.
| Alternatively an AWS offering of a packaged mail server (think
| WPEngine but for mail) has possibilities as well.
| superluserdo wrote:
| I run my own personal SMTP and IMAP server and haven't found it
| too hard to maintain after the initial setup phase. The main
| problem I had with getting emails accepted was my lack of reverse
| DNS PTR records on my domain. If you're unable to fix that (eg,
| you're not using a commericial internet connection that allows
| this) the solution is just to use another SMTP relay service.
| Some, like SMTP2go, are free if you're only sending a personal-
| use number of emails a day/month. That way you're still in charge
| of everything except the relaying of outgoing mail, which is easy
| enough to swap out.
| tdrdt wrote:
| I run my own email. But I think it is a software problem.
|
| It would be nice of you could just install an email program that
| will set all the right settings for you. DNS, database, roles and
| rights, certificates, firewall and so on.
|
| There is server management software that can do this but then you
| have the same problem: it is just complicated for most people.
| pmlnr wrote:
| There is such thing: https://maddy.email/
| nix23 wrote:
| >This is not directly about the big providers making it harder
| and harder to send them email, although that doesn't help. It's
| because a quality modern email environment is big, complex, and
| takes a lot of work to create and keep running.
|
| Gosh...when people forget how to be a admin...
|
| >takes a lot of work to create
|
| True
|
| >and keep running.
|
| Not true
| ChrisMarshallNY wrote:
| I've run mail servers.
|
| These days, it's probably easier than it was, back then (about
| twenty years ago).
|
| It was a nightmare. I didn't do it for a living, so I was
| consumed by the task. It screwed up my other work, something
| fierce.
| jiggunjer wrote:
| I think nowadays given a choice between running my own email vs
| running my own matrix I'd try the latter.
| sbayeta wrote:
| I run mail-in-a-box on a $5 Linode. Very usable, never had an
| issue.
| pacija wrote:
| As usual, it is a financial one.
|
| Do you have ~30,000 EUR / year for skilled admin? Plus ~20,000
| EUR / year for hardware and other running costs? If you do, you
| can have your emails safely and reliably exchanged from your
| basement. If you don't, you can rent whatever on the 'net that
| suits your budget.
| dorfsmay wrote:
| This is not true. Regardless of how secure and properly setup
| your server is:
|
| Outlook blocks anybody that does not send enough mail, even if
| you've never sent any spam and are on a clean block. They're
| happy to let their users to send you spam, but ironically they
| still block you when you you try to report it to abuse. The
| good thing is they block you, so the email bounced and you know
| it wasn't delivered.
|
| Gmail classify messages to a user who has never communicated
| with you before as spam. This is silent, so you never really
| know if an email to a Gmail box has been filtered out as spam
| or not. Their abuse inbox accepts messages but I'm not sure
| they do anything with it.
|
| Basically, email has been hijacked by two companies.
| fguard wrote:
| I think those numbers are too high. Even if not, companies like
| Airbus have that money and are using G-Suite. So Google has all
| corporate information (does the swamp redirect some of it to
| Boeing?).
| adtac wrote:
| It absolutely doesn't cost 20k EUR/yr in hardware to run a
| email server, but the time sink is ridiculous.
| vbezhenar wrote:
| In my experience the time sink is high when you're setting it
| up. Then it's mostly zero.
|
| Though I'm not sure I'd recommend to invest into it. Back in
| the days that unix knowledge was valuable and setting up your
| own e-mail was a good way to learn thing or two. These days
| those skills are useless for most people, so I'd say use
| hosted mail and spend that time learning some more valuable
| skills.
| yyyk wrote:
| A lot of the comments are talking about people running their own
| _personal_ email server. However, the post is more about arguing
| that _organizations_ running their email infrastructure will
| become rare, and I 'm not sure I agree with the author's thesis.
|
| The challenges there are rather different. Spam is less of a
| problem: in B2B the correspondent is well-known and will be
| whitelisted quickly, while one can pay for extra spam filtering
| if needed. User experience isn't a biggie because frankly the
| biggest users aren't the ones paying. The real issue is TCO vs
| data independence - and in my limited experience I still see
| plenty of organization which still run Exchange (or equivalent)
| on their own domains.
| indymike wrote:
| Email is honestly not that hard to get right, but you do have to
| get a lot of stuff configured correctly for everything to work
| well. I've never had a lot of problems with blacklisting and at
| one point, was running about 48,000 messages per day sending
| marketing emails (ecommerce sites, to subscribed users) and
| transactional emails. Deliverability issues were few and far
| between, and most often were caused by MS Exchange admins at
| distributors (where we would send orders via email) who just
| didn't understand how the internet worked (like blocking all
| domains that weren't .com, .net or .edu). My favorite was one who
| blocked .io because he personally only got spam from that TLD.
|
| On the whole, just use a service makes sense in that the time you
| spend on email probably could be spent on things that make money.
| If you have an app that sends a lot of emails, understanding how
| it all works can be a very useful skill, too. So is learning to
| work with admins at big service providers.
| feanaro wrote:
| I advise everyone to take a look at the EU Digital Markets Act.
| This may be a unique opportunity to force large corporations into
| behaving nicely with others on the interoperability front and
| kill off their malicious monopolies at the root.
|
| https://interoperability.news/2021/12/eu-parliament-upgrades...
| annoyingnoob wrote:
| Been running my own mail server out of my house for about a
| decade. It has been glorious. I have always paid for 3rd party
| spam filtering, both inbound and outbound. Inbound and outbound
| through a 3rd party helps reduce the attack surface at my house.
|
| My users do not need webmail and I do not offer it. Calendars are
| done in local clients and shared through invites.
|
| I went with DC powered equipment, with battery backup on the
| input. My internet and email can stand at least a 24 hour power
| outage. Its also all solid state and no fans, no moving parts.
| Its been very reliable, though I do replace the batteries every
| couple of years. I'm probably over due for hardware updates at
| this point.
| 2Gkashmiri wrote:
| i kinda have to disagree. i decided to take the plunge and i used
| a cheap racknerd vps and used Mailinabox. 5 minutes setup and
| occasional updates.
|
| i got set as spam by google for the first few months but nothing
| since then. sure, one day i managed to spam like 200 emails in
| quick succession and that put me into spam but a quick "please
| select as unspam" solved it. i've been running this for like a
| year and it has been a good experience. i recommend people try
| this out, it doesn't cost a tonne
| est wrote:
| The fate of the Web will follow.
|
| For example, Chrome & Firefox together will remove FTP protocol
| support because "stats suggests very few % people use it"
| LinuxBender wrote:
| FTP/SFTP are still very much in use today. Removing support
| from the browser actually makes sense to me as the majority of
| browser users are not using it for FTP. There are a myriad of
| FTP/SFTP clients that are vastly more powerful and have more
| security options than any browser implementation of the FTP
| client ever had.
| yc-kraln wrote:
| I am very happy with my artisanal choice. I have been doing so
| for several decades, now. Usually only trouble when I have to
| move to a new IP range (changing colo provider), as it means re-
| establishing reputation and so forth.
|
| Not a huge issue, and worth it for me.
| chrisweekly wrote:
| Fastmail is, IME, an excellent email service provider. No, it's
| not really "running your own", but it's exactly what most people
| who want to avoid gmail are looking for, re: deliverability,
| featureset, privacy, UX, etc. Highest recommendation, from an
| unaffiliated happy customer.
| FpUser wrote:
| I do away with the middle ground. I rent email services from
| businesses that specialize in email hosting and I own domain
| name. No way I will have my email serviced by Google / MS / Apple
| and the likes.
| matt123456789 wrote:
| Who do you use? After seeing all the horror stories posted on
| HN, I have been worried about getting banned from $MegaCorp
| randomly and would like to minimize the blast radius if that
| were to happen.
| wrycoder wrote:
| I've been using Fastmail for decades, with great results. You
| can bring your own domain.
| runiq wrote:
| I'm using mailbox.org (1EUR/month) for my domain and I have
| nothing but praise so far.
| FpUser wrote:
| Just do a google search. There are plenty and I do not want
| to recommend anything particular
| gorgoiler wrote:
| Last year I was forced to migrate my 90 year old neighbour to
| webmail. We initially chose Gmail but ended up with
| outlook.office.com due to horrible IT policies at the University
| where she is emeritus.
|
| Walk through a computer interface with a 90 year old sometime. It
| is eye opening. Both webmail systems were utter design hell.
|
| The list of stuff that tripped my friend up is long. Two
| examples: Gmail has pencils _everywhere_ and at least two
| different styles to compose a message (chat style, big screen
| compose, reply style too I think.) Microsoft's product has a
| typeahead for the To: field that ignores your contacts list and
| instead uses the institutional one, so typing "Anne" pulls up
| every Anne you've never heard of @youruni.com and not your friend
| Anne @gmail.com.
|
| Gmail is also punitively fussy about receiving IPv6 mail but only
| on of its mail exchangers, so one in N mails get rejected. Great.
| Microsoft outlook requires you to scroll down each thread when
| opening it to see if "new message" meant the one at the top, or
| "new messages" plural further down.
|
| You and I have become inured to this crap because we are
| comfortable solving problems with computers. For others, these
| products are very hard to use.
|
| The one consistently brilliant client I use is the iOS mail app,
| via imap, to my personal mail host.
| Tepix wrote:
| Don't use webmail. It's a bad user experience.
| h2odragon wrote:
| Could've said this in 2007.
|
| The wild west days of email, with bang paths and "store and pray"
| delivery systems, those were fun. By the time `sendmail.cf`
| hacking was no longer a necessary skill, email had become
| industrialized. Today, why would you even want to try routing
| internet email through an RBBS net to WWIV net to some hackers
| custom Amiga board?
|
| SMTP was the Ford Model T of electronic messaging. It slaughtered
| the previous visions of what the field needed to be. We can look
| back fondly at the older ideas and even re-implement their
| insights now, but the lessons of the market are written in big
| bold letters now.
| 300bps wrote:
| I would've said email was deceptively complicated in 1996 when
| I set up qmail on Slackware Linux for my ISP clients.
|
| I never linked it to WWIV though I was my area code coordinator
| for WWIVLink. That had to be around 1988 or 1989?
| h2odragon wrote:
| the time frame sounds about right, yes.
|
| It was wilder before that, think "B news" times.
| rmdes wrote:
| Someone should try "artisanal email server" using cloudron or
| yunohost ! the bigger problem is that "authoritative" email
| monopolies such as Gmail, 365 and the other big ones arbitrarily
| define and impose what is a legit email server or not and even
| with better score than gmail an "artisanal" email server can
| suffer from being classified into spam by the big tech players
| just because they can and will do anything to maintain their
| monopoly.
| caymanjim wrote:
| I hear this all the time, but I question how true it is. I've
| been running my own mail servers for decades, and I've never
| had any problems with sending or receiving mail. I suspect
| anyone who properly configures their server will be fine.
| the_angry_angel wrote:
| > I hear this all the time, but I question how true it is.
| I've been running my own mail servers for decades, and I've
| never had any problems with sending or receiving mail. I
| suspect anyone who properly configures their server will be
| fine.
|
| At work I ran email servers professionally and with good
| deliverability for years. My own email server was arguably
| longer lived than those at work, just much lower volumes. IP
| block was clean, DKIM, SPF, rDNS, etc. all setup correctly.
|
| I thought I had no deliverability issues. I interacted with
| mailing lists regularly, the odd email to friends and family
| and I was firmly in your camp until I had to deal with a
| death in the family.
|
| I think this was shortly after Microsoft BPOS became
| Office365. It became very very clear very very rapidly that
| to certain orgs I just wasn't hitting the inbox. And there
| was jack shit I could do about it. That was the end of my
| mail server, and it's certainly got worse over time.
| michaelt wrote:
| The problem is delivery problems are almost undetectable.
|
| If I send an email to a corporation's customer support, or to
| a distant relation, or to an open source mailing list, and I
| don't get a reply, it could be a delivery problem - or it
| could just be that they didn't decide to reply.
| dqv wrote:
| For corporate support, that's totally on them. Checking the
| spam folder _is_ customer support. The "oh sorry your email
| went to spam!" is one of the few times I express
| dissatisfaction to a company. It's not my responsibility to
| make sure my email doesn't go to their spam folder. Not
| when I've taken all the right steps to make sure my emails
| are not marked as spam. If you have customers, you have to
| check your spam folder! It's not foolproof.
| kiwijamo wrote:
| You seem to not realize many email providers just drop
| emails (often after accepting it) instead of putting it
| in spam folders. So even your suggestion is of no help in
| that situation.
| mysterydip wrote:
| The most frustrating part is someone who isn't getting your
| mail will blame it on you. "I get everyone else's
| (gmail/outlook) email, it must be you."
| dqv wrote:
| And my retort is "that you know of". If mine isn't getting to
| you, who else's isn't? (For businesspeople) how much business
| are you losing because Google isn't letting mail through?
| It's one thing if the server is declining email and telling
| you why. It's another thing to silently hide email.
| BlueTemplar wrote:
| Hmm, guess it's time for a counter-attack : "Sorry, but it's
| too much hassle to send e-mail to gmail/outlook, please use
| another provider if you want to communicate." ?
| floren wrote:
| I post on a mailing list where one member has configured
| his server to reject all emails from Gmail. Inevitably we
| end up getting messages sent to the list which begin,
| "Direct emails to <guy> are being rejected, so I'm sending
| it via the list, sorry for the noise!"
|
| The unspoken "you silly prick" gets louder every time this
| happens.
| judge2020 wrote:
| Sending to Gmail/Workspace and O365 is by far the easiest case
| for me. It's the random enterprise email servers that don't
| like new gTLDs like '.xyz' who cause the most headache.
| beebeepka wrote:
| Indeed. Only that's not the bigger problem. It is the actual
| problem with email.
| hannob wrote:
| I'm running an email server and I can tell you that this is by
| and large not the case.
|
| If you put some decent effort into making sure that you don't
| send spam, try to monitor if anyone thinks you send spam and
| react when someone complains that you send spam (and stop it),
| it works.
|
| In my experience people telling these stories often do send
| spam, but they don't believe they do. ("It's not spam, it's a
| Newsletter. No, it has no unsubscribe link. These are people
| that agreed to be put on the newsletter by clicking on some ToS
| they never read, and they can unsubscribe by some arcane
| mechanism that we will make as complicated as we can. But we're
| definitely not spammers.")
| leephillips wrote:
| Exactly. I've been running my own email server for over a
| decade not because I think I'm artisanal, but for practical
| reasons. But I don't send out spam or "newletters".
| luckylion wrote:
| Or any kind of transactional email, I assume?
|
| I've run a hobby website for about 15 years that does not
| even have a newsletter of any kind, and includes "stop
| sending me emails" in each transactional email (all users
| are double opt-in verified), and password resets are still
| not delivered half the time to gmail addresses.
| superkuh wrote:
| I've run an email server for 10 years now and by and large
| this is the case. I am the only person that uses my
| domain/IP/mailserver. I know it doesn't send spam. I've still
| been blocked by MS Office 365, marked as spam by google, etc,
| every few years. It's quite a hassle to get unblocked
| involving lots of lying about having a Microsoft account or
| the like to tech support till you get to techs who actually
| know what a mailserver is.
|
| Frankly, I'm shocked you've never been arbitrarily blocked
| and I find your insinuations offensive.
|
| The last time I was getting blocked it was the solarwinds
| fiasco where their internal mail tunneling/forwarding and
| filtering setup _broke all DKIM_ and suddenly solarwinds
| users like NOAA.gov were rejecting me and adding me to
| naughty lists. There was no fallout for the megacorps and
| their broken setups. There was only damage to independent
| mailserver operators doing the right thing.
| throwaway09223 wrote:
| As other are saying this just isn't true.
|
| I've run my own email for decades and I've designed and run
| some pretty big commercial installations.
|
| As a small provider, you run the risk of existing in a
| netblock used by other people sending spam. A small co-op I
| ran encountered this problem once. They were operating on the
| cheap and while they weren't sending spam their neighbors had
| been.
|
| Even as a large provider at a billion dollar company,
| figuring out delivery issues is a huge pain and generally not
| worth it. There are unofficial professional postmaster
| meetups around the bay and these can be helpful in getting
| escalation contacts to fix issues, but even with entire teams
| of people dedicated it's a lot to handle and is usually
| worthwhile to outsource the work to other companies who
| already have these types of relationships established.
| nijave wrote:
| You need control of the entire netblock you send email from.
| Everything was going smoothly for me for 7 years until the
| entire Digital Ocean netblock my static IP was in landed in a
| permanent blacklist due to enough of the other IPs in that
| block having repeated complaints. I don't remember the
| mailing blacklist it was on but unblocking that single IP
| required the netblock owner (Digital Ocean) contacting the
| blacklist provider directly
| walrus01 wrote:
| this is why persons self-hosting email servers are much
| more likely to have success using a small to medium sized,
| trusted local ISP where you can establish a relationship
| with the persons who run the ASN. And determine for certain
| that the ipv4 /24 your mail server's /32 is contained
| within _does not contain random other $5 to $30 /month
| people buying VPS/VMs/low-budget-dedicated-servers_ with
| credit cards.
|
| If you can have a high degree of confidence that no
| outgoing smtp spam traffic has ever been emitted from any
| of the other IPs adjacent to where you're hosted, the
| opaque blacklists of the big mail receiving providers
| (gmail, etc) are much less likely to consider your legit
| traffic as spam.
| roywashere wrote:
| Indeed, after setting up dmarc and such delivery is no longer
| really an issue. I guess around 10 years ago, that was
| different!
|
| But what is a problem is providing a good enough web
| interface, search, and so on.
| denton-scratch wrote:
| > If you [...] it works.
|
| I've been running mailservers using free software for 20
| years. I've run two for personal use, and several for groups
| like companies. In the old days, you could indeed throw up a
| server, and provided you don't spam, and you're not in a bad
| neighbourhood, outgoing mail would be accepted.
|
| In more recent years, my experience has been that it takes
| time for a new mail sender to be acccepted; could be a year
| or two to build reputation. That's assuming you do everything
| right.
|
| My personal mail, by the way, has been on the same domain
| since about 2001. I've quit running a mailserver now. My
| small ISP runs a setup that's basically what I would have
| built, so I use that; the support is excellent. But it's
| still on the same domain.
|
| Last company I was at ran their mail on their ISPs
| mailserver. The ISP got taken over; service deteriorated, to
| the point it became unacceptable. So I built $EMPLOYER a
| mailserver; it took me longer than I predicted, because the
| bosses had all kinds of finicky requirements (don't they
| always) that I had to figure out how to provide after the
| fact. But that "artisanal" server beat the bejabers out of
| the ISP system; it was fast, reliable, and when anything went
| wrong I could fix it - which that ISP couldn't.
| DharmaPolice wrote:
| I think the "decent effort" part is the key thing. We had to
| change our mail routing temporarily earlier in the year
| (after having sent via Office 365 for multiple years) and
| keeping on top of emails that were being blocked was a non-
| trivial amount of effort (and stress) for a period of time.
|
| Unlike the person to you're replying to we had no issues with
| Google or Microsoft (once we did the requisite things) - it
| was Yahoo (and the people they provide email for) and then
| multiple mid-size organisations who used IP based block
| lists. At one point our mails were being rejected by our
| local NHS trust, the London Fire Brigade and a mental health
| agency we make referrals to. None of this was complicated to
| resolve but it was energy that could have been better used
| elsewhere.
|
| I'm not usually part of the "let's go cloud without doing any
| cost-benefit analysis" movement but with email delivery I was
| happy when we could go back to routing via Office365 again.
| If a recipient decides to ban Microsoft's IPs that's usually
| going to be a bigger problem for them than me.
| sharklazer wrote:
| I deal with this every day. Personal fully controlled server.
| I don't conduct business over this server, have only one
| email, a personal email, associated with it.
| Animats wrote:
| _In my experience people telling these stories often do send
| spam, but they don 't believe they do. ("It's not spam, it's
| a Newsletter. No, it has no unsubscribe link. These are
| people that agreed to be put on the newsletter by clicking on
| some ToS they never read, and they can unsubscribe by some
| arcane mechanism that we will make as complicated as we can.
| But we're definitely not spammers.")_
|
| Yes. I do get that impression from most complainers.
|
| I send from my own domains, and if I sent it, I wrote and
| addressed it personally.
| kro wrote:
| To most, including Gmail, it's actually no problem with DMARC
| in my experience too.
|
| However, one of my servers IPs is on a Microsoft blacklist
| since many years now. It sends <10 messages / day. I've tried
| every unlist form I could find, even called MS but it does
| not get taken of that list and they "won't disclose why". I'm
| routing SMTP to MS via another relay now :)
| tudorw wrote:
| same experience here, perfect score but no mail into
| Microsoft
| feanaro wrote:
| > I'm routing SMTP to MS via another relay now :)
|
| How do you do this? Could you share details on the setup?
| kortilla wrote:
| https://serverfault.com/questions/257637/postfix-to-
| relay-ma...
| kro wrote:
| It's a rather simple Postfix setup:
|
| transport.db:
|
| hotmail.com relay:[relay.server.tld]:587 # and other
| domains
|
| main.cf:
|
| transport_maps = hash:/etc/postfix/transport
| smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd
|
| relay_passwd.db: # if necessary / not authenticated by IP
| relay.server.tld user:pass
|
| The relay can/should rewrite the Return-Path to pass SPF.
| It's no problem for DMARC as the DKIM signature added by
| the initial server still authenticates it.
|
| It requires manually adding domains of custom 365
| installations to the list - at this size I do this
| manually, but should probably be automated "on bounce" or
| maybe even by a smart rule based on the MX record.
|
| In Exim4 it's also possible to conditionally rewrite
| based on for example the recipient domain.
| baobabKoodaa wrote:
| > If you put some decent effort [...] it works
|
| Well, I put in more than some decent effort, and I didn't get
| it "to work". I detailed my efforts here:
|
| https://www.attejuvonen.fi/dont-send-email-from-your-own-
| ser...
|
| Please stop spreading falsehoods. If you were able to somehow
| get your own email server to deliver email to Gmail and
| Outlook, great, good for you - but stop pretending that
| anybody can do it.
| throwaway27727 wrote:
| Lots of sister comments here saying that they've been
| running a mail server for X amount of years, where X is a
| rather large number. That will obviously come with some
| reputation for your mail server, reducing the curve of
| being classified as down. I would be interested in hearing
| from someone who tried to setup a new mail server in the
| last 1-2 years who was able to run it without a hitch.
| baobabKoodaa wrote:
| According to AWS, most mail servers will not even count
| statistics for low-volume senders. If that is true, then
| it won't matter whether your personal email server has
| been up for 20 years or 1 year, it won't have any
| reputation.
| zbuf wrote:
| This matches my exprience. I switched recently after 10+
| years, and was cautious that this might be a problem but
| it hasn't been at all. I think it has more to do with the
| choice of ISP.
| pseudalopex wrote:
| I think they meant servers with no reputation are
| punished. Other comments said so at least.
|
| What ISP should someone choose?
| zbuf wrote:
| Interesting, I misinterpreted what was being said!
|
| I'm doubtful a default block would work, as that would
| even penalise the 'big boys' of email when they make
| basic network changes and piss off existing customers of
| both sender and receiver... Its easier and logical to
| conclude something without reputation yet is therefore
| sending too few mails to be useful to a spammer.
|
| I've had good experiences with smaller ISPs (currently
| Mythic Beasts). In contrast, OVH was a poor experience.
|
| I find that reputation (beyond the known "block-lists")
| appears more likely being tracked for the whole AS
| number, therefore a lot more to do with your "neighbours"
| than anything else.
| peteri wrote:
| Yeah, I have that problem with gmail, I had a test
| account with a weak password get exploited a few years
| ago. Now for any new gmail address I want to send to
| seems to endup in spam. The problem here is there is no
| getting out of jail easily for low volume email users.
|
| My personal gmail account is full of spam and emails I do
| want from email lists end up the spam folder randomly.
| cm2187 wrote:
| In my case x>10y for a personal server, but that
| reputation got ruined when some test email account I had
| created with a weak password and forgotten, got breached
| and some spammers started sending spam. My mail server
| (smartermail) notified me within an hour of the abnormal
| number of emails and I disabled the account immediately.
| But that was it for the reputation of that IP.
| Fortunately I could switch to a spare, clean IP.
|
| That being said, now I monitor and auto-ban failed
| authentication attempts to smtp/imap (among others) and
| running the service is fairly low maintenance.
|
| But the morale of the story is that you are only one weak
| password from one of your users away from your mail
| server getting blacklisted as a spam server. So while I
| think it is fairly easy to run a personal server, running
| one for a small organisation is another matter.
| behringer wrote:
| i use a very low sending limit in my mail server. If a
| user were to send out spam, it would end up being
| relatively few by the time i noticed.
| mehdix wrote:
| My little server on Hetzner is delivering to gmail and
| outlook since two years with no hiccups:
| postfix,dovecot,rspamd.
| deng wrote:
| > If you were able to somehow get your own email server to
| deliver email to Gmail and Outlook, great, good for you -
| but stop pretending that anybody can do it.
|
| Yes, that's probably true. I've been running my own server
| for 20 years now, and I guess that in itself helps with
| getting my mail delivered (apart from t-online, but who
| cares about them). At some time I also hosted some mailing
| lists, but I quickly abandoned that because that's a
| surefire way to get your IP blacklisted sooner or later. If
| you set up a completely new mail server, there probably is
| a lot of luck involved, and I wouldn't recommend it to
| anyone, at least not for your critical business mails. I
| pretty much keep doing it only out of nostalgia, it doesn't
| really make any sense otherwise.
| ftrobro wrote:
| Haha I have the same experience... I have given up trying
| to send emails to t-online, but every other email-
| provider accept emails from the server I manage. It sends
| a few thousand emails per day.
|
| A few years ago we had problems, but then I realized some
| of the emails sent from our servers had non-ascii
| characters in headers (subject, from, to) which caused
| email-providers to distrust our server. Using encoded-
| words syntax ("=?UTF-8?B?" + BASE64(text) + "?=") fixed
| that problem:
|
| https://en.wikipedia.org/wiki/MIME#Encoded-Word
| sam_lowry_ wrote:
| I did run my own email server for 20+ years. As you may
| imagine, I had to learn a thing or two about DMARC, DKIM
| and SPF, but spread over the years it is not a big
| investment to make.
|
| Most of the time, delivery problems were of my own
| creation. Like running out of disk space or accidentally
| disabling TLS.
|
| Once in a while, Microsoft would start swallowing emails or
| Google would push everyone to use DMARC.
|
| But overall, the experience has been very pleasant. I host
| my mails, I own my data. I am not shy of using Google, but
| my work is not defined by their whims. When Google tells me
| I ran out of space in my account I just delete stuff
| because I have copies of everything outside of Google
| infrastructure.
| ireflect wrote:
| My mail server running on DigitalOcean has been relatively
| trouble free over the last 9 years. It runs docker-
| mailserver and is used by me and a dozen employees of my
| various small businesses.
|
| It requires some effort to maintain and understand, and
| I've had a few deliverability issues over the years but
| they are generally with niche providers. I've never had
| trouble sending mail to the big providers.
|
| Every time I read comments about the impracticality of
| self-hosted email, I scratch my head. Maybe I've just been
| lucky.
| dqv wrote:
| I think DO is really good about policing their IP space.
| When I signed up for the Microsoft JMRP [0], DO was
| already a contact of record for the IP I was using. I
| just appended myself to the list to get any abuse reports
| as well.
|
| >Every time I read comments about the impracticality of
| self-hosted email, I scratch my head. Maybe I've just
| been lucky.
|
| I feel the same. I've had one or two hiccups but smooth
| sailing for the most part. I'm also happy to provide
| receipts that show how the recipient's mail server is
| responding when I send the emails. It's a powerful tool
| to say, "your mail provider is misbehaving, look!" They
| will wonder how many people tried to send them email that
| didn't get to them.
|
| [0]: https://postmaster.live.com/snds/JMRP.aspx
| jacquesm wrote:
| And even if you did get it to work there is absolutely no
| guarantee that they won't block you tomorrow morning for no
| reason at all.
| IncRnd wrote:
| I setup and have been running an email server for around 20
| domains for over a decade. There have been no issues
| delivering to Gmail or Outlook, AOL, or Hotmail. There was
| some work I did initiallity to remove our IP addresses from
| blackhole lists, which had resulted from whatever the prior
| owners of the addresses had done. That was, however, minor
| and didn't take much time. Similarly, setting up DKIM, SPF,
| and the like were necessary and ugly to do, but they didn't
| take much time.
| zbuf wrote:
| I think the vastly different experiences have a lot to do
| with the quality and scale of the ISP. Best results with
| small, good quality ISPs.
|
| Also running my own servers for personal and business, and
| working well.
|
| But when we tried to use one of the large VM providers the
| experience was much less reliable. Despite ensuring the IP
| was not on the various block lists etc. mails would be
| accepted and silently discarded by recipients ISPs, perhaps
| due to the level of abuse of these IP ranges.
| [deleted]
| jacquesm wrote:
| This is exactly it. Email is now just another way to squeeze
| companies and private individuals alike instead of a cheap,
| secure and free way to communicate. Peer-to-peer email was
| worth having, in spite of the downsides.
| donmcronald wrote:
| I've seen a lot of small businesses go from $50 / year to
| $500+ / year. And from their point of view all they get is a
| bunch of nagging about 2FA and a much bigger target on their
| back when it comes to phishing.
| sharklazer wrote:
| Having run my own email for the last two years, this is the
| number one problem I encounter. Somehow every official step
| published in terms of standards for securing email servers is
| not enough to appease large provider such that they'll deliver
| your mail and not relegate it to spam.
| daneel_w wrote:
| My own experience from running a private e-mail server the past
| 5-6 years is that the problem more than anything else is
| garbage "e-mail gateway" products, like e.g. Cyren GlobalView
| and Proofpoint, that gets in the way.
|
| There's a tendency to perma-reject e-mail coming from "not seen
| before" domains despite the e-mail passing FCrDNS + SPF + DKIM
| + DMARC validation, which makes it difficult for private e-mail
| server users to get through to people.
| greggsy wrote:
| The suggestion that they will try muscle you out to maintain
| their monopoly is a bit alarmist. If you're not sending spam,
| and your email infrastructure includes strong DMARC and SPF
| policies, then it's unlikely that your reputation will be
| tarnished simply because it isn't part of the Gmail or Exchange
| Online ecosystems.
|
| I'd argue that the vast bulk of email is sent from dedicated
| providers like Sendgrid which are built on the same tech that
| might be found in any given 'artisanal' on-prem service.
| emsy wrote:
| Every time my artisanal mails went to spam it was an
| overzealous corporate spam filter (mostly for mails with
| attachments). Never from one of the big hosts.
| behringer wrote:
| The only problem I've had are with small players. You can't
| seem to reach anybody in charge of configuring and they do
| stupid shit that doesn't actually work.
|
| The big players all have a process and followup within days.
| Gigachad wrote:
| >just because they can and will do anything to maintain their
| monopoly.
|
| This is a popular opinion on HN but it doesn't seem at all
| inline with reality. Email isn't exactly a real money maker for
| anyone. And the amount of email spam and abuse is immense.
| Filtering out most unknown providers is unfortunately extremely
| effective. Almost all spam wiped out with a simple check.
|
| Maybe the ideal solution would be to let you link your custom
| email domain with a google account so you can have your google
| account vouch for the legitimacy of your custom domain. But
| even then, some of the time your email server actually is just
| blasting out spam without you knowing it.
| OvidNaso wrote:
| Email itself maybe is not a money maker, but my company just
| went to 365 and 90% of the justification to management is
| "were switching email providers". Microsoft and Google's
| small business offerings are inextricably dependent on email
| first.
| boplicity wrote:
| I don't know. Cpanel makes it almost effortless. There are rare
| problems, and they don't tend to be difficult to fix. If we were
| using a provider such as Mailchimp, for our marketing email, we'd
| probably be spending $30k to $50k a year on email. It's well
| worth the very minor effort required to host our own email.
| senko wrote:
| I ran my email server (several domains, a dozen or so accounts)
| for over a decade. This year I caved in and switched to hosted
| (gmail and fastmail).
|
| For most of the time it's been smooth running, but I did have to
| do maintenance on the server every year or so, just in time to
| forget the intricacies and having to relearn them again.
|
| Yeah, a few hours a year on that is not much. But there are many
| such small "auxiliary" things/chores and it adds.
|
| There's so much things I would and could want do myself, and
| nowhere near enough time to do them. I have to pick my battles.
|
| And figuring out how to fix sender rewrite to enable mail
| forwarding with SPF without accidentally allowing spam is not
| very high on my list of important things in life.
| tomkat0789 wrote:
| I just did a ctrl+f for Yunohost and only got one hit! Have more
| people tried it? What was your experience like? Hosting my own
| email will be a 2022 project of mine. My current plan is to get
| like a linode/personal server (my first test for myself is to
| host my own html website :) yes I'm new) to avoid customizing my
| home router too much.
| nickdothutton wrote:
| The fact that google and Microsoft have together killed email
| hosting stone dead is no accident.
| bullen wrote:
| This is completely wrong, SMTP is decentralized. Own your future,
| self host your mail, it's not hard. I predict that eventually all
| messaging apps will use SMTP under the hood! Xo
| blop wrote:
| I still run my own email system (postfix/dovecot for imap),
| mostly for one reason: the virtual username function of postfix:
|
| I configured postfix with: recipient_delimiter
| = .
|
| which gives me unlimited dynamic virtual addresses
| (username.<something>@mydomain), so I know where spam/leaks come
| from if I get unsolicited mail directed to
| `username.<unique_name_per_registration>`, and it makes it
| trivial to block.
|
| I know that you can do the same thing with google addresses using
| + as a delimited, but the + sign is often not allowed in dumb
| email checks. Also spammers probably know about + and strip it
| automatically anyway...
| southerntofu wrote:
| Love that, too! I've always been amazed that spammers aren't
| able (to my knowledge) to defeat such a simple scheme by
| removing the . or + in the local part.
| authed wrote:
| > so I know where spam/leaks come from
|
| unless they use BCC
| quesera wrote:
| Deliver to address is always in the headers, even if message
| is Bcc'ed to you.
| authed wrote:
| that's good to know.
| wpietri wrote:
| I've been doing something with dash as the recipient delimiter
| since the late 1990s and it's been great. But that became a
| pain when I wanted to switch to hosted email, as many providers
| wouldn't support it.
|
| I eventually ended up at Fastmail, as they let you build custom
| Sieve scripts that can do this kind of remapping without having
| to run your own mail server.
| desas wrote:
| Gmail works with . as delimiter as well as +
| MaKey wrote:
| I believe you can insert dots as you wish but not use it like
| the plus sign. So abc@gmail.com is the same as
| a.b.c@gmail.com but abc.new@gmail.com is another account than
| abc@gmail.com.
| blop wrote:
| with gmail you can do: foo+anything =>
| redirected to foo foo.something => redirected to
| foosomething (so . is not the same as +)
|
| The + isn't always accepted in dumb email checks though, and
| spammers know about it...
| vbezhenar wrote:
| If you're running your own server, you can just setup catch-all
| account and use something like $(printf %s news.ycombinator.com
| | sha256sum | head -c 12)@mymail.com for further privacy.
| adtac wrote:
| You don't need to run your own email server for this. I do this
| with a catch-all in Fastmail for $50/year or something. I'm
| pretty sure Gmail and most others can do this too.
| rwmj wrote:
| I run my own email server and it's not so bad. gmail is obviously
| the most troublesome "peer" - if it wasn't for the fact I need to
| communicate with some gmail users regularly then I'd just cut
| gmail off. You have to set some headers and DNS stuff, having a
| static IP helps, and obviously not allowing that IP to send spam
| too. Largely it works fine.
| jacob019 wrote:
| I do too, gmail is not a problem at all, but I have had the
| same static IP on AWS for about a decade, reverse DNS is
| mandatory for deliverability. My problem with Gmail is it is
| difficult to filter SPAM coming from their servers.
|
| My biggest problem with mail delivery is sending mail to
| Microsoft properties. I've had to resort to sending those
| messages via SES.
|
| Open source webmail solutions suck, so now I'm paying fastmail
| and forwarding incoming messages there.
| gbuk2013 wrote:
| Also run my one server for years without too much trouble.
| Hotmail is the one giving me the most hassle - for some
| reason they periodically block my IP address for apparently
| belonging to an ASN they block ... except it belongs to an
| entirely different ASN. My provider (RamNode) say they've
| been trying to get someone there for years to fix their
| system but didn't help, so I just fill in their unblock form
| now and again.
| dorfsmay wrote:
| If you have any neighbourgh on your block that has sent
| spam, then the entire IP block gets a bad reputation. I
| moved away from OVH because of this. I no longer get the
| issue )on Vultr) but still get 100% blocked by outlook.com
| and blocked by Gmail if I'm the one initiating the
| conversation (I can mail people once they've emailed me at
| least once)
| gbuk2013 wrote:
| Their email referenced AS3150 ... Here is what the
| (clearly frustrated) RamNode support person had to say
| last time I enquired: AS3150 is NTT, a
| large backbone provider: https://bgp.he.net /AS3150
| RamNode runs AS3842 and AS198203. We have contacted them
| before - they don't know why nor care why their system is
| raising issue with AS3150 in regard to emails from our
| network. But this issue isn't exclusive to
| our network either, and no other major email provider
| blocks emails like this.
|
| I have no reason not to believe him. :)
| habibur wrote:
| Same goes for me. Running postfix server on DO box for a
| decade. Hotmail is the most troublesome.
| dusted wrote:
| I've been running my own email since i was 14 years old, back
| then it was hosted on my home ADSL connection. Now I'm on fiber
| and still running my own email setup, but the end is near.. For
| the reason not mentioned in the article, it's getting
| increasingly harder to actually get a public routable static IP
| address and also be allowed to either send traffic on port 25, or
| use the ISPs relay host to actually send the email.
| moltar wrote:
| Can you host it on vultr? Just $2.50/mo for half a gig of RAM
| instance.
| adtac wrote:
| I don't think you get a static IPv4 address with that
| instance.
| baggachipz wrote:
| Not anymore. The one with IPV4 is $3.50/mo now.
| southerntofu wrote:
| This defeats the entire point of selfhosting whether it's for
| security concerns or autonomy. The ecological impact of VPS
| hosting every single service you need is also not negligible:
| datacenters require huge amounts of resources and
| infrastructure which a simple second-hand machine at home
| doesn't.
|
| (also worth mentioning: email protocols were explicitly
| conceived so that uptime is not a worry)
| elondaits wrote:
| Datacenters use energy and computer resources more
| efficiently than a machine at home, unless the machine at
| home is already running some other tasks that you can't
| move to the datacenter. A computer that's 99% idle is
| wasting most of the energy it consumes.
| southerntofu wrote:
| > Datacenters use energy and computer resources more
| efficiently
|
| That is both true and misleading. Once the datacenter and
| all surrounding infrastructure (optic fibers, fuel pit,
| dedicated electricity lines, cooling equipment) and all
| server/networking hardware has been built, then you start
| having a better efficiency. If the whole cycle is taken
| into account, there's no way VPS can be as "green" as
| selfhosting.
|
| A computer will usually take more energy to build than it
| will consume over its entire lifetime, so repurposing an
| existing machine is a good way to go (if you consider
| minerals-related pollution, even more so).
|
| Also, when you're in a datacenter, servers will be
| changed every few years. For something as
| simple/lightweight as email, a 20y old computer will do
| just fine. A datacenter will renew its entire hardware a
| few times in that timeframe.
|
| > A computer that's 99% idle is wasting most of the
| energy it consumes
|
| That is true whether it's in a datacenter or at home. But
| of course you can share/mutualize resources with other
| people in order to mitigate this.
| phh wrote:
| Some ISPs provide VPNs on their AS at cheapish price. For
| instant milkywan in France provide one with public constant
| IPv4 for 5EUR/month in France. It obviously make the whole
| setup much more complicated, because it leads to a kinda multi-
| homing setup, but I think it's still reasonable.
| ssl232 wrote:
| How often do you need to send on port 25? In my experience also
| running my own mail server, never. Receive from servers that
| don't support encryption yes, but never send. I always send
| using TLS and since maybe 5 years I've not had an issue with a
| receiving server not supporting it.
| 0x0 wrote:
| If you want to deliver email to other domains then you need
| to connect to port 25 on the destination domain MX server. As
| far as I know, best practice for the other ports (465, 587)
| is to require authentication and to reject anonymous
| submissions.
| ssl232 wrote:
| Port 25 is only required if the destination doesn't support
| TLS, I think. I've not opened port 25 outgoing on my server
| and I've had zero issues delivering sent mail to other
| servers for maybe 5 years.
|
| I think OP might have meant " _receiving_ on port 25 is
| getting difficult " rather than sending. The spec requires
| servers to support unencrypted deliveries over port 25,
| even though almost all servers use TLS these days.
| 0x0 wrote:
| Even with TLS, that is usually handled by issuing
| STARTTLS on TCP port 25. I can't find anything in the
| RFCs mentioning server-to-server smtp delivery happening
| on anything but port 25? Do you have a reference for
| that? In fact, even the MX for google domains
| (aspmx.l.google.com) does not listen on TCP port 465 or
| 587, only 25.
| ssl232 wrote:
| I'm not certain, so you might be more informed than me.
| It's possible my server is sending on port 25 and since
| the firewall I use doesn't block outgoing connection I
| just didn't notice. TIL!
| southerntofu wrote:
| There's a few ways to approach this question. One is to mention
| community networks (DIY ISPs) which will ensure you always have
| a public IP without filtering. Some even provide VPN access so
| that you can use your filtered internet to acquire a publicly-
| routable IP. This is a common pattern in the ffdn.org
| federation of non-profit ISPs.
|
| Another one is to mention hosting coops
| (libreho.st/chatons.org) and how they could be employed in
| limited-network situations. On the web, we have SNI/eSNI-aware
| proxying which enables multiple servers to share a single IP
| without revealing their private keys to the reverse proxy. I
| don't know of an equivalent in the email world (because it's
| assumed there is only one MX with a canonical domain/DKIM per
| IP), but i'm all ears if you have suggestions!
|
| Of course, we could mention onionMX and other key-routing
| systems (CJDNS..) but the problem is you need it to be
| supported on the other side as well, which is highly unlikely.
| EarthIsHome wrote:
| The main problem I've run into while running my own email server
| is IP reputation issues. It is still an ongoing issue for me. You
| can read my previous IP reputation issue in this comment [11].
|
| You should make sure your server's IP address isn't blacklisted.
| If it is, you're going to have major delivery issues with some
| email server providers (ESP). Some blacklists you can check are
| listed here [0]-[3].
|
| I think my main problem now is the UCE Protect [5] blacklist. I
| think some of the major ESPs use their harshest blacklist from
| UCE Protect, which is their Level 3 blacklist [6]. This blacklist
| will include your IP if your ISP meets a spam threshold for any
| of their other IP addresses. This makes running a mail server on
| cheap hosting providers like Digital Ocean or Linode very
| difficult.
|
| My conclusion is I should switch to a more expensive ISP that
| isn't in danger of getting on the UCEPROTECTL3 list or find an
| email forwarding service for a next hop destination for outgoing
| mail.
|
| You can read more about UCE Protect here [7]-[10].
|
| [0]: mailtester: https://www.mail-tester.com/
|
| [1]: mxtoolbox blacklists: https://mxtoolbox.com/blacklists.aspx
|
| [2]: proofpoint blacklist: https://ipcheck.proofpoint.com
|
| [4]: outlook blacklist:
| https://sendersupport.olc.protection.outlook.com/snds/index....
|
| [5]: UCEPROTECT: http://www.uceprotect.net/en/index.php
|
| [6]: UCEPROTECTL3 blacklist:
| http://www.uceprotect.net/en/index.php?m=3&s=5
|
| [7]: UCEPROTECT Blacklist Scam
| https://community.spiceworks.com/topic/2170592-uceprotect-bl...
|
| [8]: UCEPROTECT: When RBLs Go Bad
| https://blog.sucuri.net/2021/02/uceprotect-when-rbls-go-bad....
|
| [9]: ASK HN thread https://news.ycombinator.com/item?id=26064722
|
| [10]: SQLite3 IP blacklisted:
| https://sqlite.org/forum/forumpost/bb61881d7a?hist
|
| [11]: Previous IP reputation issue
| https://news.ycombinator.com/item?id=25437841
| KeybInterrupt wrote:
| I personally don't host my own Mail Infrastructure, If I where
| forced to do so, I would probably run a Mailcow.
|
| Especially the "dockerized" Mailcow is reasonably easy to setup.
|
| You will still have to setup SPF, DKIM and the other DNS records.
| But Mailcow is a solid package!
| daitangio wrote:
| I am happy with this docker-based solution:
|
| https://gioorgi.com/2020/mail-server-on-docker/
|
| I am running it and require very little mantenance.
|
| The documentation is very well done and I was able to setup all
| the stuff needed in a short time.
|
| Also paid hosting solution tend to be very pricely if you need
| more than 3-4 accounts.
|
| My solution instead required only some setup effort, less than
| one day.
| ToddWBurgess wrote:
| I think I am showing my age when I say, I remember when Linux by
| default came with sendmail enabled by default. You could use your
| Linux box to send e-mail anywhere without it getting caught up in
| spam filters. Fun times.
| jacquesm wrote:
| Personally, I'd prefer to have to deal with the spam than to
| have to deal with the duopoly in email that we have today.
| ToddWBurgess wrote:
| I think you misunderstood. If you fire up a mail server on
| your Linux box today and try using it for mail the big mail
| servers are sending your mail to spam due to a bunch of spam
| rules. These days, you need an organization with a known
| reputation for sending good e-mail to handle your e-mail so
| you don't end up in a spam folder. It's how the big players
| stay big.
| zh3 wrote:
| It's less artisanal than also doing it for the common good. We do
| not want an email monoculture (consisting of 2 megacorps
| ostensibly in competition).
|
| We want a free, fair, and open internet.
| moonbug wrote:
| Is tending to your own email server really what you want to do
| with your once and precious life.
| ajdude wrote:
| A couple years so I set up a mailinabox server on a vm for my
| personal email. Incredibly simple, $5/month and "just works"; I
| can even sync my contacts and calendar.
|
| My only complaint was the graylisting but I quickly resolved that
| with a configuration file.
| rob_c wrote:
| Frankly no. Both Google and Microsoft office have taken a massive
| step back by implementing "smart" functionality into their mail
| search which makes accessing critical information (and therefore
| my job) impossible... I'll be self hosting until these companies
| return basic working functionality
| joshdata wrote:
| The comments all seem to be from people who think making an
| artisanal choice is a bad thing. There should be more art,
| experimentation, and expression in computing. If we've outgrown
| running our own mail servers as a practical choice, because there
| are now more good options, and we can enjoy running a mail server
| as a more humanly choice, that's a good thing.
|
| Not much has actually changed about the complexity of running a
| mail server in the last 20 years --- if anything it's gotten
| easier. What's changed is there are other, polished, turn-key
| options now. Great. (Those options tend to have spam policies
| that aren't friendly to the independent servers, but that's
| life.)
|
| Choose to be artisanal.
|
| (I'm the primary maintainer of https://mailinabox.email/.)
| wpietri wrote:
| I don't think artisanal is necessarily "bad", but we should all
| acknowledge that it will be more work for a result that's maybe
| better but probably worse for most people.
|
| I ran my own mail server for 20+ years, finally giving up a
| couple years ago. I strongly disagree that it has gotten
| easier. As the article makes clear, it's a much more
| complicated world. Things that have happened in the last 20
| years include SPF, DKIM, DMARC, and the rise of providers like
| GMail. And if you really care about owning your bits, in some
| ways colocating hardware has gotten harder now that VMs are
| hugely dominant.
|
| The new requirements to be a good mail server are significant
| work to understand and implement. The feedback loops are also
| poor: it's hard to know whether you really have them right.
|
| But the real killer for me was opaque major providers like
| Google. Occasionally, they decided they didn't like my little
| mail server. I and a number of other sysadmins couldn't find
| anything wrong with my setup. But mail wouldn't arrive. I even
| had SRE friends inside Google and they couldn't find out
| anything; apparently the GMail folks are very secretive.
|
| There are only so many missed business opportunities and
| disrupted personal relationships I was willing to put up with
| for my personal taste for running my own servers. Eventually I
| hit that limit and switched everything over to Fastmail. For me
| personally, it was a great decision. It's cheaper and more
| reliable, and never again will I have to get up in the middle
| of the night to go to a colo. In contrast to my spending a few
| hours here and there, they have a whole full-time staff
| sweating deliverability. It's great!
|
| If people think running a mail server is fun, I say go for it.
| But even there I'd strongly urge them to consider whether "this
| looks fun" is the right spirit to bring to anything important
| to their lives, and whether it will stay fun when it breaks at
| the least convenient time. So maybe keep it fun by using it
| only for things that don't really matter to you.
| joshdata wrote:
| > Things that have happened in the last 20 years include SPF,
| DKIM, DMARC
|
| Right, of course. The protocols are more complex. (Add TLS,
| MTA-STS...) But whereas 20 years ago you _had_ to start from
| scratch and understand the whole stack, today that's just not
| necessary. There are numerous projects that make running a
| mail server readily possible without knowing e.g. the
| sendmail configuration macro language. And there are many
| many more good resources to learn it all if you want to know
| than there were 20 years ago. It is both a more complex
| technology and also undeniably easier for people to actually
| do it.
| wpietri wrote:
| Sorry, I think "undeniable" is way too strong.
|
| I wrote the email chapter for the book "Internet Secrets"
| in 2000, and I ran my own mail server 1997-2019, so I have
| a pretty good sense of what the landscape was like then
| versus now. QMail and Postfix were both out before 2001, so
| you didn't need to know sendmail at the time. You just had
| to be able to configure the mailer to get things up and
| running. And given that there were decent Linux
| distributions available, the technical challenge wasn't
| high.
|
| The difference now is that from there, there's a lot more
| to understand if you actually want your email to get
| anywhere reliably. It's complicated, subtle, and much
| harder to resolve problems when you get it wrong. At the
| time, the biggest problem was bounces. Now deliverability
| has become a dark art.
|
| Just out of curiosity, when did you start running your own
| mail server?
| joshdata wrote:
| I think around 1998 or 1999. I don't think we disagree on
| the facts: I totally agree that there is a lot more to
| understand and that deliverability is a nightmare. No
| question. What I see is that today people can achieve a
| reasonable mail server while being an expert at less.
| dirwiz wrote:
| I suppose I fall into the artisanal category
| (postfix,dovecot,spamassassin,roundcube etc). In our case
| everyone runs mobile/desktop IMAP clients, web mail at least
| seems to be a "when all else fails" backup plan for quick emails.
|
| I do have a specific beef with all the consolidated email
| providers. If one of them determines your SMTP server to be spam
| (false-positive), ALL of their clients now reject your email with
| little recourse for the admin. Just had this happen with a
| solution that rhymes with 365. Even their clients were clueless
| as to how to resolve it.
| edoceo wrote:
| The best part is that everyone will blame the sender.
|
| The ignorant always blame the informed - and it keeps working
| cause the informed can actually address the issue.
___________________________________________________________________
(page generated 2021-12-24 23:00 UTC)