
Show HN: Pubmail.io - Mizza
https://pubmail.io
======
eridal
I just created an account, using the same account for email confirmation.. and
it worked ;)

now that the link is publicly visible, can I lose control of my account?

EDIT: some others did the same, bright minds think alike :)

~~~
Mizza
Well, you can.. but that's kind of your fault for being cheeky. So yes, you
can lose control over your account if you do that, but that's not really a
bug, that's a PEBKAC.

------
yellowapple
"I will not use Pubmail for spamming or any illegal purposes."

Not checking that box until "illegal" is defined. Which jurisdiction?

Also, I'm not too keen on requiring an email address to create an email
address.

EDIT: and apparently, checking that box is not required to create an account.

EDIT 2: is there a way to use SMTP and POP/IMAP (i.e. use a standard email
client)? If not, is this something in the works? I have a feeling this is dead
in the water if you're targeting politicians without letting them use their
Outlook.

~~~
secstate
I don't think the goal of this project is to allow public officials to respond
in public, but rather to avoid having to copy-paste email chains with public
officials when they stonewall or downright circumvent laws in what they
believe is a private channel (traditional email).

POP, SMTP and IMAP would seem contrary the whole idea of a public stream of
email communication. The idea here is that reporters, investigators or
concerned citizens can use a pubmail.io address to simply maintain public
communication with a public official.

~~~
Mizza
^^ Exactly! Wish I could make this clearer.

I wrote up an 'about' page here, but it's a bit lofty:
[https://pubmail.io/about/](https://pubmail.io/about/)

I'd love it if a politician could use it, but I don't think that's going to
happen in the near future, so this gives the public a tool to foce more
transparency without the politicians/reps themselves having to commit to it.

~~~
yellowapple
Can you answer the initial question about legal jurisdiction, though? This is
still not clear in the About page, and if you're including a checkbox (that's
thankfully optional) asking if one's use of Pubmail will be for "legal
purposes", it's generally a good idea what "legal" means in the context of the
site. "Legal" in terms of American law? British law? Iranian law? Somali law?
Sharia law? UN law? Sealandic law?

~~~
Mizza
Yeah, I mean, I don't honestly have an answer for that. I guess I should.

It basically means, "don't be a dick, don't harass, don't spam." I'm not a big
fan of laws, but I am a big fan of common sense and decency, and that's all I
want.

~~~
yellowapple
The answer would probably be the same answer as "Which country does this site
operate from?", but IANAL.

Regardless, changing the text of that checkbox to what you mean - "I promise
to refrain from being a jerk, harassing people, or spamming" \- would make the
question moot.

------
deskglass
Awesome idea and execution! I'm reading through the featured emails and
laughing at how unresponsive public officials are.

I recommend adding a signature feature. If I were to use this service, I'd
want to add a signature to the effect that all emails to and from the account
are publicly accessible.

Also, I recommend adding a way to read through a specific account's emails
(nevermind, they have that) and a way to search through all email.

~~~
jszymborski
Yah, a signature feature would pretty much need to be essential. It's pretty
essential you tell some one they're on speakerphone, let alone a permanent
record.

~~~
toomuchtodo
Can you provide a legal citation requiring notification to someone over email
if the conversation is to be public?

------
ffn
Cool service, OP, where/how are you hosting this, btw? I ask because some
years ago I built a ruby-based service very much like it for personal use, but
the monthly aws costs started getting to me (it was costing me about $40 a
month to run... yes, I am that poor).

~~~
Mizza
This is hosted on a super cheapo DigitalOcean droplet. I think it's about
$10/mo. The mail service is provided by MailGun, which is an amazing
API/library set and super cheap!

------
hellbanner
Hey, thanks for making this! I've considered doing this as a pre-emptive for
NSLs relating to geolocation (building GPS apps). Nice to see someone do it.

Have you gotten any corporate accounts or politicians signed up you want to
share with us?

~~~
Mizza
No, not yet, as this is the first real 'coming out' for Pubmail. It's mostly
just been me and friends testing it out so far.

That being said, I'd love if it political/corporate users had their own
accounts, but I don't think that will ever happen. It's more about doing the
opposite - having ordinary people post their communications with
political/corporate officials to the public by default.

~~~
toomuchtodo
> That being said, I'd love if it political/corporate users had their own
> accounts, but I don't think that will ever happen. It's more about doing the
> opposite - having ordinary people post their communications with
> political/corporate officials to the public by default.

I love this. Thank you!

------
fapjacks
This is an excellent idea. I have no idea if this is already a feature, but it
would be nice to see when the recipient has opened/read a mail. I really wish
something like this would be implemented by policy in government. I understand
it would divert "meaty" conversations even further behind closed doors, but
something like this is definitely a good start. Bravo!

~~~
Mizza
I would like that feature as well, but I think that's technically impossible,
right? Doesn't Gmail block image/open tracking now?

~~~
seahorse
Maybe Gmail does, but not all mail services do.

It wouldn't be that hard to add a 1x1 invisible pixel in the message footer
and see how well it works.

~~~
MichaelGG
Gmail no longer does. They download the images for you, so your IP isn't
leaked. I'm not sure if this is done beforehand (removing all info from the
load), or after you open the email.

~~~
Mizza
Oh, interesting. So open tracking still works, just doesn't come directly from
the client.

Interesting.. maybe this is do-able after all..
/mail/{{mail_id}}/{{open_tracker_id}}.gif

~~~
jrs235
Gmail pre-downloads images and caches them. This causes false positives that
enails have been read when in fact they may not have been.

------
Mizza
Happy to answer any questions that you might have!

~~~
Mizza
Or, I'm realizing now, if you want to try it out, email me at rich@pubmail.io

~~~
corobo
or if I understand it, email _me_ at rich@pubmail.io

~~~
pki
Can I be rich@pubmail.io too?

------
mayli
Got a 500 on this link:
[https://pubmail.io/mail/thread/S1755839AbbEUWbg/201505212231...](https://pubmail.io/mail/thread/S1755839AbbEUWbg/20150521223136Z+3110/confirmation-
for-subscribe-linux-fsdevel)

------
pimpl
Looks like a really cool idea!

What’s your stack? It spoke Polish to me on your login page because of my IP
:)

~~~
Mizza
This is pure Django! That functionality is provided by the wonderful Django-
Allauth package.

I'll F/OSS this whole project soon enough, but I need to fix a few bugs
first..
[https://pubmail.io/mail/thread/20150517210222.16302.49561/we...](https://pubmail.io/mail/thread/20150517210222.16302.49561/welcome-
to-pubmail-rich#79)

------
glomph
Are there not legal ramifications for automatically sharing what is presumed
to be private correspondence?

For example a politician might well reply with information that is not
intended for general circulation (private information etc).

~~~
oceanplexian
Yes there is. Public disclosure of private facts but only if it's not in the
public interest AND it needs to be offensive. But realistically this is the
United States and you're going to have a hell of a time convincing a judge to
go for it. US libel and privacy law is very weak.

~~~
glomph
This isn't anywhere. I am in the UK and the internet is international.

------
kolev
Nice, I was thinking of implementing something like this myself as I hate
retweeing reps' emails. Just one suggestion - why do you need to confirm every
action including non-destructive like logging out?

~~~
Mizza
Accounts stuff is provided by an upstream package, django-allauth. Confirm on
logout is handy so you can't trick a user into GETing a log out page, it has
to be POSTed.

~~~
kolev
Well, that's what nonces are for though.

------
spoiler
There should be an option to flag email as spam, or as unwanted email, or as
scam, or just a general "flag" option (for other people's mailboxes, too).

~~~
Mizza
There is a spam filter acting already, but it looks like we already have our
first troll spamming it.. great. Knew this would happen, hoped it wouldn't
happen two hours after launching. =/

~~~
spoiler
Ah, I was thinking more along the lines of generally inappropriate email that
a spam filter wouldn't pick up. Like public shaming or flaming, for example.

------
rohitv
It seems like noreply@pubmail.io is stuck in some sort of a loop?. I apologize
if I somehow caused that. I just tried to email myself (okokok@pubmail.io)...
:/

~~~
Mizza
:D

Oh jesus.. fixed..

------
mildbow
Really cool idea.

I guess that it might make you liable if you get a "confidentiality
required/don't read if it's not sent to you" sort of emails?

~~~
Mizza
Thanks!

I actually looked into that, and basically that's just a cargo-cult pseudo-
legalese things that people do, they aren't legally binding in any way.

------
albertpark
Would be great to see a search and/or filter function.

~~~
Mizza
Noted! When there is enough usage, I'll add an ElasticSearch backend.

There is a 'tag' feature:
[https://pubmail.io/mail/tag/police/](https://pubmail.io/mail/tag/police/)

Do you think it would be useful to be able to 'follow' users?

------
flippyhead
Neat!

