Google (and recently, Outlook) is taking all of it away. It's putting mail from people not on your contact list in spam[^3]; it's by default blaclisting IPs within certain range[^2]; now it's bringing it's own format as well.
Is this embrace, extend, extinguish, Google style?
[^1]: let's not get into the problem of DNS never really being owned, only rented, for now
[^3]: only experienced it, friends did as well, but I don't have proof.
I've been mulling switching to Google or some other email provider for a long time and I still feel that this is the last bit of corporate independence that I'm willing to give up. Our mail is ours. I don't care of the counterparty is using gmail or whatever other flavor of cloud services they care for but running your own mail server should be a first test of whether or not you are an IT business or not.
It borders on the ridiculous to have to outsource something as essential and confidential to a commercial provider in another country who only entered the scene about a decade after us, especially because I see those commercial providers as the biggest part of the problem to begin with and this feels like rewarding them for their abusive behavior.
A snail mail analogy escapes me but it would involve sending your post all the way around the planet first before dropping it in the mailbox in the next town over, with some random elements for delivery or non-delivery thrown in for added amusement.
All this gives rise to some frustration on occasion, it is no fun to have your legitimate email classed as spam for reasons not under your control but so be it, I'll take that over giving up autonomy.
Google 'AMP' for email is yet another step in the wrong direction and I'm sure that it will get a lot worse before it will get better but at some point I'd hope that people will wake up to the fact that all this consolidation of power is a negative thing.
Wait until Google does one of their fun blocks on you for a couple of weeks. They don't have humans involved and just don't have to care.
If you want to fix email you can, but it would be better to fix the internet first. Communication should be over an encrypted web of trust. Once you have that then email easily bolts right on. The only thing holding back this change is that the business model of the internet is rooted in surveillance because the web is largely monetized via advertising.
In the mean time semi-bridged walled gardens are going to be the answer to the growing hostilities on the internet.
But as for the little folk who are less of a target: I have run my own mail server for 18 years and can't imagine I've received more than 100 spams in total. And that is without any defences other than SPF.
ISP e-mail, well that is certainly spammed to death but probably for the best as it was only ever a hook to keep people trapped in sub-par services.
These are the emails that are not related to me being on a centralised commercial host, and they all made it past Googles ample defences.
That's with SPF, DKIM, DMARC checks automatically rejecting emails. SpamAssassin and custom ML filters to presort.
Maybe it's fine if email is not central to your life or business but if there's even a, let's say, 10% chance of my emails not getting delivered to Mr Google I have no other option than to bend the knee.
I’ve never had issues with being blacklisted or anything.
But I’ve been sending with SPF + DKIM + DMARC + ADSP all configured and enabled since day one, and with TLS transport for all sent emails.
That usually gives a major boost in trustworthiness.
The only clue I have so far is that in some discussion, it was mentioned that google penalizes a domain of a lot of different emails from it get forwarded to google - and I do have my catchall forwarded to a gmail box.
We now live in a world where google can make you and your communication channels disappear, and they don’t really answer to anyone.
Still, that's probably way over the home email setup threshold.
“develop, control, prioritize, monoplize and sunset”. Don't forget the last step.
On the other hand, you can't easily import an email blacklist as you can an adblock list, so there's a problem that will never get solved in popular email hosting providers.
Whitelisting certain IP ranges/domains/whatever will never get us to our goal. Making sure the spam filters are 100% accurate is too much of a task for one company (heck, just this week, I missed an email from the embassy because the Zoho filter thought it was spam).
We've proven that crowdsourcing works already, but there are some nitpicks to be solved (what if an email account gets hijacked and later on returned to their original owners?), the biggest one of which is for Gmail, Outlook and others to support the import of such lists instead of mining data (something they're unwilling to do).
It depends on which perspective you're using. A company paying staff to host private mail infrastructure? Individuals who aren't in a position to take on that workload and/or those who choose just not to?
Google and Microsoft are providing fairly effective spam and malware filtering to the masses with options to classify emails using at most a couple clicks. That's pretty much out of the box experience and doesn't involve setting up and training Bayesian filters for months.
For the longest time Gmail offered email threads that were more intuitive than implementations found in other email clients with sent messages presented in related correspondence. Although other clients and webmail services seem to do that now as well.
Using free services is a trade-off but individuals who choose to partake clearly benefit in some ways.
> run a mailserver with bogofilter, which, with a few months of training, is surprisingly effective.
Unless somebody has proof for it, I guess attributing it to a poorly explained AI black box instead of malicious intent is more sensible, similar to the "Facebook is listening to conversations and showing ads accordingly".
Unfortunately email became stupid a long time ago. Partly thanks to braindead clients like Outhouse and partly thanks to Gmail. Remember when Gmail came out and they advertised "threads" as a feature? Yeah... we had threads before Outhouse et al. proliferated enough to make them useless.
And don't forget the way those clients make you "quote" previous messages.
Free software mailing lists still make email nice to use. Simple, plain text and intelligent.
Yes, I know about Matrix - doesn't have critical mass yet. I know about XMPP, but most of the XMPP servers don't allow other domains to talk to them.
I agree with you on the dumbing down though.
And terribly broken IMAP support that wouldn't use IMAP labels, but instead transfer a separate copy of an e-mail to multiple folders if it had multiple labels.
I thought Gmail was amazing when I first got it, and by 2012 I started running my own e-mail server when I realize it was a usability nightmare.
Email is already the worst form of communication. Spam has basically made it useless.
Even if you don't use it to communicate to other people, you're still relying on it (for example, you forgot some random password), making it impossible to get rid of.
Nothing replaced it, and nothing will replace it for the next decade. Not all people on the Internet have a Facebook account where they let anyone in their friends list, and not all people on the Internet have a phone number that they are willing to give publically (for WhatsApp/Signal/any-mobile-first-IM-solution).
If you try reaching me online, you won't find my Facebook account on a search engine (nor on Facebook, unless we have some friends in common), and you won't find my phone number easily (unless you already have me on Facebook as a friend). You'll find my email address easily though, and that's why it'll remain relevant.
Same could be said for pretty much every GitHub user (that's why email addresses are right on your profile by default), every academic that has his own website, most of HN users (just take a peak at random profiles) etc.
You can own IRC as well. I feel like your 3 cons are my three pros.
Little communication software out there can be made as secure and resilient as email.
Two people out there can run their mail servers on a laptop or a raspberry pi. Email is easily encrypted with TLS and GPG on top.
The initial setup for this could take less than 2 hours.
Bonus points: everything could be run from a *sh shell, 1 CPU core and 128 RAM is quite enough.
> bad tooling and software
Postfix (and HAProxy for that matter) are some of the best pieces of software I have the pleasure to work with. Very good docs, I personally haven't seen them crash and have a way to never take you by surprise.
You're dangerously wrong about the security of email...
There must be hundreds of thousands of very valuable accounts that could be accessed if you had access to someone's emails, so why doesn't that seem to happen?
Email is "secure enough" for common people, whose threat model isn't high. We have Google and Microsoft to thank for that primarily, since they're the ones that pushed 2-factor auth, encryption in transit (HTTPS) and other features (that later on got implemented by all the email providers). Those features themselves would mean nothing if they weren't incorporated in the biggest free email hosting solutions.
Email is "completely insecure" to those who can't trust a third party (like Gmail). It has GPG on top of it, which is nasty to use from a user's perspective. Meanwhile, even if you do all the things perfectly and never screw up, you're still not getting the same level of protection you would get from using Signal (as a solution that doesn't retain any metadata), whose user experience is out of this world compared to GPG.
I think it's the latter.
Email by itself (as a protocol) is far from perfect, but you can have other mechanisms to improve on top of it where it falls short (while some other things, like metadata retention, are deal breakers). You can still host your own email with almost all the bells and whistles offered by Google/Microsoft, so you have that going for you.
On the other hand, even if you have the greatest and most secure emailing server imaginable, you would still be communicating with others who don't use it, and you're relying on them having some strong security mechanisms as well. Therefore, it's important for Google/Microsoft to make these improvements on top of emails as well.
So, if we're talking about email as a protocol, not secure enough for 21st century.
If we're talking about email as an end product, then yes, it's secure enough (under the assumption that you're using some well known email hosting service).
I think I speak for a fair number of HN readers when I say, Literally everything google offered 10-15 years ago was better. Talk, gmail, voice, search (with booleans!). Its all a wasteland now, begotten and forgotten for sweet advertising and big data deals.
Eh... I think you should speak for yourself and convince with arguments instead.
How are these products worse? Search gives much more relevant users, pretty much killed SEO as a thing, now using page size and performance as metrics to push mobile-friendly websites higher when you're on your mobile.
Gmail is just significantly better in every way.. including privacy: They stopped using emails for ads. 
Of course, RIP Google Talk, but Voice is much better now, with a VoIP option coming soon.
The strategy of Google / AMP is clear: using its monopoly to convert the open web into properties of Google.
AMP is as “open” as Adobe Flash (Flex, etc) is open. Sure, it may he open source, but it is encumbered by license keys (see: AMP Cache), special privileges (again see: Google search cache), and development totally in control by Google.
Thanks, mutt, for sparing me all this pain.
I know some people can run their own setup. The above are for people who cannot or do not want to do it.
My assumption us that AMP4email will get replaced by a truly-open standard (aka multi-vendor support), following the same path as Google's early R&D efforts in browser local storage and improved networking.
Google: what I'd really like to see is a way to authenticate between email sender-receiver (perhaps a one-time, OAuth-like dance with a website?). In addition to nuking certain forms of phishing attacks, users could [reasonably safely] conduct e-commerce inside the email client (much faster, more consistent etc)... kinda like wechat, etc.
Besides the question of relevance (why do we care about web technologies in email, when studies have shown that most people prefer plain text, anyway?), this sounds like a straight up Appeal to Consequences.
They say that the spec is available. But where? They link to https://github.com/ampproject , which is just a list of projects, none of which seem relevant.
It's a subset of existing AMP components.
I'm not sure why it showed up on your home screen; it's not supposed to do that. What phone/launcher/Android version are you using?
I don't want my emails to be 'engaging, interactive, and actionable', I just want them delivered with a minimum of fuss and preferably in plain text.
All this marketing bullshit is getting old.
Google is trying to turn Gmail into a platform.
I think this particular move is more tactical than strategic. I think it provides a better experience for users and keeps Pinterest, one of the main AMP users, happy with Google.
AMP is afaik an open web format, what's the "get 'em hooked" part here? Is it just a defensive play against Facebook's Instant Articles?
This is what the site looks like with both sticky bars open on my 900px high screen. This is atrocious. https://i.imgur.com/o5hcENG.png
I’m a little jealous.
No AMP support too, which is a huge plus.
Actually I suppose the post office is the UDP way too.
I am finding that I use it less and less each year. How much are you using it compared to previous years?
- My friend communication is done almost strictly through messaging services
- work communication is done through Slack and Jira (yuck)
I feel like email for me has become this awkward auth-proxy.
It’s how I magic link in, “confirm” who I am, reset my password, or get spammed by marketers.
The Google post mentions a report in which they claim that 270 billion emails are sent per day by 3.1B users, and usage is still increasing.
Slack, with 6M daily users, is not even close.
I'm not limited by characters. Sending an image doesn't cost a fortune. It's much easier to attach files like zips, and to extract them on the other end.
What's the advantage of SMS? It just seems like a poorly stripped down email service, with more control from carriers.
A much larger than necessary header that bounces up and down as you scroll, with a insanely massive related articles sticky footer.
AMP is a scourge on the web and now they want to extend the plague to email? Please Google, just leave email alone.
I feel very sorry for the state of email.
An interesting concept with very antiquated technology that is getting more and more centralized.
Having a personal/corporate server and interacting with the big boys (Google, Microsoft, even yahoo) is getting more and more difficult.
So it seems like a regular webpage but within Gmail.
Meta: My top two stories on HN right now are Google press releases. Just rename HN to Google News are be done with it.
Bad news is also news.
Want to see some examples of the most fully configured SPF, DKIM, etc records? Look at spam. The big boys take advantage of it all.
And you thought email phishing was bad now. Wait until this thing goes live.
It would be prohibitively tedious for me to persuade everyone who send me email through gmail to go into gmail's settings and switch the format back to plain text. And even if I succeed, Google has at its disposal various dark patterns, e.g., resetting the setting back to AMP every now and then (which please note would not be noticeable by the sender unless I tell him).
For now, the only way is to always ask for the Desktop Site when I search. Unfortunately, iOS Safari doesn't allow me to set this per site and I have to do it manually every single time I search.