Google (and recently, Outlook) is taking all of it away. It's putting mail from people not on your contact list in spam[^3]; it's by default blaclisting IPs within certain range[^2]; now it's bringing it's own format as well.
Is this embrace, extend, extinguish, Google style?
[^1]: let's not get into the problem of DNS never really being owned, only rented, for now
[^3]: only experienced it, friends did as well, but I don't have proof.
I've been mulling switching to Google or some other email provider for a long time and I still feel that this is the last bit of corporate independence that I'm willing to give up. Our mail is ours. I don't care of the counterparty is using gmail or whatever other flavor of cloud services they care for but running your own mail server should be a first test of whether or not you are an IT business or not.
It borders on the ridiculous to have to outsource something as essential and confidential to a commercial provider in another country who only entered the scene about a decade after us, especially because I see those commercial providers as the biggest part of the problem to begin with and this feels like rewarding them for their abusive behavior.
A snail mail analogy escapes me but it would involve sending your post all the way around the planet first before dropping it in the mailbox in the next town over, with some random elements for delivery or non-delivery thrown in for added amusement.
All this gives rise to some frustration on occasion, it is no fun to have your legitimate email classed as spam for reasons not under your control but so be it, I'll take that over giving up autonomy.
Google 'AMP' for email is yet another step in the wrong direction and I'm sure that it will get a lot worse before it will get better but at some point I'd hope that people will wake up to the fact that all this consolidation of power is a negative thing.
Wait until Google does one of their fun blocks on you for a couple of weeks. They don't have humans involved and just don't have to care.
If you want to fix email you can, but it would be better to fix the internet first. Communication should be over an encrypted web of trust. Once you have that then email easily bolts right on. The only thing holding back this change is that the business model of the internet is rooted in surveillance because the web is largely monetized via advertising.
In the mean time semi-bridged walled gardens are going to be the answer to the growing hostilities on the internet.
But as for the little folk who are less of a target: I have run my own mail server for 18 years and can't imagine I've received more than 100 spams in total. And that is without any defences other than SPF.
ISP e-mail, well that is certainly spammed to death but probably for the best as it was only ever a hook to keep people trapped in sub-par services.
These are the emails that are not related to me being on a centralised commercial host, and they all made it past Googles ample defences.
That's with SPF, DKIM, DMARC checks automatically rejecting emails. SpamAssassin and custom ML filters to presort.
Maybe it's fine if email is not central to your life or business but if there's even a, let's say, 10% chance of my emails not getting delivered to Mr Google I have no other option than to bend the knee.
I’ve never had issues with being blacklisted or anything.
But I’ve been sending with SPF + DKIM + DMARC + ADSP all configured and enabled since day one, and with TLS transport for all sent emails.
That usually gives a major boost in trustworthiness.
The only clue I have so far is that in some discussion, it was mentioned that google penalizes a domain of a lot of different emails from it get forwarded to google - and I do have my catchall forwarded to a gmail box.
We now live in a world where google can make you and your communication channels disappear, and they don’t really answer to anyone.
Still, that's probably way over the home email setup threshold.
“develop, control, prioritize, monoplize and sunset”. Don't forget the last step.
On the other hand, you can't easily import an email blacklist as you can an adblock list, so there's a problem that will never get solved in popular email hosting providers.
Whitelisting certain IP ranges/domains/whatever will never get us to our goal. Making sure the spam filters are 100% accurate is too much of a task for one company (heck, just this week, I missed an email from the embassy because the Zoho filter thought it was spam).
We've proven that crowdsourcing works already, but there are some nitpicks to be solved (what if an email account gets hijacked and later on returned to their original owners?), the biggest one of which is for Gmail, Outlook and others to support the import of such lists instead of mining data (something they're unwilling to do).
It depends on which perspective you're using. A company paying staff to host private mail infrastructure? Individuals who aren't in a position to take on that workload and/or those who choose just not to?
Google and Microsoft are providing fairly effective spam and malware filtering to the masses with options to classify emails using at most a couple clicks. That's pretty much out of the box experience and doesn't involve setting up and training Bayesian filters for months.
For the longest time Gmail offered email threads that were more intuitive than implementations found in other email clients with sent messages presented in related correspondence. Although other clients and webmail services seem to do that now as well.
Using free services is a trade-off but individuals who choose to partake clearly benefit in some ways.
> run a mailserver with bogofilter, which, with a few months of training, is surprisingly effective.
Unless somebody has proof for it, I guess attributing it to a poorly explained AI black box instead of malicious intent is more sensible, similar to the "Facebook is listening to conversations and showing ads accordingly".
Unfortunately email became stupid a long time ago. Partly thanks to braindead clients like Outhouse and partly thanks to Gmail. Remember when Gmail came out and they advertised "threads" as a feature? Yeah... we had threads before Outhouse et al. proliferated enough to make them useless.
And don't forget the way those clients make you "quote" previous messages.
Free software mailing lists still make email nice to use. Simple, plain text and intelligent.
Yes, I know about Matrix - doesn't have critical mass yet. I know about XMPP, but most of the XMPP servers don't allow other domains to talk to them.
I agree with you on the dumbing down though.
And terribly broken IMAP support that wouldn't use IMAP labels, but instead transfer a separate copy of an e-mail to multiple folders if it had multiple labels.
I thought Gmail was amazing when I first got it, and by 2012 I started running my own e-mail server when I realize it was a usability nightmare.
Email is already the worst form of communication. Spam has basically made it useless.
Even if you don't use it to communicate to other people, you're still relying on it (for example, you forgot some random password), making it impossible to get rid of.
Nothing replaced it, and nothing will replace it for the next decade. Not all people on the Internet have a Facebook account where they let anyone in their friends list, and not all people on the Internet have a phone number that they are willing to give publically (for WhatsApp/Signal/any-mobile-first-IM-solution).
If you try reaching me online, you won't find my Facebook account on a search engine (nor on Facebook, unless we have some friends in common), and you won't find my phone number easily (unless you already have me on Facebook as a friend). You'll find my email address easily though, and that's why it'll remain relevant.
Same could be said for pretty much every GitHub user (that's why email addresses are right on your profile by default), every academic that has his own website, most of HN users (just take a peak at random profiles) etc.
You can own IRC as well. I feel like your 3 cons are my three pros.
Little communication software out there can be made as secure and resilient as email.
Two people out there can run their mail servers on a laptop or a raspberry pi. Email is easily encrypted with TLS and GPG on top.
The initial setup for this could take less than 2 hours.
Bonus points: everything could be run from a *sh shell, 1 CPU core and 128 RAM is quite enough.
> bad tooling and software
Postfix (and HAProxy for that matter) are some of the best pieces of software I have the pleasure to work with. Very good docs, I personally haven't seen them crash and have a way to never take you by surprise.
You're dangerously wrong about the security of email...
There must be hundreds of thousands of very valuable accounts that could be accessed if you had access to someone's emails, so why doesn't that seem to happen?
Email is "secure enough" for common people, whose threat model isn't high. We have Google and Microsoft to thank for that primarily, since they're the ones that pushed 2-factor auth, encryption in transit (HTTPS) and other features (that later on got implemented by all the email providers). Those features themselves would mean nothing if they weren't incorporated in the biggest free email hosting solutions.
Email is "completely insecure" to those who can't trust a third party (like Gmail). It has GPG on top of it, which is nasty to use from a user's perspective. Meanwhile, even if you do all the things perfectly and never screw up, you're still not getting the same level of protection you would get from using Signal (as a solution that doesn't retain any metadata), whose user experience is out of this world compared to GPG.
I think it's the latter.
Email by itself (as a protocol) is far from perfect, but you can have other mechanisms to improve on top of it where it falls short (while some other things, like metadata retention, are deal breakers). You can still host your own email with almost all the bells and whistles offered by Google/Microsoft, so you have that going for you.
On the other hand, even if you have the greatest and most secure emailing server imaginable, you would still be communicating with others who don't use it, and you're relying on them having some strong security mechanisms as well. Therefore, it's important for Google/Microsoft to make these improvements on top of emails as well.
So, if we're talking about email as a protocol, not secure enough for 21st century.
If we're talking about email as an end product, then yes, it's secure enough (under the assumption that you're using some well known email hosting service).