Hacker News new | past | comments | ask | show | jobs | submit login
G Suite Horror Story (lawgimenez.me)
534 points by dirtylowprofile on Aug 5, 2018 | hide | past | favorite | 206 comments

Sorry to hear about your woes. Google should be ashamed and embarrassed that they still haven't fixed this.

I ran into a similar problem years ago after they acquired Postini and forced us all to migrate. GSuite was called Google Apps at the time, and it cannibalized my personal email (which originally used my own domain, not GMail). Despite numerous contacts with various support channels and even nagging dev googlers at I/O about it I never managed to get it properly severed again. Wound up losing all my history from a lot of Google services linked to the original account.

Doesn't help there's also a bug in the Google Play / Android setup wizard where it refuses to recognize the me%olddomain.com@gtempaccount addresses (thinks % is invalid), presenting another impediment to trying to manually extract stuff.

Shame Google, shame!

The lesson I learned a long time ago is Google products are great until you need to contact someone. I'm sure a few people have some ability to directly contact a real person at the company, but 99% of us are stuck with their product support forums that OP linked to, which frankly are terrible and rarely solve any real problems - I would highly doubt if any of their "representatives" can actually do anything but show you existing help documents.

Idea for startup: use data to make a better routing layer for customer service. Right now, everyone hits the same (more or less) frontline people. But some customers respond better to one or more of: empathy, hand-holding, highly technical, no-nonsense, etc. Based on feedback from customer surveys that currently go into a black hole, you can route to a better person next time. And once a profile is built of a customer, corporations could subscribe to this data in order to make customer service better for everyone, and reduce costs for them.

Many companies care a lot about something like net promoter score, but can't seem to improve it. Wouldn't it be cool for them to have Heroku-like knobs? "Given budget X, route for best customer experience."

Calling the product support forums terrible is being way too kind. They are worse than terrible because they give you hope. I've used them dozens of times over the years, and never once has a solution come from them.

Sadly, Google seems to like it a lot as a substitute for hiring their own in-house support team.

They even reward their "top contributors": https://topcontributor.withgoogle.com/


When they turn up in my search results for an issue it always makes me sad because the threads never have useful resolution.

It's like a graveyard of problems.

It's stories like these that reinforce my own justification for running my own email server.

I would recommend you run your own email server - it's both fun (you get to set it up yourself, add any features you want), and rewarding (you don't have to worry about the "rug being swept from under your feet"). The only caveat is time - time for SMTP servers around the world to know that your mail server's IP is not sending spam - and filling out some forms to unblock the server's IP address.

Since moving in 2014, I have had no hassles at all, and I continue to tweak things to my liking.

I'd strongly recommend against it.

In a past life I ran email services for a small business, and then a medium business, it was a full time job, just keeping us out of the spam blacklists, keeping things patched up, ecosystem changes (e.g. new DNS records every few years, new security requirements, etc) and filtering incoming spam/malware/philishing attempts.

If people want to setup email for educational reasons, go ahead, but running one over a longer period isn't wise and frankly many wouldn't put enough time and effort into it to do it well. It is absolutely not set and forget, you'll need to baby it daily indefinitely.

When people ask me what I recommend? I tell them outsource email to a major provider and use your limited time/effort elsewhere. Better rate of return by far.

I disagree with the full time job. When you run it for yourself and your family it is not that much work (if you have to support lots of people, different story). Particularly if you don't have to deal with the hardware (VM). To me the biggest objection is cost, and technical complexity to set up.

For managing spam, I found that the best solution when you own your own domain is to give a different alias to anyone who wants your email and keep a record of the mapping (I had to create a little website that does that for me). If you start receiving spam, then just delete that alias (this is why the "+" alias feature in gmail not really useful, plus it leaks the underlying email). I use Smartermail, which runs on windows, and allows you to reply to an email from the alias it was sent to. This is a low maintenance, zero spam solution.

For patching, windows patches itself. You need to update smatermail manually though, so it takes about 10 minutes every month or so. I automated the renewal of certificates with letsencrypt.

The only thing that has been a source of worry and requires to keep an eye on is failed login attempts (I scripted it but it is worth monitoring). Once I had created a test email account with a weak password, and some spambot got access to it by bruteforcing passwords in smtp. Then it started sending tens of thousands of spam emails from that account, which got me on gmail's blacklist for a month, even if the whole event lasted less than one hour (smatermail notified me of the suspected spam activity).

How do you avoid downtime? Gmail is not going to go down out of the blue, but my own server could easily do that when my internet randomly goes out.

If you want to send emails, don't run it from home. Most mail server will increase the spam level of an email coming from a dynamic ip or where the reverse dns doesn't match the name of the server.

If you just want to receive emails, then it depends how long is your downtime. Smtp requires that the sending server makes several attempts if the first failed, so if you are only off for a few minutes to a few hours, you will get your emails, just delayed. If full day downtime then this is not a viable solution.

If you need to send emails, then you kind of have to host your server in a datacentre. A cheap VM should probably be a good solution for a first attempt. You will still get downtime occasionally (update OS, update mail software, problem with your hosting provider). A cheap solution is to set up a failover server at home since it is only to receive emails while the primary server is down, with a lax retry policy (up to a few days).

A lot of IP ranges from cheap VM (and bare metal) providers are included in many blacklists since those ranges were (predictably?) abused by spammers in the past. Some companies are fighting this by denying outgoing traffic to port 25 until you fill a support ticket now, but whatever is in the blacklists will (probably) stay in the blacklists. Even buying your own IPv4 range does not guarantee it was not used by spammers in the past, and you will have to fight the blacklists owners to have it removed...

If you want to be sure your mail gets to someone else, things are going to be more complicated than setting up an SMTP+IMAP server combo, and after dealing with it in the past for work I'm happily outsourcing the pain to fastmail nowadays. :)

Blacklist owners are fairly reasonable. You do need to have an IP dedicated enough that your Reverse DNS can be set to your domain, and then pretty much all blacklists will honor a request to delist it or whitelist it. I've dealt with a couple of them at work.

You don't need to avoid it. Email was designed in the age of unreliable connections. It can withstand downtime just fine.

Almost every mail server retries for a few days, so you'll get your message, just late. Those few mail systems that don't retry have issues with greylisting - and unless you're fond of stories about Nigerian princes in distress, you're going to use that as the first anti-spam measure anyway.

It can only withstand so much downtime though. What if you don't have access to your server for a week? Heck, even a couple days can screw things up. So much email is time-sensitive. From transit delay notifications to message notifications and bank alerts... to actual humans that matter in your life trying to get something from you by tomorrow thinking you'll get their emails as usual. Maybe it's just me but I just don't see how "oh it's chill if my emails get randomly delayed for a day or two" would fly in today's world. Intentionally going off the grid after you've prepared for it is one thing, but having your email randomly go out without any warning in a potentially awfully inopportune time is quite something else...

> What if you don't have access to your server for a week?

Then you've chosen a bad service provider(s) to host/colocate/peer with.

Actually, you should notice this situation pretty much immediately you're online - because most likely your IMAP server would be down - and every single email client I've used had started to display warnings.

If you have more complex setup with separate MTA so your IMAPd may be online while your STMP service's unreachable, then you should set up monitoring system and deliver alerts either using local delivery or any out-of-band mechanisms (like SMS).

Also, you can set up a backup MX. Or two. Or more. Email has failover/HA since forever.

I highly recommend FastMail for a paid email provider. Their support staff is quick to respond, and it’s nice to be a customer instead of a product (i.e. pay for the service instead of getting it for free with ads)

I second this. I ran my own mail server for a couple of years (a good educational experience), but after a while I figured it was far less hassle to pay someone else to deal with it.

FastMail have been an excellent email provider, and support has always been responsive and useful.

FastMail is amazing; there were a few hiccups early on with the native iOS productivity apps but its been smooth sailing for years now.

If you can, definitely try to run your own mail server for the experience but start of gradually, e.g. relay outbound email through an smtp service, and slowly add the different layers such as spam analysis, filtering, etc.

There are /so/ many layers to email these days that if you try to do it all at once you'll spend way too much time on just keeping the wheels from turning.

What? I have been managing my own mail server and domain for 10+ years now, and apart from a few days spent reading up on DKIM, DMARC, SPF, etc., it has been mostly set and forget.

I did the same for many years. Until I noticed that some people just never got my emails. Mostly people with business emails - I'd send something job related, and never hear back, just assuming they weren't interested. It took me a while to figure out that some email providers (outlook.com is one example) will just outright block small email hosts, despite following all the best practices like DKIM, DMARC, SPF. It's a lost cause trying to host your own email. I've been on fastmail for the last year or so with my custom domain, and it all seems to work great.

It's ironic that outlook.com blocked you when it itself is too costly to block in that you can't tell whether the message is important from a contact at say a Fortune 500 or another Nigerian scam.

Like you I ran my own stuff but possibly unlike I didn't encounter issues with recipients other than yahoo. I ran it from home from 2001 until last month and paid extra for a /29 static block from the phone company.

> will just outright block small email hosts

And that's exactly why self-hosting needs to be more dominant instead of just relinquishing power to large corporations.

My experience has been likewise.

Only problem I had, and still have in the short term, is that one server's IP C block has been flagged by one spam service. And even though my server's IP gets a clean bill of health from all other SPAM services, outlook.com refuses to accept mail from that server. I had them white list the IP but it reverted shortly after that.

The ISP (strato) refuses to do anything about it, and not sure if there is anything they can do, so all I can do is vote with my feet.

Otherwise, running a personal mail server is hardly any effort at all. Use Webmin for admin.

it's only outlook.com? you can't fix it?

i mean that's a rather large group of people you can't communicate with right there.

and it's the only one you know about.

i say this is the exact reason running your own mail server in 2018 is problematic. you just chose to not consider it a problem.

> i say this is the exact reason running your own mail server in 2018 is problematic.

It's a reason why allowing these fairly core services to be provided by a shrinking group of organisations is equally problematic.

Maybe one day Google will decide that they get too much spam from outlook.com (or vice versa) and cut them off too. What are you going to do about it, set up your own mail server? Vote with your feet to another provider? Start a company doing the same? Good luck with that.

It's not the only mail server I have running but it is the only one that has this problem. So bye bye strato.

>.. it's the only one you know about.

In the case of outlook.com, there's a delivery failure message. My yardstick is gmail.com. If the mail is getting to gmail accounts then I'm confident that it's as good as it is going to get.

I have run email servers for myself and businesses. Every single headache I have had was related to some user having a shit password or malware on there PC and then spammers send spam from their address.

My personal email server has been hassle free. I use https://mailinabox.email/ which you just run the setup script and tell it your domain name and everything is set up correctly. It sends me an email every now and then saying it needs updating and thats all.

How do I set up mail in a box on a sub domain? Example.com is on outlook which I cannot disrupt but I’d like to set up and programmatically access all the emails coming to anything at dev.example.com

Preferably just query what emails do I have coming in for local name at dev dot example dot com

Deliverability is not a problem because I don’t intend to send any mail. Just need a sinkhole I can query. How difficult is this?

I haven't done it but I see no reason why it would be hard. You just tell it the domain to use which should be able to include the subdomain. One thing is that usually you point the domain's nameserver at the mailinabox server and it sets up all the right records for you. If you can do that on a subdomain then it's super easy. If not you just have to manually set all the records. Mailinabox shows you everything to set if you do it this way though.

> keeping us out of the spam blacklists, keeping things patched up, ecosystem changes (e.g. new DNS records every few years, new security requirements, etc) and filtering incoming spam/malware/philishing attempts

It is so easy to forget how much noise and junk gets passed around via email when I've had Google doing it for me for all these years...

Does a service (api?) exist where I can run my own email server but all email is forwarded to this service and it returns a Boolean for "is spam", then my local email server files it into a spam folder automatically. This way I always keep full control and can exclude forwarding emails from my contacts list.

rspamd is as good as it gets, you can run it locally, you need to train the filters "of course", but you can do it incrementally - as mail pours in you put spam into the spam folder [0], and rspamd (via rmilter via postfix) puts a X-Spam-Flag header into the mail, so sieve (part of dovecot) sorts if out [1].

of course, there are a bunch of cloud/hosted/SaaS versions, usually they front-proxy your email servers via MX records [2]

[0]: https://thomas-leister.de/en/mailserver-debian-stretch/#spam... [1]: https://thomas-leister.de/en/mailserver-debian-stretch/#glob... [2] https://www.everycloudtech.com/

I have spend a handful of days over a decade and a half researching or experimenting with my family mail server config. Given that experience can be useful professionally, even if only to understand the services you are purchasing it seems like time well spent for an individual/family to me.

It depends what your focus is within the industry and how much you like to be hands on. If you are an auto mechanic you might service your own vehicle. If you sell vehicles or drive them professionally then perhaps not. It isn't like any single approach is right or any particular role is preferred.

I am an enterprise programmer by day and I've been running mail servers for 20 years both for hobbies and for private use. I rarely spend more than an evening per year, mostly to keep up with new developments in that space. A few years ago I deployed DMARC. Last year I registered in postmaster tools at Google, Yahooo, Yandex and a few others. This is it.

> It is absolutely not set and forget, you'll need to baby it daily indefinitely.

That sounds like you were doing something very fundamentally very wrong.

I definitely don't need to touch my mail server daily, nor any of the mail servers I manage for others. It's just doing its job, security updates get installed automatically, and every few years I need to do a debian upgrade, and possibly deploy some new security/anti-spam features. In between those upgrades, it's running unattended for many months with absolutely no problems. On average, I touch my mail server maybe once a year.

I can second this, but it’s a full 8 hour day once per year when some spamassassin or amavis config breaks in an update... not to mention the normal sysadmin stuff of backups, verifying backups, logging, monitoring, et c. It’s a big project to run a mailserver. (Source: been doing so for 21 years.)

Well, you also need backups with a "cloud" solution, so that's no difference.

As for monitoring: If you only run it for yourself or a small org, really, you can do just fine without monitoring. If the mail access side breaks, you'll notice, if the inbound side breaks, you'll probably also notice soon enough. But then, setting up a minimal monit that tells you when storage runs low or the MX is down really isn't that difficult either.

So, no, it's not a big project. It's as much of a big project as owning a car, probably less so, if you consider the amount of effort/time required (assuming you have an IT background, obviously).

I also managed email for a living and helped transition many enterprises to cloud email solutions.

It’s quite likely that other, unauthorized folks, are touching your mail system more frequently than you with such a lax attitude.

Definitely outsource your email unless you want the experience.

If you want security it seems reasonable to use ProtonMail.com instead of larger cloud providers like Google or Microsoft.

"It’s quite likely that other, unauthorized folks, are touching your mail system more frequently than you with such a lax attitude."

This is complete nonsense. I cannot imagine that there is anything particularly magical that requires something other than regular security updates on any server.

Manual intervention is borne of changing requirements or broken things.

Why should an email server for a handful of users require a lot of manual intervention?

Could you explain where that magical unauthorized access to my systems should be coming from?

Really, you sound more like someone who has read some FUD marketing material than someone who knows how to write an exploit or has any other serious IT security expertise. I am pretty sure I never had any unauthorized access to my mail server in the last ~ 20 years that I've been doing this. Obviously, my system isn't immnune from exploitation, but neither are Protonmail's, and you are massively exaggerating the risk.

He clearly states who likely pays for spreading this FUD…

While I agree with setting up an email server not being a trivial endeavor, I managed to learn a lot and complete setup within a few hours by following one of the many available tutorials ([1], [2]) and the ongoing maintenance has been minimal.

I took the plunge about 4 years ago after being uncomfortable with the possibility of losing my main Gmail account. Ultimately, I decided that if I didn't own my email address, I was at the mercy of Gmail if anything went wrong. I came to the conclusion that losing my main email account would be more painful and time consuming than running my own server. At the time, I considered an alternative of owning my own domain and doing mail forwarding to Gmail or using a smaller email hosting provider, but decided there was value in learning more about how email worked.

[1] http://flurdy.com/docs/postfix/ [2] https://www.linode.com/docs/email/running-a-mail-server/

It’s ok running your mail server until yahoo black list you and there is no recourse for 6 months other than all email to yahoo will be deferred permanently.

Unfortunately I know lots of people on yahoo (still) and no amount of brow beating appears to be changing that.

Paying for FastMail did the job for me in the end. It’s the least shit solution I’ve encountered so far. Note I didn’t use the word best.

>>>In a past life I ran email services for a small business, and then a medium business it was a full time job, just keeping us out of the spam blacklists

Running it onPrem using the ISP the is connected to office I bet... That is a common problem with small businesses as they do not properly setup the ISP service and many SPAM lists automatically add the dynamically assigned IP ranges of most ISP has these are not setup to allow hosted services across them so by default no one expect to see a email server on that type of connection. Thus it is blocked.

Outside of that companies like MailRoute can help with routing to email traffic, and provide some level of HA for your email services.

>> ecosystem changes (e.g. new DNS records every few years, new security requirements, etc)

SPF, DKIM, DMARC are not really new, nor have they changed much in years. Thought most people still fail at getting it right. I am dealing with an issue with my bank right now where one Division is not talking to another division but they all use the same main domain for sending email so of course SPF record does not have ALL of the mail servers listed ... sigh...

>>filtering incoming spam/malware/philishing attempts.

There are many 3rd parties out there providing these types of services, I would use them. MX Gaurd Dog is probably one of more reasonably priced services but there are all kinds of other from Mimecast to Proofpoint, and many many others

>>I tell them outsource email to a major provider and use your limited time/effort elsewhere. Better rate of return by far.

I am not opposed to that persay. I also advice my clients if they are going to do that, at minimum they need a email archiving solution that is NOT with that same provider so they do not have all of their critical communications locked up in a single point of failure. For better or worse many companies live and die by email and if Email data is lost that can be DEVASTATING to a company. Having it all locked into a service you do not control is a high risk business ending decision IMO

> filtering incoming spam/malware/philishing attempts

Is there not just an open-source pre-trained spam-filtering model (using whatever is the state of the art for these—guessing classical Bayesian filtering on word-tokens is no longer at all what Gmail is doing)? It’d be a nice complement to the open RBLs, no?

There are, but they are not state of the art.

There is also the benefit of the spam filter service being "live updated," e.g. if a new type of spam message comes up it will get flagged since lots of users.

I keep hearing the same over and over from sysadmins. Is this too difficult to automate?

Ask an architect if it's difficult to build a house, and he'll scare you with tales of complexity. But that doesn't mean you can't build a shed yourself.

It can't be completely automated, but it isn't as difficult or time-consuming as people paint it to be (especially sysadmins!). I've been doing it for nearly 18 years now, maintenance takes perhaps 30 minutes every 2 months or so. There is more to do every 8 years or so, as Linux distributions go out of date, and your providers sometimes go out of business.

I have my suspicions as to all the FUD regarding running your own E-mail server. Secure personal E-mail distributed on many independent servers with automatic in-transit encryption is not in everyone's interest.

Having a lesser known TLD (.gd) helps in my case. I get spam email once in a blue moon.

I believe most of the spam comes from your email address being leaked by a company or website. Not sure how what your TLD is has anything to do with it.

I feel like this particular issue happens most often when one uses a catchall, as spammers like to try common usernames and this setup will allow all of them to be received.

In those cases, I found that it helps to use an obscure subdomain that doesn't have a website attached to it (e.g. mailus.example.com).

I would guess it makes it harder to recognize for website scraping if your email is left online somewhere.

A lesser-known TLD will massively increase the likelihood of your outbound emails being filtered as spam.

It depends.

I used to have my own email server.

Having to manage yet another public server is a stress on its own. Having to worry about server backups, security, DKIM, SPF, DMARC, avoid being blacklisted, etc made it even worse. Despite all of this I couldn't shake off the feeling that my mails went directly to the recipient's spam folder.

I'm not interested in maintaining mail servers. I can certainly do it, but my spare time is scarce.

Nowadays, I periodically sync all mailboxes to my laptop, so that they enter the backup chain I already have. If GSuite goes down or Google disables my account, I'll upload my backups to Fastmail, point the MX records there and go on with my life.

I find this setup way easier to understand and maintain than a mail server.

Or pay for a service that shouldn’t be free, as in free beer, because running a server costs money and companies have to keep the lights on.

Spot on ! Running a mail server, correctly, isn’t “easy” either.

For many people, including me, it indeed isn't. That is the reason, after trying for months to run my own mail server, I gave up and settled on mailbox.org and slowly will move all my email to my email-id@my-own-domain including bank mails which is hosted by mailbox.

To be honest my biggest hesitation has been settling on a domain name :)

I have ".in" (my country) and ".net" of my first name (9 chars) and and ".im" of my nick name (first 4 chars of my first name) I have not been able to decide on which one to move to. May sound silly but I would like to know if there are studies on email address length and TLD choices.

Do you have to settle for just one?

I have catch-alls set up across several domains I own, they all go into one inbox and replies etc. are sent from the same email the original was addressed to, automatically.

I usually use one domain for casual use (like games, Twitch, anonymous services), one for semi-professional stuff (with my real name), and one for actual business.

Not really but if I can avoid it I would like to settle for just one primary domain that I would share everyone and ask them that my gmail addresses should be removed from their contacts for good. I would like to use it everywhere and get done with it for once and all. Otherwise I'll just keep waiting for that perfect domain (or first-name.com that a lawyer is squatting on since last 7-8 years).

One problem I see with .im is it's from a different country than mine and they can change the rules to allow only residents or so, or they can hike the renewal cost to something really high. Also, I am from India where .in is common so some people might confuse .im for .in. I am inching towards <9 char>.in or <9 char>.net (my first name), but then I am not sure whether I should give up my <4 char>.im (my nick name).

Also, mailbox.org supports up to just two domains in the plan I am paying for.

I think you will want to go with the most common tld. In this case, .in for your home country and I believe .in adoption is strong enough in India?

The last thing you want is your emails going to a wrong tld:


going to


is very likely in your scenario for less tech-savvy contacts IMO.

Thanks. I had similar thoughts. 9 character is not too big for a personal domain and .net is common enough, or most common after .com imho.

I think I will keep first-name .in and .net and let the nick-name.im expire after a year or two and share .net email to my contacts.

Genuine question: one reason everyone moved to Gmail is because it was so damn good at spam filtering. What do you use today? Spamassasin out of the box? Or plugins or modifications? Or something else entirely?

Mostly spamassasin, more or less out of the box. Also postscreen (only the pregreet test) [1] to keep out the dumbest kind of spambots. Works really great and not worse than my gmail account. I don't agree that gmail is damn good at spam filtering, it's quite average.

[1] http://www.postfix.org/POSTSCREEN_README.html

Spamassassin almost cost me my career. A manager at a big company over a team doing my "dream job" emailed me, and Spamassassin threw it straight in to the bit bucket for whatever arbitrary reason it did. Fortunately a recruiter at said company was more persistent and managed to get through to me by phone. That job ended up catapulting me onto a career "hockey stick," and if it weren't for that, I'd likely still be languishing in some sad corner of IBM.

At work we used Ironports for years until Cisco, as usual,started making a mess. Nowadays we use Mailcleaner with a little bit of tweaking in a VM. It's a little worse than IronPort when Ironport was good, but so much better than what Cisco's systems were doing for us when we shut the old system down.

On a side note, I really don't understand why people say it's hard to run a mail server, it really isn't. It can be hard if you go full postfix+spamassasin on plain config files and configure everything without any help. Since 2005, we've been running:

Exchange 2003 Exchange 2010 Exchange 2016

Watchguard smtp Proxies and antispam External provider's antispam services Cisco Ironports (first a dual node cluster with some older machines, then Cisco came and forced us to upgrade to some C170 which were slow as hell)

We've run through countless updates on the exchange servers, we have mailboxes with more than 50Gb of content, about 1Tb of database sizes, the biggest problem we had, came when we had a two node DAG in Exchange 2010 and the RPC Client Access Server didn't correctly change when Outlook 2007 was open leaving some clients trying to connect to the server that was rebooting. We've also changed IP addresses a few times, but if you change your SPF records correctly, and pay for a good IP range you won't have any problems. Sure, you can't have your mail server on an IP range flagged as spam, but you also wouldn't buy a 100.000 dollar car and put 50 dollar wheels on it!

How do you get a “good IP range?”

In Spain at least, from a good ISP, and buying as a Business. Here you get two segments, mostly. Residential, which will leave you with banned SMTP and public IPs marked as spam everywhere. If you buy as a business, and from a trusted ISP, and tell them your use case, they will give you clean IPs. In our case, we're paying about a thousand euros a month for two optic fiber links with 100mbps up/download and two blocks of 8 public IPs, all of them completely clean.

The best nowadays seems to be rspamd (https://rspamd.com/).

Not OP, but I use both Spamassassin and DSPAM. It catches most spam but I do see a couple every week.

I've been using SpamArrest for 15+ years. SpamArrest filters out 99% of spam. I have to whitelist all domains or email addresses the first time I correspond. It gives legitimate users an opportunity to get through.

Worth every penny.

clamav with Google's safebrowsing filter enabled blocks a great deal of junk. It eats RAM, though.

Looking in my logs, it looks like that plus a hard block on zen.spamhaus.org would be enough to remove almost all spam, though I'm not sure what the false positive rate would be like on the latter.

>>It's stories like these that reinforce my own justification for running my own email server.

Stories like these that reinforce my continual recommendation to client to maintain their own backups of all data on "cloud services"

I see a trend of people believing that once "its in the cloud" they do not have to worry about backups anymore...

This will burn alot of people and companies

Backing up email isn't even hard. Just use a desktop client and you have a local copy now.

It's hard to keep it updated when you don't regularly use a desktop client and also don't want someone stealing your laptop to get a copy of all your emails.

If they can get in to your laptop then they can view your webmail.

Also disk encryption.

I was precisely trying to explain why "it's hard", not "it's impossible".

How is that hard at all? Log in to your email with thunderbird and have it open on boot.

Open on boot... with my password already put in? And the sync files in plaintext right there? What about when someone steals your laptop?

Well he did say

> Also disk encryption

And I did say "hard" and not "impossible"...

Disk encryption is just a button you click on install (Actually on most OSs now its the default)

That kind of encryption is not helpful when the laptop is already on. You need the kind that you can mount/unmount in when you're somewhere safe like at home. I'm also getting tired of these mindless persistent replies making me repeat my points over and over so this will be the last time I'll humor them.

I've been running my own E-mail server since 2001 or so. Contrary to what some people say, it is not a big hassle. Just make sure you set it up using a well-supported distribution (I chose Ubuntu, specifically because it is widely used), follow a good guide for setting up postfix+dovecot+amavis, update it regularly, and you'll be fine.

As for DNS, I'd recommend CloudFlare's free offering.

Overall, I spend minuscule amounts of time on maintenance (a total of 30 minutes per two months, perhaps?), and I have the comfort of being indepenendent.

I think we should all value our freedom and independence more.

> The only caveat is time - time for SMTP servers around the world to know that your mail server's IP is not sending spam - and filling out some forms to unblock the server's IP address.

You can save yourself a lot of hassle by using a mail relay with a good reputation for all outgoing mail. That's what I do: I run my own mail server so I have full control about spam filtering etc, all incoming mail goes directly to my server.

When I send an email my server does the DKIM signing itself and then forwards the message to an external realy (with SMTP Auth). I use https://posteo.de/en for that because it only costs 1 € per month, doesn't require any personal data to create an account and it lets you send emails with any from address (not having from address filtering is important here). Their servers have a good reputation so I have no problems having my mail delivered.

I believe most residential internet services block outgoing connections on port 25, so you would either need to upgrade to a business plan or pay for a cloud server to run your own email server.

Some vps services block 25 as well but it is usually configurable. The monthly cost of a vps is a few coffees and you get much more robust hardware and environmental conditions for your server and much better management tools. I did the home server thing well over a decade ago with a commodity pc sitting on a small ups. The main concern was leaving it running unattended when away from the house for any time. Especially during summer heatwaves. I found it wasn't a sustainable solution if you do any amount of travelling away from home.

Even if they don't block 25, most smtp server will increase the spam level if they receive an email from a dynamic Ip or and Ip which reverse DNS doesn't match the server name.

If you just want to receive emails then it's probably fine.

You can run the Mail Transport Agent (MTA) SMTP server on a VPS, then run the Mail Delivery Agent (MDA) POP3/IMAP server at the home server.

I run mine on a $2.5/month VPS with vultr. The price is so low its just not worth running at home.

By that same logic, you might as well just use Fastmail and save yourself the hassle of running your own mailserver altogether - their cheapest plan is $3 a month (or $2.5 a month if you pay for a year at a time).

It's not at all a bad idea. When I had a look at all the pricings it seemed to be price per user. I have a few domains and loads of "users" on my $2.5 server. It's only me using it but I like to have different addresses for different things and it doesn't look like other hosts support this without paying the per user cost.

You can have multiple aliases for the same user. I have about 20-30 email addresses (across multiple domains) from my previous setup all aliased to my main FastMail account.

On top of that, FastMail has a killer feature if you like have different addresses for different things. For example, say your email is name@example.com and somewebsite.com is asking you to provide an email address.

You can just put in somewebsite@name.example.com and FastMail will automatically route that to your mail email as if you had used name+somewebsite@example.com. You don't need to do anything beforehand and can just create these emails on the fly when you encounter a sign-up form.

It simplifies things greatly and if you start getting spam on one, you can just block it.

This is one of my favourite FastMail features.

The downside is that you need to regularly update your server software and OS. Otherwise you will eventually get hacked via an old vulnerability.

I run mine on an Ubuntu LTS. About once every 2 weeks the server sends me an email about an update which just requires me to run apt update. I could even automate that if I wanted to.

If you're interested in running a linux VPS for mail/web/anything use webmin for general linux admin.

There is a learning curve involved in running linux, you can't get away from that, but that curve would have been substantially steeper without it.

To keep your system up to date with it is trivial..

(not connected, just a fanboy)

So, the downside is that you need to install Debian's unattended-upgrades?!

Yeah, you better do release upgrades manually--but that is once every few years.

In addition to debian's unattended upgrades there's Ubuntu's live kernel update mechanism that adds kernel to the list of things that are up-to-date.


Latest Stable release: 1.03 / June 15, 1998

That one component out of hundreds didn’t receive any updates for a long time doesn’t really make a point.

And the last release of qmail patches to support IPv6, SPF, dkim, and a few other useful things which do not come included?

I would suggest a hybrid: run your own incoming mail server, but use a trusted sender for outgoing mail. Fastmail is pretty good, but there are hundreds.

This doesn't solve any prying eyes business, but it does give you some agency over your e-mail. Meanwhile, your never have to worry about mail being marked spam. It just works.

Does anyone hosting even their immediate family email have a plan for what happens when they're hit by a bus? I've documented how my wife or executor accesses DNS settings and how to access the vendor portals. I can't imagine them, bright as they may be, doing anything more complex than that.

Mind if I ask what software you're using? I'm planning to do this soon, using qmail, just for the ability to have email integration with some personal project sites, and for the learning. I don't foresee discontinuing use of Fastmail for my personal email, but who knows.

If you don't mind windows, I can recommend smatermail. It does everything in a single package (smtp, imap, webmail). There is a free tier. There are also additional paid features, I pay for ActiveSync, mostly for the ease to configure a client to set up everything (contacts, calendar, emails). Plus they have a rest api so you can automate certain things.

Thanks. I assume you mean this?


That's way more than I need, and if I can avoid Windows I will, but...it is cool to see a competitor to Exchange.

Yeah but you don’t need to use all the features (I only use emails, contacts and calendar). Most of the defaults are reasonbable, you just need to harden the security a little bit.

I think running your own server is hard - hard not to wind up on spam lists almost impossible to be removed from. What I do, to keep a local copy of my email, is I run a pi that crons offlineimap twice a day to one disk, then another cron to rsync to another one.

> hard not to wind up on spam lists almost impossible to be removed from

I’ve been running my own infrastructure for years now and know various people that do this also. Not once have I heard about anyone winding up on a blacklist. The only way I could imagine that happening is either a new server inheriting a legacy IP with bad reputation, or possibly running your server inside a home ISP network, which are frequently rejected by MTAs. Is there any other way in your opinion?

I'm a comcast customer (there is no choice where I live) and there are reasons why this is not possible:

1. I can only send/receive SMTP through their servers.

2. Static IPs cost a lot. When I canceled my static IP it was ~$25/mo (it was previously something like $5/mo).

Filling out some forms with whom?

There are various groups that run blacklists, which are checked by various spam filters and email providers. If you went up on one of their blacklists, in theory you can fill out a form with them to be taken off. (This has happened to me in the past I think due to being assigned an IP address that was previously used for spam, and I wasn't able to get off the list; I eventually had to get a new IP instead.)

My ISP (Comcast) won't allow it.

It's worth noting that this person posted to /r/Google[0] before writing the blog post. One thing that doesn't make any sense to me is this comment:

> When I login it always redirect to my @yourdomain.com with no gmail, drive, etc. Even if I clean the browser history. I do not understand this even.

So it sounds like this person can still log into their Gmail account, but it redirects to the deleted gsuite account. That definitely doesn't seem right, but it seems like the Gmail account could still be there?

[0] https://www.reddit.com/r/google/comments/94gl4k/gsuite_cance...

Their support ticket has some more info in subsequent posts from both them and others: https://productforums.google.com/forum/#!topic/apps/RIHSJ4LI...

Thanks. Reading that a the help docs[0] explain it better. I wonder if they can restore the business account and then do takeout on it.

[0] https://support.google.com/work/mail/answer/6243136?hl=en&re...

Temporary workaround: Everyone should perform manual download of their data once each 6 month or so. https://www.wikihow.tech/Back-Up-Your-Gmail-Account

I wish I had done this in 2015. I lost the only pictures of my now deceased dog in Google Drive when I was locked out for no reason. Except I didn't regain access because I didn't make a popular Reddit or blog post.

Apparently Google's "customer service" runs as follows:

1. Don't provide any customer service email address.

2. Don't provide any contact form.

3. Don't provide any phone number.

4. Don't respond when people resort to sending snail mail. (Yes really I tried and I'm not the only one).

5. Provide a forum where 999/1000 posts don't get a response.

6. Suddenly respond if it affects public relations. (ea. a popular Reddit post).

That is horrible. Also why I will likely never pay out of my own pocket for their services.

Google is just far too big. They don't have time for you. There are loads of smaller service providers that are great with customer service and don't use scripts that will randomly ban your account.

If you pay even just 5 bucks a month, you get access to their support which is overall pretty good.

G Suite is worth the price tag just for that if you actually use Google products seriously...

Until you get banned and then your voice is no longer heard? like this and many more examples...

You'll note that the user in question was banned after cancelling the subscription...

Why not just jump directly to the Google takeout link?


Another option is to use a desktop email program like Thunderbird to download your gmail via IMAP. That way you can backup more frequently without having to download the entire archive. To make sure it downloads everything, you can switch to offline mode and have it download everything for offline viewing.

I do this with Thunderbird, but copy the emails to a local folder to keep my online inbox clear. I've done it for years and just yesterday it decided to delete my local inbox. Good times.

Wait. Were you able to get everything back, say from a backup?

And do you know why Thunderbird decided to do that?

I have no idea what caused it. This happened during my backup process so I lost about a month worth of personal emails. Definitely a nuisance but i don't think I lost anything critical.

It looks like the offline backup process needs to be:

- Download emails with thunderbird (using IMAP so they aren't deleted online)

- Then backup the local emails

- Then finally delete them from the online folder

Or keep continuous, incremental backups of your local disk. IMO that's a good idea regardless to avoid losing stuff.

Personally I prefer to leave everything on gmail as well as the local backup though, so it's all searchable there.

I got to step 5

> You have no services enabled for which data can be exported.

What? I've had this (paid) GSuite account for years. That's a bit discouraging.

You might need to check with your administrator (or if you yourself are managing it, you need to log in with admin account), there is a option somewhere there at admin.google.com to let your users export data.

Thanks for the tip. Unfortunately, I searched the settings and can't find anything that seems related that isn't already set to ON. I'm the only user (Super Admin).

I do this quarterly, not just for GMail but for everything (photos, docs etc). It's very inconvenient, and I'd pay for a service that would automate that.

I use gmvault to daily download email from all my accounts, I am going to look into other tools to handle photos/docs. It shouldn't be terribly hard to do docs/email (photos would require a lot more space).

Thank you so much for this.

I was banned without explanation in 2011 from Google. No calendar, no email, no phone contacts! Gone immediately and with no ability to get them back. I only regained access because of a Reddit post.

Just like the old saying goes: “Don’t mix business and pleasure

That means not mixing corporate Gmail (or Outlook, or anything else really) with your personal email.

Not using the email for your AWS account to purchase home goods on Amazons retail site.

At best your have the mild convenience of a single inbox. At worst Amazon shuts down your AWS account because you open a dispute for a fake Beanie Baby purchased off the retail site.

I would say "Don't even mix business with business with Amazon"

(not very) funnily enough, we have a business AWS account that is also used for Amazon (buying stuff for the office), as well as Amazon seller central. We've set up MFA on the AWS account, but it's in total conflict with the seller central account, which keeps asking for setting up MFA as well. If we set both, we're almost totally locked-out of our AWS. Somehow the MFA device gets mixed up or something. We can kinda squeeze-in if we try a few times with alternating between codes. Seller central seems connected to the Amazon retail, but not AWS. Totally bizarre.

We've contacted AWS MFA support several times, but there's basically no solution for this. They claim it's all somehow integrated, but something isn't quite well integrated as it should be.

Maybe try pinging AWS's VP, https://news.ycombinator.com/user?id=jeffbarr (email in bio link).

My guess is that you might be the only person/company who has this specific setup, so there's either no ticket, or it has a priority of -99999.

Still probably worth headscratching about internally...

(If emailing works out, I'd be very interested to know!)

Wait what? I have heard a few horror stories about overly-harsh Amazon reviews resulting in a loss of access to AWS.

But opening a dispute? Is this true?

I think what OP is getting at about w/r/t AWS can be clarified by my horror story: I once was using third party software (recommended by AWS) to upload 1 TB of data to AWS Glacier. The individual files were quite large, and if at any point during the upload the connection was lost, the third party software would start over from the beginning. I found this out after noticing that none of my backups had been uploaded after leaving it running overnight. I ended up getting charged something like $20K, which was insane! So I disputed this to Amazon, and they agreed to avoid charging me in exchange for a deletion of my account. Which was associated with my old Amazon.com account.

Confused, does AWS Glacier cost $20K/TB or something? How do you get charged that much just after one night of unchecked uploading?

The third party software was doing a mixture of writing (uploading), and reading (to verify contents had been uploaded). It was continually trying to upload a 1 GB file for well over 12 hours. It's been a long time since this happened so I don't recall the exact figures, but I remember having some 4 or 5 figure charge from AWS. I think the third party software was just bad at handling large single file uploads over residential internet.

Were you able to make another Amazon account after that or do they ban you entirely?

I actually just created a new AWS account and changed the email on my Amazon account.

> At best your have the mild convenience of a single inbox.

Which is also not an issue if you use a decent email client. Even Win10 default Mail app supports unified inbox for multiple accounts.

This is scary. I rely on a legacy free G Suite account, so if paying users have problems, I'd definitely be screwed.

In general I've found it difficult to get a hold of a live human at Google. The one time I was successful was after buying a Google Nexus phone and requesting hardware support (I think it was through the customer support/returns line.)

In contrast, I recently had issues with my iCloud account and was able to get live telephone support. It took 3 hours on hold and being passed through different departments, but I was impressed that Apple actually solved the problem while I was on the line. Didn't spend a penny on iCloud (directly) either.

TBH this just sounds like a bug, if google support weren't so incompetent they would make this right and the story would be forgotten. But they are so this will be another black stain on Google's name.

Someone in the support thread[1] links to an official Google page[2] where it says under 'Before you unlock additional G Suite features':

> G Suite: You can continue to use your personal Gmail account. However, if you unlock additional features and then cancel business email powered by G Suite, you can't go back to using your original free Gmail address.

Sounds like a terrible 'feature' though.

[1] https://productforums.google.com/forum/#!topic/apps/RIHSJ4LI...

[2] https://support.google.com/work/mail/answer/6243136?hl=en&re...


For google, to do this, use https://takeout.google.com/ . Download a copy of your data. Now.

Number 2 lesson to learn from this, which is very painful for many, is that there is a significant operational risk surface added by using cloud services, in that you may not actually have control or access to long historical records of data and metadata. Which means, despite clouds simplifying your life with respect to owning/operating/standing up your own kit/capabilities, depending upon how good/bad they are at being helpful in events like these, you massively increase operational risk by using them, as you lack control over the access to your data and history. If their policies and procedures run counter to what you need ... well ... think smelly creek, canoe, and no paddle or oar.

This is on the provider, and Google's "customer service" is known to be horrible for paying customers. I had used them at $dayjob-1, and found that depite paying them ~$100/month for my companies users of Google Apps/GSuite, I could never reach a person to help with a problem. I couldn't find contact points for asking for help. They had an email alias that took a while for them to answer, and it was as bad as the half-way-around-the-world tech support call centers, but in email form.

So, yeah. Back up your documents, emails, etc. Ask yourself what happens if they go away. If you are a small business person as I was, ask yourself what happens if one of your customers is late paying you, so you are late paying them. Kinda sucks to operate without your email and your documents ...

Call this one of the the down sides to *aaS.

Mail: personal domain with GSuite backed up by IMAP every day

Contacts: backup on multiple devices

Drive: full data on at least one hard drive at all times

Photos: use via Google drive instead of Google photos directly. That allows you to backup like any other data.

All of this must then be backed up off of the hard disk. Our lives are all digital these days. Memories, financial documents, important addresses and phone numbers - everything is digital. Treat it like you'd treat anything valuable.

Also, don't assume something catastrophic. Something as simple as a stolen credit card that you forgot to update in one service is enough to lock you out. Or a bug.

Wait, Google Photos doesn't allow backup?

I had no idea. Nice.

I think you misunderstood something. You can export all your photos via Takeout... or flip a switch that makes them appear in your Drive to use more convenient sync tools.

Nice, it looks like they finally enabled the option [1] for G Suite users [2]. It wasn't available before [3].

[1] https://support.google.com/drive/answer/6156103

[2] https://gsuiteupdates.googleblog.com/2017/12/changing-how-yo...

[3] https://productforums.google.com/forum/#!topic/photos/hMeOfq...

This is probably a good moment to mention that GMail backup solutions exist. got-your-back (GYB) is an open source backup tool in Python that can be easily run as a cron job and backs up all your email.


Also, Google Takeout has a full MBox export of your GMail account that may be worth running annually as a paranoid extra safe backup.

I've found it difficult to find somewhere to import an Mbox. You've gotta grab a desktop app like Thunderbird that supports it and then upload the data again. Easiest for me has been to just have any email client that supports IMAP on a desktop PC and open it occasionally so that it syncs. This saves you the Takeout delay of packaging up your mail, and ensures you're only downloading the delta since last time. I do have some Takeout snapshots though in case I ever absolutely have to go back.

The GYB script I linked actually has a restore mode that can make use of the Google Takeout MBox files.

This works for me: I have my own domain and pay for Fastmail. I do have a forward rule to send everything to gmail, and enable this rule when travelling.

Google Takeout is your friend, and I periodically download copies of email, calendar data, and many other options. I got my gmail 3 years before it became public, and I appreciate having the account, but I make sure my business would continue fine if I suddenly lost the account.

For backing up photos: this is easy, I set my phone to wait until I am on wifi and then save to Dropbox, OneDrive, and Google Photos. Before I put the phone on wifi, I look at pictures taken that day and delete the ones I don’t want to have 3 backup copies of. For most people, photos may be their most valuable didgital asset. Worth having multiple backups.

Question: how do you move away from gmail?

Phone providers in the last decade came up with number transfers (I can talk about Europe only), but how do I transfer my gmail.com address? I have hundreds of registrations tied to my gmail (been using it since it was available, more than a decade now), some are for my bank, others are for webshops, countrywide tax management system, ebay, amazon, healthcare, friends etc.

I read how people are not relying on gmail and running their own servers, but how do they do it? How do they cut loose the ties with their past?

This is what I've done: sync your Gmail account with a regular mail client and backup the mail clients database so as not to lose any old emails.

Step two create new email address with dedicated email provider, one known to have good customer support.

Step three, stop giving out your Gmail address, and over time update your email address on all the services you use.

You can't take your @gmail.com address with you to a different provider, I think that would break the way the Internet works.

Another option is to get a personal domain where the dedicated email provider can support. If you own the domain to your email, you can switch providers more seamlessly, of course you gotta back up your emails through a third party client. Maybe a third party web client you can host yourself that stores your emails.

Maybe something like Mailpile:


Oh yeah, I should have mentioned I registered two domains. One is my firstnamelastname.com and the other is k45j.com so I use a364@k45j.com because it’s short and unambiguous to say over the phone.

This is mostly what I did but using a domain of my own. I made an email forwarder using my own domain and pointed it at my Gmail. Over 18 months I moved every account I came across over to it. So when I switched the forwarder to FastMail, most of my email transitioned immediately.

And since I used my own domain, I never have to go through this again. If I move from FastMail, I just change where the forwarder points again, all my mail already uses it.

You can have gmail forward everything to the new address.

You ‘just do it’.

Don’t host your own email server unless you want maintaining it as a hobby. Fastmail, Kolabnow (my nerd-deluxe choice; OpenPOWER CPUs, 100% Free Software and green energy, Swiss jurisdiction) etc. are great.

Buy a domain, gradually move accounts over when you use them at a desktop, it takes about 30 seconds. Or, even better, just let them die and set up a new one if you ever need it.

It’s not instant, but it’s very possible, and not even that difficult.

Start the transition by buying your own domain and starting to use it, notifying your correspondents. Run both for a while and once you are satisfied that only spam and stuff you don't care about still go to your gmail account stop using it (don't delete it, you don't want to risk it being re-allocated to someone else and that person accessing your recovery email on some forgotten service).

Once you own your own domain, you can move wherever you want whenever you want. The service you use is just a provider, no lock it other than the hassle.

>(don't delete it, you don't want to risk it being re-allocated to someone else and that person accessing your recovery email on some forgotten service).

Deleted email addresses on gmail and pretty much every online service are never reusable for exactly this reason,

Don't rely on it though. Yahoo made a large number of disused addresses available.

I really wouldn't count on that being the case. Even if it's the case now for a specific service I don't think they take as much care of those blacklists as they do of active accounts.

That's not really hard to do. Setup your email an a publicly accessible server. For all the services that you use until now, change your registered email address. That's PITA once, but after you are done you don't need to change it anymore. For friends, keep accepting emails through gmail but reply from your new address and the conversion will happen progressively.

I moved to the free version of protonmail. Having my gmail fw all emails to this account.

It was this or managing my own mail server. For now I’m happy with thier service and their privacy policy of course. But, it’s not gmail or even close to it feature wise.

Its actually quite easy to move. In your Gmail settings you can have everything forwarded to another email so when you set up your new one you wont lose any emails sent to your old address

I auto-forward all my @gmail emails to my @owndomain one. This removes manual checking of multiple accounts, at least.

I wanted to see how people were being convinced to link their Gmail accounts with a G Suite account, so I tried hunting for the option to sign up for this "Gmail for Work" service.

The links keep sending me to either G Suite's standard landing page, or to admin.google.com, which only works with G Suite domains.

I did find the help pages for the service: https://support.google.com/work/mail/answer/6236599

I strongly encourage everyone who wants to have some modicum of control over things, register your own domain and control the authoritative nameservers for it. It's fine to have route53 as an authoritative slave if you want. This lets you point the MX to another service provider rather quickly, such as in an instance where something has gone terribly wrong with your Google mail services.

> control the authoritative nameservers for it

What does this mean?

control your own DNS. When you register a domain, your registrar asks you what you want to be the domain name servers for it. This is the same info that shows up for the namservers in a domain's WHOIS entry. If you control the nameservers you can quickly and easily do things like move the mail services elsewhere, in the event that your third-party-hosted mail services go rogue.

Scary shit here! I just finished the gsuite trial period and started my first paid month, and then to read this horror story is....

I activated Gsuite because it is the best price/capacity value for cloud storage (at the moment) and also I want to evaluate this product as reselling my IT services. I am not going to be happy if I cannot move back into my free gmail in the futue.

Google, we need a good response from you.

Ugh, I lost my YouTube channel when I upgraded a personal address to GSuite.

It wasn't a huge channel so I shrugged and got to work uploading videos again, but just so frustrating.

Squeaky wheel gets the grease.

The more this story is upvoted, retweeted, and spread, the likelier that Google will be forced to deal with a potential PR backlash.

Customer service via viral outrage is an unfortunate consequence of these mass scale services (and companies unwilling to properly invest in human support staff to improve the quality of customer success). It's slightly similar to human flesh search engines in China [0]. Maybe there's a way to organize crowdsourced feedback whenever these tech giants fail to address particularly bad customer issues.

[0] https://en.wikipedia.org/wiki/Human_flesh_search_engine

The original post is yet another example of taking to personal blogs to get proper customer support for critical services.

I find this concept terrible. The eventual, theoretical end-point is that only the elite, social-media connected individuals will get help with their Gmail issues. I'm not worried about me, I'm worried about 70 year-olds who don't run blogs and don't have 40k insta followers.

So yes, crowdsourcing such a thing, in a simple, clear way, would be an absolute blessing. Think Github issues but then 1000x more accessible for average consumers.

> I find this concept terrible. The eventual, theoretical end-point is that only the elite, social-media connected individuals will get help with their Gmail issues.

Another, better outcome would be if Google get tired of getting bad PR and decides to 1. remove traps like the one we are discussing and/or 2. fix their support system.

Never combine accounts, especially across different service levels. Personal GMail + GSuite is asking for trouble, simply because they are different products aimed at different customers with their own teams and support. Trying to detangle accounts after will never go well.

Just setup forwarding instead, or have 1 account automatically check and pull in email from the others, or use a mail client with support for multiple inboxes.

Also remember that free services guarantee nothing. If you want support then I recommend paying for Google One so you have some recourse at the end: https://one.google.com/

My recollection is that Google used to have two completely different account types. There was the external @gmail.com account type, and then there was the internal @domain.com account type. The latter used an accounting system that was originally designed for internal (employee) accounts, but then became the basis of what was called "Google Apps" which I guess is now GSuite. Apparently there were (and still are?) all sorts of bizarre issues due to the fact that they originally had these two distinct account types.

Anyway, I have both an @gmail.com address and my own domain, the latter of which I had with Google Apps for a while back when it was free. I remember having no end of trouble accessing various Google services when I had both account types. I eventually moved my domain away from Google (I moved email to FastMail). But one thing that broke when I moved my domain away was that my wife lost her blogger account... there was no way (at the time) to transfer everything she'd blogged to an @gmail.com account.

What a terribly confusing mess. My complaint about these sorts of things is the same complaint I have whenever an Apple product breaks on me in a really stupid way: you'd hope the richest tech companies in the world could do better.

I run my own email server and have my mail address pasted over websites in plain text and whois records. Still I receive very few spam and not using any spam filter.

Here's what I did. Fit for personal use only, not business use.

* Setup DKIM signature and reject all mails that don't have one. Cut down spam 90%.

* Reject mails from .info .us and other country TLDs that you don't deal with. Further cut down spam by 90%.

* When I mark a first mail from a new domain as spam, the server blocks all future mails from it.

That's all. Works for me.

That sounds good, I've learned how to do SPF for outgoing mail but not yet DKIM - one day!

I saw a talk a few years ago on aggregating DNS lookups for insight into many things, spam included. The presenter said he had great results from simply blocking mail from domains that were less than 24hrs old.

Even if you store the data in the "cloud", you should still make backups! If the service doesn't allow you to make backups, then use another service! If the data is important, you should have backups! I know how boring backups are, but it can be fully automated. (if the data is very important you also want offline backups though) Just don't forget to test the backups at regular intervals, to see if it's possible to recover from a backup.

I have a GSuite subscription that I’ve been thinking of canceling. I wonder if there is an obvious way to know if this could happen to me. I have emails from it’s main email address forwarded to a personal account, and probably also have the personal account setup as a concact perhaps. I will have to thoroughly read through the settings. My personal gmail account is 14 years old.

If you have a paid G Suite subscription, you'll have access to their phone/email/chat support [1], and you can call them to find out if your Gmail's linked.

I think the OP's problem was upgrading to G Suite via a new "Gmail for Business" option [2], which I still can't find on my personal Gmail accounts.

[1] https://support.google.com/a/answer/1047213

[2] https://support.google.com/work/mail/answer/6236599

And here's an example of free never really being free. It sux but when you pay nothing, expect nothing. That's really the lesson to learn.

I once had a "free" website that was running for years. One day it was all gone, no notice, no warning. Lucky I backed it up. I was back in business in a few hours..

That's not the lession. We do pay Google enough to make billions of profits every quarter by granting them access to our data.

Google's terms of service give us no guarantees at all, but neither do other consumer or small business oriented cloud services that charge real money.

I seem to be one of the few people who actually read the terms of service before starting to seriously depend on a provider.

Usually, you don't have any rights at all. Most services can kick out paying customers without notice, without explanation and without recourse.

If you want real contractual guarantees (SLAs with penalties) you need to go all the way to enterprise services and they are extremely expensive.

In my view, the pragmatic lession if you're not an enterprise customer is to choose profitable mid-size providers that are not too cheap and combine a few of them or combine with on-premises infrastructure (that is your PC :) to avoid any single point of failure.

Holy shit! This is a _terrible_ user experience. What an absolute nightmare. I can't imagine some PM saw this and decided to okay it. Wow.

The only reason I can guess that it didn't pop up sooner is that no one uses this product.

I enjoy the Google interface and spam filtering, but don't want to be dependent on them. So I've been transitioning to a new address on my own domain, and just auto-forward the mail from my server to gmail and reply from there (using my domain). I also download my mail via IMAP monthly so I'll have a backup in case I ever lose access.

There's also a fringe benefit: I can run spam assassin on the server, set to filter out only the spammiest of spam. That cuts the quantity in gmail's spam folder down to a level I can manageably look through on occasion for false positives.

Thank you for the response guys, I am still halfway reading the comments. I hope this problems gets to the guys at Google, I really wanted to recover my personal Gmail account before Google completely wipes it out from their server.

Right now, I am on @icloud.com and since Apple is easy to migrate from one device to another I believe this is a nice fresh start.

In the future maybe I will try Protonmail but since it requires a "bridge" for paid accounts, maybe I will look into it in the near future.

UPDATE: https://lawgimenez.me/2018/08/07/g-suite-happy-ending/

Google reached out to the author and got the situation resolved.

Companies these days spend like maniacs on UI, but can't even get the basic UX right.

I set up e-mail forwarding for a custom address after reading stories like this. While it won't back up my e-mails (unless I get a plan that supports that), I'll still be able to redirect 2FA and contact e-mails elsewhere.

Google's nightmare-bad UI strikes again.

Imagine having online exchange auth to be based on the lost email. Indeed, a horror story.

Had that with a bank & phone number I lost. Guess who got a OTP via snail mail lol

This is more like user not able to read horror story

Always remember, with Google, you're not the customer, you're the product. As such, you have no power to demand anything.

One would think that applies to the free users, not the paying customers.

Am I in a position to be susceptible to this? My personal Gmail is used for my data science/dota blog hosted on Google App Engine. I am using the free quota stuff. I don't think I upgraded to business or anything. So scary :(

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact