[ Home | About Me | Blog ]

2020-05-03 - Email is a disaster…

@yarmo on Fosstodon has written his latest #100DaysToOffload post (and his previous one) on how to self-host email, and whether you should. I've had my own email related hassle today so thought I would rant a bit. This rant has been done by many people on the internet before me, and will be repeated countless times in future… but I think it's an important topic.

The state of email in 2020 is a disaster if you value the concept of an open and decentralized internet. If you are one of the majority of people who uses GMail / Outlook, or you host your own domain through GSuite, Office365 etc. then it'll probably seem like everything is fine, because your email will usually hop between these internet behemoths without issue. None of the big players can afford to mess with email from the others - it's just too high a proportion of the messages. The problem is, though, that the modern centralized nature of email on these few dominant services, plus the concept of server reputation and punative filtering against small fish (who may have done nothing wrong), has broken what email used to be - something you could confidently host yourself pretty straightforwardly. It's also not even the case that you can trust less mainstream commerical providers to be trouble-free.

There are two sides to the email story, sending and receiving, and each can cause headaches. I have two domains that I use. The first is my 'main' domain that I rely on and mail is provided there by Zoho - a paid service. The second is my home lab / internet 'play' domain, and I host my own mail services there using some NetBSD VMs from Vultr running Postfix and Dovecot. My wife and I have been having some trouble with missing email lately, so I did some experiments sending and receiving to/from these domains and major email services such as GMail, Outlook, iCloud. Both my Zoho and self-hosted domains are setup with DNSSEC, SPF, DKIM, DMARC… acronyms that are related to the ever more complex ways to instruct mail servers that an email that you send from the proper source for a domain is something that should really be trusted.

This all shows a situation where, if I don't want to use the big services like GMail, email can be an unpredictable business on the sending and receiving ends of things. I'm doing everything technically right here too… all the buzz word technologies are setup and I can see that they are working in mail headers, audit logs etc. It also highlights a big advantage of self-hosting a mail service, even if sender reputation is a problem - if you self-host you always know from your logs if you received an email, or why an email sent to you was rejected (since your settings rejected it!). My self-hosted domain is a refuge for receipt. If somone is having trouble getting through to me, I can give them that address and be confident they will get through, or I'll know why they don't!

I will end up opening an issue with Zoho support now to find out why they are 425'ing my self-hosted mail… and trying to find out more about how my parents' email is being routed. My parents have a custom domain too - and I'm not sure what service they use behind that, nor why it doesn't like some email from Zoho, but is fine with my self-hosted stuff!

Many years ago, before SPF, DKIM, DMARC, I administered a server for a university student union which hosted many accounts, mailing lists etc. Email then was much easier… deliverability was never an issue. Admittedly spam was much more hassle and SPF etc. do help combat this. I can't help feel, though, that the opaque reputation policies and other stuff used these days in the name of avoiding spam have made email much more of a headache than it should be.

This post is day 3 of my #100DaysToOffload challenge.

If you want to get involved, you can get more info from https://100daystooffload.com.

SFC Supporter