...and saving email at the same time. It's totally unusable without spam filters, and the open models/blacklists don't come anywhere close to Gmail's capabilities.
Perhaps, but it's hard to say. False positives are much more harmful than false negatives. I have peronally had Gmail flag a number of legit emails as spam, and those are just the ones I know about! It's almost certain that I have lost valuable messages because I didn't check the spam folder in time. These aren't transactional emails either, I'm talking about messages from real people that I know personally.
I would be willing to wade through a number of additional spam emails to avoid losing important ones but of course this is Google so there is no user facing dial to adjust the sensitivity. Users just have to trust that Google's generalized approach is well calibrated for them.
It's still faster than manually marking hundreds of spam though.
In the spam folder I just scroll down the list as fast as I can skim, and then close the tab if there's nothing.
If they were all just in my inbox I'd have to manually mark each one (and risk accidentally doing it to a real message while going through hundreds of messages).
There's no perfect solution here. Just personal preferences. I think I'd prefer a clean inbox with a 1% false positive rate vs having to manually flag a bunch of missed spam all the time.
I'd take the false positives, personally. If someone really needs to reach me and doesn't get to me on the first try, they usually just email or text back and go "Hey, did you get my email?". Or, just quickly skim through the spam folder once a week.
> Which has happened to me before where people wondered why I was ghosting them.
Same, but I feel like it's almost kinda socially acceptable now. Happens to everyone and it's not something to get upset about... "oh, it wasn't me, it just went to spam." Like Gmail managed to alter our public norms instead of ensuring a zero false-positive rate :)
Sometimes people will reach out again, but that doesn't cover all cases. If an old friend/acquaintance/relative who I don't regularly talk to reaches out and I miss the email they will probably assume I blew them off. Scenarios like they will be in the area and asking if I want to meet up, or maybe sharing something notable that happened to come up.
It sounds like a lot of people here check their spam folder regularly, which is good, but I don't know how widespread that is. I remember Gmail early on deemphasizing the spam folder since, in their view, the filtering was so good people didn't need to check it.
"open models/blacklists don't come anywhere close to Gmail's capabilities"
I disagree with you. I use Postfix with rspamd plugged into it for my personal email account. I get way more spam to my gmail than I do to my personal account, and I sign up to everything with my personal account.
rspam also dkim signs my emails when I send them etc, verifies SPF/DKIM/DMARC on recipet etc.
Now to counter that - I am a TINY mail server - Probably 100 emails a day tops.
rspamd is very, very impressive. I guess most of the hard work I've put into it is adding some of the not-turned-on-by-default things, like Pyzor and Razor. Also adding some other RBLs that weren't included by default (I spent a lot of time personally researching them and only picking ones that I believed to be of high value)
The other big thing that I think is important is the RBL whitelists - DNSWL.org and HostKarma have a whitelist as well.
About one a week I spend 10-15 minutes looking at the logs of what it's accepted/rejected during the week to see if I can spot any obvious mistakes - it's pretty rare. If I do spot something I make config changes to address it. That said there's been months before where I haven't done this and none of the users of my platform have complained about spam (or missing email)
rspamd really is that amazing. I don't understand why more people don't scream it's praises from the rooftops.
I think that's pretty standard for everybody who runs its own mail server (like "shared webhosting"-running even). Owning your mail should also be standard for everybody in tech, you don't want to rely on Google for something that important.
Exactly. I rely on Google for a number of things, the primary thing being photos. But I've read too many horror stories (on here) of people losing their Google account and thus their life.
So all my photos are also backed up locally and then into a BackBlaze bucket.
Using Postfix+Rspamd gave me good insight into SPF, DKIM and DMARC and how to use them effectively.
I mean, electricity is also very important, but that doesn't imply that everybody in tech should be configuring their own wiring. It's fine to do that if you want to, but it is completely reasonable to expect that most people should be able to rely on someone else to do the work of ensuring that the key infrastructure runs well, and not think about it so that they can focus on the specialization they want to handle.
We're not talking about running bare metal in your garage but paying Hetzner or alike 2,50 Euro/month so you're independent from the shenanigans of the automated, AI-"improved" systems of Google. That's a fair price to pay if you value your electronic communication abilites.
I suspect it’s not that unusual. In six years of running my personal mail server, I’ve received exactly zero spam messages with grey-listing as my sole anti-spam measure. The only time I got spam was when I had to move my domain to a new server and forgot to enable the postgrey service.
Before I decided to leave it due to its horrendous false positive rate, gmail was driving like half of notification emails from my servers and mailing lists to spam, despite me never marking them as such. I was regularly missing important things.
It's much better with just regular client side bogofilter and some training on my personal mail/spam archive. And I do zero server side filtering, it's just all content based.
I don't care about capabilities, I just want near 0 false positive rate on the kind of email I receive (and not some common model), even at cost of some false negatives, and Gmail doesn't deliver there at all. And I don't want any arbitrary 5xx rejections for my senders, since I know how annoying that is on the sender side. Gmail will not guarantee that.
No, sorry, it's purely anecdotal. And also more applicable to the last few decades, when other email services were still terrible, than nowadays with many adequate options.
I think I have the opposite preference to you: false positives are OK to me if that means less spam gets through. In fact I've seen many of those notifications in my gmail spam and thought to myself, "Huh, you know, maybe I don't need those that badly after all... I'll just let gmail keep it there."
The overwhelming majority of my human contacts use other channels anyway (some chat app, or SMS), not email. I might get like ten real emails from humans in a year, and even then 90% of them are from people already in my contact list (and so bypass spam).
Phone calls are similar these days. Google Fi/Android also applies a similarly strict spam filter to incoming calls, and marks and blocks a lot of them as spam. I check once in a while, but overall I just don't really mind. If someone really needs to reach me they'll find a way... if they don't try, it's a good filter for how important their message really is anyway, lol.
You mean the same Gmail that is responsible for >50% of all spam to other providers? They may be good at filtering mail from other providers to Gmail accounts, but they are lousy when it comes to the other direction i.e., mail out of Gmail to other providers. Unless they're prepared to block their own users from sending spam to other providers (or even other Gmail users) this initiative won't be of much use.
email is perfectly usable without _Google_'s spam filters.
And if you use non-GMail email providers, you would know they do fine. Not perfect, and of course it differs among providers, countries and accounts, but it's generally fine.
It's also standard practice to use self-signed certs with mail DKIM. Mail as a protocol has, for the most part, tried to stay true to it's federated roots and most things can be implemented without dependencies on third party corporations.
I avoided DKIM till 2018 when google started accepting my mail but silently sending it to the spam folder; so I wouldn't even get a reject message. I thought it'd be to onerous to implement but rspamd's dkim signing feature made it easy to use with my locally generated self-signed certs (and postfix).
Most people that want to self host their own email server for personal use (e.g. on a VPS on their own domain) don't have the infrastructure for reverse DNS zones, so I'd argue that DMARC and DKIM are kind of pointless because their email lands in spam anyways once the PTR query on the IP fails to resolve to the same domain because 99% of the time it will be something like ipv4.somehosting-company.com
> Oh fun so basically no one will be able to setup their own email servers by themselves anymore. Antispam is killing the open internet now.
It's been a long time since you've been able to set up your own email servers without DKIM and expect that your emails will get reliably delivered to Gmail users, especially for bulk mail.
The second requirement is more or less already a legal requirement in the US, and the third is literally how anti-spam has always worked - the only difference is that Google is now saying that they'll publish the threshold publicly, rather than keeping it a secret.
This is technically news, but it's hardly a major shift.
This is my impression too. I briefly used emails from a domain I own to my gmail account as a way to send myself "notifications". My impression was that absolute table stakes to even make e-mail deliver work AT ALL were:
- non residential IP (I had to proxy through my VPS)
- SPF
- DKIM
- use TLS with a modern cipher
And even with this, I still had to "favorite" (or whatever) AND set up a rule to "never send to spam" for my alerts@ sender address because I would still get them going to spam for no reason that I could find - I'd check the message and would see that SPF and DKIM PASSED and yet it was still going to spam.
I ended up switching to using webhooks to send alerts to a discord channel for a server that only had me in it. It works fine. It's a lot more surefire than trying to figure out email delivery
I have my personal mail hosted on a hetzner server using mailinabox. I didn't do anything fancy except whatever mailinabox's default config is.
I have no problem with email deliverability to gmail/outlook. I think the difference is that my emails are two-way communication. I email someone, they email back or vice versa. Not a continuous stream of unreplied emails from my personal server to some gmail address (which does look like spam).
I imagine if you set up a script to reply to these emails from your gmail account with lorem ipsum and then deleted those replies after a few days, your problems will disappear.
Why wouldn't you be able to set up your own email server anymore?
Yes, you need to configure authentication (DKIM, rDNS and preferably DMARC) but you should be doing that anyway, the hard requirement doesn't change that.
One-click unsubscribe is required for bulk email, but you probably don't want to be sending bulk mail from your self-hosted solution anyway.
Anti-spam isn't killing the internet, spammers did.
I rarely get spam in my inbox, if at all, but I also never sign up for newsletters nor give airlines, grocery stores, etc. my e-mail address.
I get spam messages once in a blue moon on my iPhone (specifically, on iMessage, I get recipients with a string of random letters ending in gmail.com). Ironically, it's ALWAYS a gmail.com or hotmail.com address. Funny how the overwhelming majority of spam I can remember comes from Gmail and Outlook, both of which love sending everyone else's messages straight into the spam tray, despite having DKIM + DMARC set up, static IP not on any Spamhaus blocklist, etc.
I mean... No? You can set up your own mail server all you want, it's just that few people will take your mail. Just make friends with other people who hate managed mail companies, you'll be able to email them just fine.
That's too facile. Email was intended as a federated service that allows anyone to send mail to anyone. Privileging large companies over small companies and individual users is a clear violation of that principle, and a danger to the open and impartial internet. I get that spam is annoying (I hate it too) but letting giant American tech companies decide who is allowed to send email and who isn't is not the solution.
Imagine you live in an apartheid state and the people in power say: “White people will now refuse mail coming directly from black people. If black people want their mail to be received, they are required to send it through a trusted white liaison. If you're black and you don't like it, just make friends with other blacks and the tiny minority of whites who will accept mail from undesirables like you."
The above analogy is exaggerated of course, but I think there is a fundamental truth for it: large tech companies like Google have cornered the market by offering free solutions, and now they are imposing an apartheid system where mail sent through big companies is given priority over mail sent by real people who run their own email system.
(Personally, I've disabled all spam filters in Gmail since I've noticed that Gmail is likely to filter out legitimate email while the amount of spam I receive is actually very low.)
Eh, opposite experience, Gmail filters out almost entirely spam email for me and extremely rarely legitimate email. The filter learns fast in either direction.
I get daily spam coming from Gmail and Azure tenants especially.
Uh, no. SMTP, IMAP and POP3 only became popular as a sort of accident, in the midst of a bunch of warring protocols and standards, two of which were expected to be the leading messaging system, not the current ones. There was never some grand plan for internet hippies to all come together around "federated" services.
There is no such thing as the open and impartial internet. It's a melange of fiefdoms which only works through loose agreements between giant providers that tacitly allow all kinds of shit to happen in the hopes that they'll recoup the cost through their own business plans. The internet is quasi-open; open enough at the level that you interact with it that it "feels" open, sometimes. And it most certainly is not impartial. Competing interests have been warring over pieces of the pie for decades, and use whatever control they can grasp to make as much money as they can, while they can. Nerds running self-hosted servers and railing on about the inequities of corporate control on forums have absolutely no say.
> I get that spam is annoying (I hate it too) but letting giant American tech companies decide who is allowed to send email and who isn't is not the solution.
Again, they aren't. They have their own e-mail system, and you can use it or not. They aren't telling you you can't send your own e-mails or run your own systems. You are just upset that they have their own party and won't let you choose the music. You could throw your own party, but you don't want to do the work that entails, while you do want to force the people who are doing the work to do it your way, despite everyone else in the world not giving a shit and not wanting to deal with the problems anymore.
E-mail is not state sponsored racism. Again, you can choose what e-mail provider you use, and run your own mail system, and do whatever other asinine navel-gazing techno bullshit you want. Nobody is stopping you. They just aren't going to accept what you make. That's not oppression, that's called competition and free choice.
I'd be curious what you think of the telephone. Was that too intended to be some kumbaya international symbol of freedom that anyone could do anything they wanted with? Are you looking to run your own switchboard, and upset that AT&T won't carry your calls without forcing you to pay to hook up to their equipment? How dare they be able to reject your homemade lines to connect to their customers?
You want to know what actually not having a choice means? It means you can't even run your dinky mail server at home because the service is deemed illegal. That has not happened, and will not happen, because literally nobody cares about you and your e-mail service. You are the only person who cares about this. You are obsessed with a principle for the principle's sake, and the funny thing is, that principle isn't even being violated.
You want an end to the "tyrrany"? Use that engineering genius to come up with a solution to spam that doesn't revolve around IP reputation. Companies around the world will gladly take your mail if you can come up with a solution that doesn't require them to spend millions to mitigate spam.
