Mostly true (server can be home but using the ISP network directly probably won't work)
You can't successfully use an email server on a (cloud) VPS.
Bullshit
You can't successfully use an email server on a bare metal machine in your own datacenter.
Bullshit
As such, it is my distinct displeasure to declare the death of SMTP. The protocol is no longer usable. And as we can see, this devolution occurred organically.
Sure, you can run one, good luck getting even a halfway decent delivery rate to mailboxes at any major mail provider. Even if they never receive a spam message from your server, your server is an "unknown" which counts against you. And if one person in your small company of 10 or 100 or even 1000 people gets their e-mail hacked and sends spam? Prepare for the rest of them to get punished for it. Running an SMTP server is a nightmare which is why, over time, more and more of the economy has just shifted their SMTP servers to organizations who professionally run SMTP servers instead of having their own.
Set up dkim/SPF properly, make sure the ip you plan to use is clean before you start, sign up for MXtoolbox blacklist alerts and if you get on a blacklist (doesn't happen often if you do a bare minimum of proactive security), you request removal. It's really not hard.
I work as a Sysadmin for a web host who sells VPS's. I've helped many people setup domains on their server to cover SPF, DKIM and DMARC passes on a daily basis. Most use these for personal or business level mail delivery without issue.
Are there hurdles to overcome? Sure. But it's not exactly hard as long as you have a IP that's isnt a poor reputation (which as an ISP we help delist and improve). But it's not impossible.
Its more "convenient" to use a third party mail provider just as Office365 since you pass on all that setup and responsibility onto their framework, but it's not hard to setup a decent level of mail service yourself.
You're spot on, and even smaller ISPs routinely get blocked by larger hosters (anyone who doubts this, please look around for the many stories along the lines of "gmail silently drops my email")
Residential IP blocks are scored much higher and given a negative trust from the start - not surprising since that's where much of the world's spam comes from through compromised computers, routers etc.
I'm going to add "bullshit" to the first. I've gone 2 decades running a few email domains on my home servers, on 3 different ISPs. Its not rocket surgery.
I've been running one with a dozen or more users on bare metal at home for the last two years. A little bit of spam but otherwise fine. No deliverability issues or anything.
And for sure your home isp has all the email ports blocked upstream.
With all that being said, to call SMTP dead is wildly insane. I do figure it will die someday though. Probably around the same time of universal IPV6 adoption during the year of the linux desktop.
My ISP doesn't. It an electric company that offers fiber, so not your typical telecommunications company. Still though, not a single blocked port.
On topic, I tried an email server and it is too much of a pain in the ass IMHO, without the requisite training and experience, but certainly not impossible.
Yeah. I've had zero problems hosting my mail on a bare metalachine in a datacenter. They arrive just like they should, plus it's just so freeing to host it yourself.
I know there are problems with big email providers subverting decentralisation to benefit their business models, and throttling mail from independent or self-hosted domains. But I couldn't take the analysis seriously past this statement:
You may know me as a Bitcoin educator and engineer.
Yeah well, in that case, fuck you and the hypercapitalist horse you rode in on.
Bitcoin is hypercapitalist? A decentralized value store not controlled by any one country and immune to money printing inflation? What are you smoking?
Capitalists will even sell you communism if it makes them a dime, end result is cryptocurrency is half assed solving a problem that doesn't really exist.
Like inflation is a great example, you shouldnt have to add modifiers onto its definition, inflation is inflation - bitcoin by design must inflate
I mean, it's been shown that it's relatively easy for a big company to control the price of Bitcoin, and there's nothing more capitalist than wanting to get away from the control of countries and states that might get in the way of making as much profit as possible so,,,, yeah no I'd say hypercapitalist is a valid accusation. Bitcoin was designed to beat the big banks and capitalist status-quo, but I don't think that we can pretend it succeeded anymore.
You may know me as a Bitcoin educator and engineer.
Yeah well, in that case, fuck you and the hypercapitalist horse you rode in on.
This guy is a protocol engineer, talking about protocols. You may not like like Bitcoin, but it's pretty hard to argue it's not one of the most successful, widely-used, and forked open source protocols developed in the last several decades. Bitcoin core is in the top 100 starred repos on Github. It has a unicode character.
Bitcoin's market cap (> 1 trillion USD) is bigger than Sweden's GDP and it moves billions of dollars around the world every year. You can use it to send money to anybody with a phone and a halfway reliable internet connection in under a second for pennies in fees, and it settles instantly. And it's been working for 15 years without a single hour of downtime, bank holiday, or hack despite pandemics, wars, financial crises, and attempted bans by global powers.
Like, be mad if you want, but it's a pretty successful and robust protocol. And if you don't like it, you can fork it and change it, because it's open source.
http, https, ssh, ntp, ftp. These are all algorithms some of us use every day. Bitcoin is a protocol, true, but it's not a good one. And it's one that most people have not used, and don't intend to
It has a lot of forks? that is neither here nor there. it's a tech buzzword. of course there are going to be a lot of forks. Do any of them actually go anywhere though? not really
No, see — if I dont like it I don't need to fork it. I can just leave it and all its forks the hell alone. I'd do the same for national currencies if I could, cryptocurrencies are just the same bullshit without the regulatory checks and balances.
TL;DR — I see what you're selling and I'm not buying it.
I don't buy this. I'm still using SMTP on my own domain and it’s working fine, a bit of spam but not unmanageable, real messages get read. Main challenge is digesting so many potentially-interesting list messages, indicating email's continued dominance for professional topics. Seems this author has another agenda.
Having said that, it's a pity the world never agreed a protocol for micro-payment for emails (and for many other services), which would resolve the spam problem, and not be a burden for honest users.
I also host my own mailserver and I agree that it mostly works fine. However, there are some email providers that cause trouble:
Google seems to randomly sort some of my mails into the recipients spam folder, while others are delivered fine to the respective inbox. It kinda sucks that you can never be sure whether the recipient actually received your mail or whether they just don't reply. My IP and domain are not blacklisted on any spam list; SPF, DKIM and DMARC are set up correctly as well.
Even worse is the Telekom (German ISP), who use an explicit whitelist of IP addresses (only IPv4 of course) and require you to display your contact information publicly on a website reachable via the same domain your mailserver uses. Once you've set this up you need to message them to be put on their whitelist. If you're not on their whitelist, they simply reject your mails, they are not even delivered to the spam folder (maybe it's not worse than Google, because you at least get a notice from your mailserver that your mail couldn't be delivered). In the end I decided that I don't care enough to comply with their regulations and just don't send any mails to Telekom customers.
Aside Google and Telekom, I've really never had any issues though.
Defederating bad actors/spammers should in theory be good enough? Domains aren't free and I don't think it's worth it for them to buy a new domain to just be able to spam for a short time again.
Domains aren’t free and I don’t think it’s worth it for them to buy a new domain to just be able to spam for a short time again.
Literally what e-mail spammers do.
Agreed defederating can help solve obviously malicious instances, it doesn't solve spammers abusing good instances. E-mail and AP are very similar at a protocol structure level.
Is it though? Don't email spammers just spoof the domain or send without a domain? I'm not entirely sure if that's different from how the fediverse works. I'm not too knowledgeable about this topic.
(This is as much an answer to some of the comments already raised, as to the article - which like most such personal pieces has pros and cons.)
As part of a previous job I used to host email for a small business - this was about 15 years ago. I ended up spending several hours to a day a week working on it; apologising to users, tracing and diagnosing missing sent email and the endless, ENDLESS arms war against incoming spam (phishing was much less of a problem then). The trust from the company in our email operation was very poor and you'd regularly hear someone apologising to a customer because we hadn't contacted them, or answered their email. The truth is much was going astray and staff were relying more on the phone than email because they knew it worked. You might guess from this that I'm terrible at running an email system but I don't think I am. I started moving email back in the late 80s when Fidonet was the thing, so I have some miles travelled. Tools have improved a bit since then, but so have those used by the bad guys.
I still consider one of the best things I did for that company was move our company email onto Gmail Business (which was free for us as a charity) Every single one of those problems went away immediately and suddenly I had a lot more time to do more important stuff. I would never self-host email again despite running several personal servers.
Plenty of people say they self-host just fine, and great for you if that's so. But the truth is you won't always know if your outbound mail silently gets dropped and you have a far higher chance of it arriving if it comes from a reputable source. There are a huge number of variables outside of your control. (ISP, your country, your region, your software, even the latency of your MX or DKIM responses factor into your reputation)
You take the decision on whether any perceieved risks of privacy through using a third party outweighs the deliverability and filtering issues of self hosting, but please don't say it's simple or reliable for everyone. If it's simple for you, you're either incredibly lucky or just not appreciating the problem.
I never run a mail server but Google already placing my mail sent via my xyz domain hosted on proton to spam folder silently.
I guess running my own will be a lot worst.
P.S. I know that's a bad TLD choice, and I'm planning to migrate, but that will take a lots of time and work to the point I wonders if that worth it as I don't sent many anyways.
And threads will be the death of decentralized lemmy. But we still have mailing lists, and most of my mails go to decentralized users on those lists. You just gotta know where to look, and you'll find gold.