Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Privacy

Why Email Providers Scan Your Emails (consumerreports.org) 98

An anonymous reader shares a report: If you receive emails flagged as spam or see a warning that a message might be a phishing attempt, it's a sign that your email provider is scanning your emails. The company may do that just to protect you from danger, but in some situations it can delve into your communications for other purposes, as well. Google announced that it would stop scanning Gmail users' email messages for ad targeting in 2017 -- but that doesn't mean it stopped scanning them altogether. Verizon didn't respond to requests for comments about Yahoo and AOL's current practices, but in 2018 the Wall Street Journal reported that both email providers were scanning emails for advertising. And Microsoft scans its Outlook users' emails for malicious content. Here's what major email providers say about why they currently scan users' messages.

Email providers can scan for spam and malicious links and attachments, often looking for patterns. [...] You may see lots of ads in your email inbox, but that doesn't necessarily mean your email provider is using the content of your messages to target you with marketing messages. For instance, like Google, Microsoft says that it refrains from using your email content for ad targeting. But it does target ads to consumers in Outlook, along with MSN, and other websites and apps. The data to do that come from partnering with third-party providers, plus your browsing activity and search history on Bing and Microsoft Edge, as well as information you've given the company, such as your gender, country, and date of birth.

[...] If you're using an email account provided by your employer, an administrator with qualifying credentials can typically access all your incoming and outgoing emails on that account, as well as any documents you create using your work account or that you receive in your work account. This allows companies to review emails as part of internal investigations and access their materials after an employee leaves the company. [...] Law enforcement can request access to emails, though warrants, court orders, or subpoenas may be required. Email providers may reject requests that don't satisfy applicable laws, and may narrow requests that ask for too much information. They may also object to producing information altogether.

This discussion has been archived. No new comments can be posted.

Why Email Providers Scan Your Emails

Comments Filter:
  • new info? (Score:5, Insightful)

    by awwshit ( 6214476 ) on Monday July 05, 2021 @09:10AM (#61552556)

    Is there some new information here? I must be missing it.

    • Re:new info? (Score:5, Insightful)

      by StormReaver ( 59959 ) on Monday July 05, 2021 @09:13AM (#61552562)

      There is nothing new here, but it's good to remind people from time to time that they are surrendering a tremendous amount of privacy by using email services they don't control.

      • Re:new info? (Score:5, Insightful)

        by awwshit ( 6214476 ) on Monday July 05, 2021 @09:24AM (#61552588)

        Funny thing is, I run my own email server. But many people I email do not - much of my email gets scanned because it exists outside of my own email server and on services like gmail or outlook.com. Once you've sent an email you've lost control, again nothing new here.

        I guess I should also remind you that the internet never forgets.

        • Don't worry, the big mail services are doing their best to make it impossible to run an independent mail server that can reliably send and receive email anyway. The cartel-like control they've been establishing over the most important communications medium we have today outside of face-to-face contact, all under the guise of "fighting spam" or whatever excuse they have this week, is really quite disturbing if you stop and think about it.

          As for new info: TFS implies that Microsoft is monitoring not just your

          • DKIM and SPF are not all that burdensome. IP reputation is the tough one, but you can't blame the big mail services for what they do there. Entire neighborhoods of IP addresses get flagged and if your dedicated server's IP is in the same range as easily compromised shared hosting with outdated WordPress installs it can be nearly impossible to have a perfectly clean record. Never underestimate the amount of down these measures are stopping.

            • IP reputation is the tough one, but you can't blame the big mail services for what they do there.

              Well, I can, for precisely the reason you set out. Some of the big mail services are extremely aggressive at flagging or even silently dropping incoming mail based on nothing but an IPv4 address, often due to associations like proximity to another address that has been blacklisted, being part of a domestic ISP's range, or being a source of spam a long time ago when someone completely different was using that address.

              Never underestimate the amount of down these measures are stopping.

              The amount of what that these measures are stopping? Detection of hostile content should be

              • Some of the big mail services are extremely aggressive at flagging or even silently dropping incoming mail based on nothing but an IPv4 address, often due to associations like proximity to another address that has been blacklisted, being part of a domestic ISP's range, or being a source of spam a long time ago when someone completely different was using that address.

                I often apply those criteria to my own server as well, and often refuse any SMTP traffic from entire ASNs. I don't expect to receive any legi

          • by gweihir ( 88907 )

            Don't worry, the big mail services are doing their best to make it impossible to run an independent mail server that can reliably send and receive email anyway.

            Oh? So far I have had one this year and one last year. In both cases, their fault, because they blocked a whole /16 of individual vservers. A complaint to my vserver provider cleared both up nicely. And no, I do not use DKIM or SPF. Not needed. Email gets authenticity from a PGP-signature, not from messing with DNS.

            • At work our infrastructure is hosted with a relatively small managed hosting service. We have unique IP addresses that have been exclusively ours for a long time. We send only legitimate, standards-compliant mails. And still, a significant proportion of essential outgoing mail (as in, we are legally required to send it, or it's something explicitly requested like a password reset) to people who are already paying customers gets lost, apparently just from mail services screwing up their filtering. A noticeab

              • by gweihir ( 88907 )

                I think you do not know what "authenticated" means.

                • I'm well aware of other meanings of the term, but the only kind of authenticity that is relevant in a discussion about reliable delivery of email is the kind that improves delivery rates. When you contrasted including a PGP signature with the other protocols, that appeared to be the point you were making. If that wasn't your intention, perhaps you'd like to clarify why you mentioned PGP here at all?

                  • by gweihir ( 88907 )

                    "Authentic" does not have a meaning of "reliable". You definitely do not know what "authenticated" means.

                    • I spent much of the past decade working with enterprise-grade AAA infrastructure. I know what authenticated means just fine as a term of art in the field of IT security.

                      However, that meaning wouldn't have been relevant to this discussion, which is about reliable delivery of email, so I assumed you meant it in the plain English sense of being trustworthy and not fake, in contrast to the spam emails that these service providers are supposedly trying to block.

                      If that wasn't what you meant then you still haven'

          • Don't worry, the big mail services are doing their best to make it impossible to run an independent mail server that can reliably send and receive email anyway.

            No, they don't.

            Everyone can have his own mail server for $1 - $5 per month. Simple. Pay a bit more and you have it in your house on your own linux box.

            • Re:new info? (Score:5, Insightful)

              by Anonymous Brave Guy ( 457657 ) on Monday July 05, 2021 @05:30PM (#61553712)

              Everyone can have his own mail server for $1 - $5 per month. Simple. Pay a bit more and you have it in your house on your own linux box.

              Thank you. This is the first time in a long time that I get to write ROFLMAO on Slashdot. It takes me back to my youth.

              I'm sorry to be the bearer of bad news, but if you actually do that today, there a very high probability that some major mail services will flag your mail immediately just because you're sending from an IP range used by a domestic ISP. And then more will flag you because someone else with the same ISP actually was spamming and your IP address is within the same /N as them. You won't do much better sending mail from an IP block known to be controlled by any cloud provider.

              Running a mail server is not trivial but it's within the abilities of many geeks. Running a mail server that anyone else will listen to is an entirely different story, and it isn't the year 2000 any more. Increasing numbers of small organisations can't even get reliable delivery from a dedicated mail server at their office, using an exclusive IP address with a business-grade connection to their ISP, and this trend has been getting worse for years. Sending your mail via a large ISP or one of the big dedicated mail services is in danger of becoming the only reliable option for a lot of small businesses, and that is very much not how an open communication protocol like email was supposed to work.

            • Everyone can have his own mail server for $1 - $5 per month. Simple. Pay a bit more and you have it in your house on your own linux box.

              The key part of the phrase you were responding to was "that can reliably send and receive email". Setting up the mail server is the easy part. Getting other ISPs to accept mail from your IP address is the trick.

              • Getting other ISPs to accept mail from your IP address is the trick.
                And why would that be the case?

                I never did anything in that regard and everyone is accepting my mails just fine.

        • Those packets travel as plain text or at best MIME encoded. So there is no such thing as private. Those of you old enough to remember phil zimmerman, and the controversy that landed him in jail for PGP, will remember his analogy. Non encrypted email is like sending a letter without an envelope or on the back of a postcard. Sure TLS is good to stop snooping; but if you want to stop the mailman from reading your mail, you need a pgp-like application with a keyring. Otherwise people should just assume its been
      • I'm trading privacy for functionality. I've tried to control spam on this email address myself... good luck. I get thousands of spams per month.

        I could just not publish my address, but I'm not doing anything secret in my gmail. And if I were, I'd encrypt.

        • Curious, does gmail filter out spam from itself? I run my own server and for a very long time I would trust mail coming from google servers that was gmail sender. No more. I now have a list of gmail accounts I accept. So does google filter spam from its own servers?
          • I don't seem to get google spam in my Inbox, if that's any help.

            Looking in the Spam folder I can see five spam messages sent via google docs, so that's working.

            • I run my own server and 99% of the spam that I see originates from Google or Microsoft operated e-mail platforms.

              • I don't have enough spam getting into my inbox to have samples to examine right now to see if they originated from gmail servers. So the system must be working, and furthermore, it must not give a shit if the source is a google server.

          • by dryeo ( 100693 )

            Perhaps not from paying accounts.

      • Well one could do all this work [youtu.be] but people don't want to turn a simple task (communicating with others) into another job.

      • by gweihir ( 88907 )

        Indeed. One reason I use my own mail server, but there are others out there that will give you privacy for a moderate fee. With Google, etc. _you_ are the product.

    • My thought exactly. For a second, I thought I was looking at the "This Day on Slashdot" from 2002. I suppose I wasn't expecting to hear that Google and MS aren't scanning emails for the purposes of advertising (at least any more), but I still find it rather irrelevant. I just assume they all do that.
    • Ceiling Cat is in yer emails!

  • So the soup boys can build a profile on you, in case you’re a terrorist.

  • by cascadingstylesheet ( 140919 ) on Monday July 05, 2021 @09:39AM (#61552618) Journal

    All of them can, they have the technical ability. Unless you use some encryption scheme that you can't get your friends and contacts to use (easier to just not use email; same result).

    And before someone tells me yet again that I should pay some guys in Switzerland to handle my emails, since they pinky swear that they won't do this - why exactly should I trust those guys either? How do I know they won't take my money and monetize my emails?

    • Well, to be fair, Proton is HIPPA compliant, make their source code fully available, have client-side (browser-side, in this case) decryption and were audited in 2015. Of course, then you have to trust the auditors and the reviewers of the Github repository...
      • For it to be HIPAA-compliant there has to be an audit trail all the way from source to deployed binary. If Proton has only had a source audit they could deploy a binary sending all mail straight to the NSA, which would _not_ be HIPAA-compliant.
    • that I should pay some guys in Switzerland to handle my emails .... why exactly should I trust those guys either? How do I know they won't take my money and monetize my emails?
      Because those providers are running as "banks" and the banking secret is hold high there.

      And automatic scanning to flag something has nothing to do with "reading" your secrets anyway.

  • for the paranoid (Score:4, Insightful)

    by jmccue ( 834797 ) on Monday July 05, 2021 @09:40AM (#61552624) Homepage

    If you are really paranoid about this just use gnupg, but really who cares, not getting spam is a big plus for me.

  • they would see the tings i buy online which i dont do often anymore, they would know i pay my home owner's insurance & auto insurance, my electric bill, and i like to browse zillow for realestate for sale in my area, and that i get spammed by BestBuy, Dell computers, NewEgg, and a Harley Davidson shop in a nearby city and all of which are filtered to go directly to the Trash, other than that my email is not interesting at all
  • This story could be of interest to non-technically-minded people; but, even nowadays, that doesn't remotely describe Slashdot's audience.

    • I agree in terms of the uselessness of this article but 'non-technically-minded' people seems to be more and more applicable to slashdot as time goes. on.

    • Slashdot still has an audience? Who knew?
    • I'm pretty sure that everyone who hasn't been under a rock, or in prison, for the past 20 years, knows that email providers scan emails for spam and viruses.

      Yes, even in remote African villages. They have email there too, generally via a cellphone connection.

  • With everyone having their own e-mail server etc.
    This could be built into routers. FLOSS, of course, or it would be no better in the end.
    Updates, written by somebody competent, would keep it just as safe. But it would be liberating, give people back control, and make the net a lot more decentralized an hence resilient. (Of course assuming there are many forks, as there will be, so supply chain attacks and losses of trust can be cut off quickly. But of course requiring a nice and easy way to choose, if you,

    • Have you met the common internet user? You think hacked computers and email spam are a problem now...
    • by mr.morbo ( 6346556 ) on Monday July 05, 2021 @11:20AM (#61552914)

      I already run almost everything myself, including DNS and a CA. And I know it's really not that hard. A thin fork and home server can be maintained with less than half a day of work per week. Or, after the initial setup, no work at all, if everything goes well. It would take me only one additional command each time, to do it for other people as well.

      If you think it's easy and it doesn't take much time to administer email, DNS and a CA then you're doing it wrong.

      It is not trivial to run those services. Aside from applying security updates, scanning logs and auditing for signs of intrusion you need to keep up with the current state of the art and that changes fairly frequently. TLS configurations, SPF records, dnssec/crypt, DKIM, etc. Getting those things wrong can cut you off from communicating with other people.

      DNS requires at least two NS records pointing to separate networks for your domain. If you only have a single NS then you're in violation.

      SMTP is difficult on most ISPs. After you've gone through the war of getting them to allow port 25 you have to ensure that you never become an open relay, even inadvertently. That literally means reevaluating the configuration and re-testing it every time you apply an update that includes the SMTP server.

      My ISP periodically hit up my mail server and tested it for relaying when I was running one. You also really need a secondary MX configured outside your ISP network so you don't lose mail when yours is overloaded or just down. A secondary MX opens a whole can of worms about spam reflection attacks that you need to be very careful to mitigate EVERY TIME you make a change on the primary.

      If you run your own CA then nobody else will trust you. Clients will receive certificate warnings and the big boys connecting to your mail server will just hang up if you mandate TLS and hand out a self-signed certificate.

      Go on and keep deluding yourself that you know what you're doing.

      Everyone else should just sign up with a trustworthy provider like Proton or Tutanota for their personal email domains. Almost any DNS registrar will do what you need but Cloudflare is free and fast. Letsencrypt will give you certificates if you need them.

      • Yes to most, but no need for a secondary MX. Any real sender is going to keep trying for at least 3 days, which should be plenty of time to restore your email server. I have discovered on several occasions misconfigured senders that should know better. Both the power company and one of my credit cards had incorrectly set their DNS reverse/forward inconsistently and as I run a very locked down server, I was declining their connections. I let them both know and they corrected immediately. I wonder if they wer
        • Yes to most, but no need for a secondary MX. Any real sender is going to keep trying for at least 3 days, which should be plenty of time to restore your email server.

          You'd think that wouldn't you. And it's true until it isn't. Murphy has a profound way of showing up while you are away from it for more than a week.

          Over the many years I've had several failures that required major intervention happen while I was out of state for days at a time. Having a secondary saved my mail for that time.

          While it's not a hard requirement for a secondary MX it's a very good idea.

        • If you have multiple MX for the domain you probably want to add an MX at the highest priority pointing to a blackhole. It gets rid of the non-RFC compliant spam-to-MX senders (and there are a lot of them).

          • It gets rid of the non-RFC compliant spam-to-MX senders (and there are a lot of them).

            There might have been at one time or another. As with all things, spammers adapted to that variation on greylisting. What I had started seeing more recently, that I found interesting because I hadn't personally seen it in years and years of running mail servers, was more than 50% of spammers going straight to the secondary to inject their excrement. The volume of spam injected direclty into the primary had reduced to almost zero toward the end.

            I don't know what the logic is there. I never saw any kind of re

            • Should have written, "Perhaps they were circumventing your proposed black hole technique, I don't know.".

              Somehow managed to not write that. Oops.

          • I mainly see senders with no reverse dns entry on the IP address, probably from compromised boxes. I defer those indefinitely. Mainly because I have seen some real senders that have lost their reverse entry for short durations, so if it is transient I want the retries with 4XX. Could even be a transient issue on my lookup end of things. After that, I now mainly see google/outlook validated senders. I have fixed that by only allowing known gmail/outlook senders and deferring the others infinitely. You really
      • by MeNeXT ( 200840 )

        The biggest issue in keeping it simple is a fixed IP with an open port 25 from your ISP. Forget about running your own CA, Letsencrypt is simple enough today. DKIM solves nothing for the home user. I honestly believe it was conceived so large entities can deliver SPAM more than anything else. SPF is a simple DNS entry. Registrars today offer DNS and some even provide it for free. Keeping up with security advisories will be the headache/problem since home/personal email settings hardly ever change. It's not

        • The biggest issue in keeping it simple is a fixed IP with an open port 25 from your ISP.
          That is no issue at all.

          My port is on my computer, and my ISP is only routing packages: he does not know anything about (my) ports.

        • DKIM solves nothing for the home user.

          DKIM solves very little for the *end user*. Without properly configured DKIM (and SPF) your spam score rises so high that the big boys won't share their toys with you. Couple that with anything they consider a "residential" IP and you can literally not get mail to >90% of people.

          Microsoft blacklist you and makes you jump through hoops regularly to prove your server is legit. It isn't a once-off process

          Google accepts mail and routes it to /dev/null. I've tested it personally when people started telling me

      • SMTP is difficult on most ISPs. After you've gone through the war of getting them to allow port 25 you have to ensure that you never become an open relay, even inadvertently. That literally means reevaluating the configuration and re-testing it every time you apply an update that includes the SMTP server.
        No idea what that is supposed to mean. Can you explain?
        My ISP is not my email hoste, I have two of them. All of SMTP/POP/IMAP just works fine. For all my computers and all my (or friends) eMail addresses, I

        • No idea what that is supposed to mean. Can you explain?
          My ISP is not my email hoste, I have two of them. All of SMTP/POP/IMAP just works fine. For all my computers and all my (or friends) eMail addresses, I host.

          No idea what any ISP has to do with my port 25, either. My port is on my computer, goes through my NAT router: what has an ISP to do with that?

          What does your ISP have to do with packets on port 25? Seriously, you don't even know how that works? Shut down whatever services you are exposing to the Internet and walk away. You'll be making the world a better place.

    • by ceoyoyo ( 59147 )

      You can run your own e-mail server all you want, but you're still sending everything to your ISP, who sends it to their ISP, who sends it....

      If you don't want someone on the internet reading your mail, encrypt it. This could be trivially built into every e-mail client, and should be. No need to have grandma running her own server.

      • If you submit your e-mail to your ISP's e-mail server (very few actually have one -- they usually outsource it to someone else such as google or microsoft), then there is no point in running your own e-mail server. In fact, I would suggest that if you are using a "relay" then you are not actually running your own e-mail server.

        It is only "your own" e-mail server if it sends and receives traffic directly from the source or to the destination.

        It is rather trivial to run your own e-mail server. It takes only

        • If you submit your e-mail to your ISP's e-mail server (very few actually have one -- they usually outsource it to someone else such as google or microsoft),
          That would be fraud.

          It is only "your own" e-mail server if it sends and receives traffic directly from the source or to the destination.
          That is what my servers do: except that you miss the fact that emails can be relayed.

          • "That is what my servers do: except that you miss the fact that emails can be relayed."

            Only by agreement. Once upon a time before the invasion of the great unwashed almost all MTA's were capable of being relays by default. Post the arrival of the unwashed, relays are greatly restricted to the point where you cannot relay through arbitrary servers anymore, only by prior arrangement, and any MTA that "accidentally" leaves itself open to relaying will be widely blacklisted.

        • by ceoyoyo ( 59147 )

          It is rather trivial to run your own e-mail server. It takes only a few minutes per month to maintain, if that. Unless, of course, you are incompetent.

          I'm going to go out on a limb and guess that your english horn playing skills are pretty bad. In fact, chances are excellent you're completely incompetent.

          For the vast majority of people, setting up and maintaining an e-mail server is not at all easy. It's also gains them nothing. E-mail is not secure. At all. Wasn't designed that way, hasn't ever been that w

          • This is a common fallacy. E-Mail is 100% secure. In fact it is more secure than snail (postal) mail. What is not "secure" is the penchant to use "other people's computers" (aka the cloud) rather than resources under one's own control.

  • ... then only the NSA and other three letter agencies in the US and rival countries will scan it.

  • They forgot to mention another very common scan: Any email system that uses software written in C will scan all your messages to find NULL terminators.

    That's why for maximum privacy, you should insist that your providers use software written in modern languages.

    • All email systems scan your email to learn the recipient address. They will know it is for you, and that you use email!

      Modern languages have this same problem, so don't use them either until this is fixed.

      In other news, troll probably wants to convert everything to rust or some such nonsense using nonsense fear arguments.
  • The contents might no be being scanned, it might just be a test of the envelope (sender and recipient) and subject.
    • Scanning only the sender and recipient would not be that effective for things like phishing and other malicious content.
      • Yes, the "rcpt to" and "mail from" together with the foreign MTA IP Address and DNS configuration (that is, require strict RFC compliance) is quite efficient in getting rid of spam and phishing. Combined with SPF and blocking of malicious actors it is at least 99% efficient at blocking all spam and other malicious traffic. DKIM does not really add anything to the equation.

        • By "foreign MTA", do you mean a foreign country? That assumes that no phishing ever comes from within your own country. Also if you do international business, foreign MTAs are common. For example, in the EU getting an email from a German address is just as likely as a Spanish address even if your company is not based in either.
          • All MTA's that are not me are foreign.

          • MTA means Mail Transfer Agent -- a "user" composes an e-mail and submits it to a MUA (Mail User Agent). The Mail User Agent sends the message to a MTA (Mail Transfer Agent). That MTA (Mail Transfer Agent) then transfers the message to another MTA (Mail Transfer Agent) which then delivers the message to a MUA (Mail User Agent) from which the "user" to which the message was sent can retrieve it.

            Sometimes the MUA component is "linked into the same executable" as the MTA, sometimes not.

            E-Mail (message) transf

            • Again your filtering assumes that the email was not sent to you directly or by the sender. The email could have come from "joe@somebusiness.com" except joe is not a real person and somebusiness is just a shell company.
  • So what if they scan the emails and use that to target ads? It's not like I ever look at those ads, and my adblockers are quite good. If one uses a company's email server, their emails will be at the mercy of the company. If you don't like it, run your own mail server.
  • iPad email is littered with advertisements for my latest .
    Yesterday: Let's Solve Your Toughest Odors - Fresh Wave - we talked about cleaning minisplits

    How I got onto Apple advertising through eavesdropping happened on my iPad. In my Dr. office in private conference I carried my tablet setting it on the corner of his desk. Dr. explained no Rx necessary for one script that it was available OTC by brand . within an hour after leaving my tablet shows brand advertising to me.

    That’s impossible by coinciden

    • What has that to do with your iPad?

      Your eMail goes via an email server. If anything is wrong with it: it is there.

      Stupid idiots.

  • Because politicians are stupid and use private mail to conduct government businesses, so it's easier to put somebody at Google than an spy into any government.

  • Can anyone tell me when Google scans emails do they attach the results to the both the to and from email addresses? In other worfs if I email someone with a gmail address is Google assembling a profile on me also?
  • Google announces a lot of things...
  • Yeah, they use spam/scams etc. as an excuse. But as the article states, they have other uses as well.

    One reason why some people start their own email service is just to avoid this crap.

    Of course it means you get more spam.

  • Makes it easier for the state security apparatus to keep on eye on you.
  • Email is plain text. Even HTML-ized email is basically text, and it's trivial to decode.

    Meanwhile, email service is a best-effort forwarding scheme. It can pass through any number of nodes (servers, routers, caching devices, etc.) on its journey from sender to receiver, and there may be packet-capture software installed on any of those nodes. So, basically ANYBODY could be reading your email for ANY purpose, including spying on you, building an ad profile on you, or stalking you online (okay, okay, I admit

    • So, basically ANYBODY could be reading your email for ANY purpose,
      During transfer, eMail is encrypted. Since - decades - 2 decades or so?

      • About 3 decades. Encrypted transport appeared about the same time as the influx of the Great Unwashed.

        • by bobby ( 109046 )

          Yes, but has everyone enforced encrypted transfer? AFAIK, port 25 can be plain text, including passwords.

  • The obvious solution seems to be that the scanning should be moved from the server to the device. A newer iPhone or Samsung device should be quite capable of scanning your emails without breaking a sweat, and obviously without phoning home.
  • If you receive emails flagged as spam or see a warning that a message might be a phishing attempt, it's a sign that your email provider is scanning your emails.
    That is simply wrong.

    a) spam is detected most simply by rejecting the first attempt of the sender to sent it to your mail box. Giving him a hint how long he should delay the second attempt. 90% of the spam is either not sent again, or tries immediately again. Because: it comes from a mallwared PC.

    b) spam and fishing is usually recognized by ppl, putt

  • I do run my own infrastructure: two NSes, two MXes on four small VMs hosted by a reputable provider that never let me down for years, different data centres throughout the world. MXes queue incoming mail (encrypted queues), filter spam (spamd) and forward outgoing mail. The main server (MX, IMAP) is in my basement. Queueing on external MXes is extremely beneficial because electricity service in my area is very unstable (many tens of power events every year ranging from momentary glitches to hours of blac

"The Computer made me do it."

Working...