Dessalines
admin
31Y

Whoa, lot of work put into this. Thanks.

@fruechtchen
creator
41Y

Yes. And i am busy at the moment messaging many of the listed services to update their security settings

@cipherpunk
mod
1
edit-2
1Y

That’s probably the most comprehensive ESP data I’ve seen. Here’s a few that are missing:

  • mail2tor (claims to have imap and smtp service but they’re broken… effectively it’s web-only, and i think clearnet inbound mail does not work)
  • onionmail.info (imap,pop3,onion host forces use of self-signed SSL cert which is kind of silly)
  • elude.in (used to have free pop3 or imap but jerked the rug out from free-riders w/out warning)
  • underwood (Tor only [both directions])
  • wiremail
  • torbox (Tor only [both directions])

I would like to see some columns to cover whether a service can send or receive to/from tor and clearnet networks. Some onion services can receive clearnet and some cannot (as they only give you a .onion email address). I don’t think I’ve found any clearnet email providers that can handle sending to .onion email addresses - which means a non-tor user cannot email someone with an .onion address.

This would be useful to keep track of.

Gmail is has “Softfail” for the SPF. I don’t think that’s accurate. I run my own mail server on a dynamic IP, and gmail usually instantly rejects my connection. I’d speculate this happens about 90% of the time. Perhaps the other 10% is a softfail (msg is accepted but then sent to recipient’s spam box).

It’s a shame that “reject” is coded green. It’s evil when SPF settings reject messages from dynamic IP addresses in an incompetent bid to block spam in a way the recklessly causes collateral damage to legit self-hosters. This ultimately forces senders to share their outbound email with yet another 3rd party, which is an attack on privacy. It also helps large corporations keep a stranglehold on the whole email industry.

I will not email outlook or gmail users. I tell them if they want email from me they have to switch to a service that works… that respects the RFC. It breaks email to reject RFC-compliant messages purely on the basis of IP reputation.

@fruechtchen
creator
21Y

I think rejecting spam is better compared to delivering it to the trash, because then the sender instantly receives feedback. There will not be ever the situation of missing out some important message which was delivered to Spam.

Spam should not be a folder to which one should pay attention to.

@cipherpunk
mod
11Y

I think rejecting spam is better compared

Hold on… we’re talking about ham here not spam. Should the large corporations be dictating terms, so small providers and self-sufficient people cannot self-serve and be in control of their own data?

When outlook.com refuses an email on the basis of IP reputation alone, corporate interests prevail and the little guy is forced to dance for them. I will not dance for them. And I will not share every outbound message with a corporate 3rd party. This is why I run my own mail server. EFF wrote a good article on collateral damage done by this brain-dead anti-spam practice.

The smart and RFC-compliant approach is to accept every RFC-compliant msg (interoperability is the purpose of RFCs and they’ve broken that). Smart recipients score the message and IP reputation is only 1 of many factors for assessing whether something is spam. When a service uses IP reputation alone, it’s crude and reckless because it blocks ham and other factors get ignored, resulting in a poor judgement.

@ajz
11Y

Gmail is has “Softfail” for the SPF. I don’t think that’s accurate. I run my own mail server on a dynamic IP, and gmail usually instantly rejects my connection. I’d speculate this happens about 90% of the time. Perhaps the other 10% is a softfail (msg is accepted but then sent to recipient’s spam box).

You are suggesting that there is a strict correlation between Gmail doing SPF checking and Gmail rejecting your connection. It sounds more likely that Gmail simply blocks certain ip addresses by default for other reasons than SPF. I am also a little bit curious how you configured SPF for your dynamic ip addresses. Are those all in the same ip range ?

Confidentiality Integrity Availability

  • 0 users online
  • 4 users / day
  • 10 users / week
  • 19 users / month
  • 97 users / 6 months
  • 1527 subscribers
  • 383 Posts
  • 279 Comments
  • Modlog