Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Monday September 02 2019, @09:45AM   Printer-friendly
from the needs-more-XML dept.

OpenBSD developer, Gilles Chehade, debunks multiple myths regarding deployment of e-mail services. While it is some work to deploy and operate a mail service, it is not as hard as the large corporations would like people to believe. Gilles derives his knowledge from having built and worked with both proprietary and free and open source mail systems. He covers why it is feasible to consider running one.

I work on an opensource SMTP server. I build both opensource and proprietary solutions related to mail. I will likely open a commercial mail service next year.

In this article, I will voluntarily use the term mail because it is vague enough to encompass protocols and software. This is not a very technical article and I don't want to dive into protocols, I want people who have never worked with mail to understand all of it.

I will also not explain how I achieve the tasks I describe as easy. I want this article to be about the "mail is hard" myth, disregarding what technical solution you use to implement it. I want people who read this to go read about Postfix, Notqmail, Exim and OpenSMTPD, and not go directly to OpenSMTPD because I provided examples.

I will write a follow-up article, this time focusing on how I do things with OpenSMTPD. If people write similar articles for other solutions, please forward them to me and I'll link some of them. it will be updated as time passes by to reflect changes in the ecosystem, come back and check again over time.

Finally, the name Big Mailer Corps represents the major e-mail providers. I'm not targeting a specific one, you can basically replace Big Mailer Corps anywhere in this text with the name of any provider that holds several hundred of millions of recipient addresses. Keep in mind that some Big Mailer Corps allow hosting under your own domain name, so when I mention the e-mail address space, if you own a domain but it is hosted by a Big Mailer Corp, your domain and all e-mail addresses below your domain are part of their address space.

Earlier on SN:
Protocols, Not Platforms: A Technological Approach to Free Speech (2019)
Re-decentralizing the World-Wide Web (2019)
Usenet, Authentication, and Engineering - We Can Learn from the Past (2018)
A Decentralized Web Would Give Power Back to the People Online (2016)
Decentralized Sharing (2014)


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by Arik on Monday September 02 2019, @09:51AM (9 children)

    by Arik (4543) on Monday September 02 2019, @09:51AM (#888772) Journal
    Having noticed how multiple large ISPs have relatively quickly become utterly incapable of offering basic internet services, I have a theory.

    Never officially confirmed. Feel free to chime in with confirmations and/or disproofs.

    I think they laid off everyone that understood how the internet worked about 10 years ago. As things have broken they have outsourced them.

    To people that don't understand how the internet worked. Or how to make anything other than their paycheck work.
    --
    If laughter is the best medicine, who are the best doctors?
    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Interesting=2, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 5, Interesting) by NateMich on Monday September 02 2019, @12:07PM (6 children)

    by NateMich (6662) on Monday September 02 2019, @12:07PM (#888792)

    Having noticed how multiple large ISPs have relatively quickly become utterly incapable of offering basic internet services, I have a theory.

    Never officially confirmed. Feel free to chime in with confirmations and/or disproofs.

    I think they laid off everyone that understood how the internet worked about 10 years ago. As things have broken they have outsourced them.

    To people that don't understand how the internet worked. Or how to make anything other than their paycheck work

    I'd like to disagree with you, since I work at a fairly large ISP.

    But now that I think about it, so many of our good people have left in the last few years and we have indeed been replacing them with outsourced support. Also we kind of suck now.

    Yeah, I think you might have a point.

    • (Score: 2) by RS3 on Monday September 02 2019, @04:10PM (4 children)

      by RS3 (6367) on Monday September 02 2019, @04:10PM (#888866)

      I've used Verizon personally as an ISP for 20 years, and professionally for 12.

      Looking back, I was so wrong when I thought they sucked 15 years ago. I had _no_ idea how much suckier they would aspire to. I've never hated AOL- it has served its market well, but not for me. When Verizon bought them and Yahoo!, then moved verizon.net email addresses to AOL, which are actually run on Yahoo! servers, things became annoying. Basically something they did disabled my pop3/smtp client, but they _refused_ to admit they did something to change things.

      Professionally, I was adminning some email servers. One I inherited was based in qmail, which needed to die anyway. It did also host Squirrel Mail (webmail) which I recall being pretty awesome (as much as webmail can be).

      I built ones using sendmail and postfix (don't read into that- different machines- some send only, and all are on postfix, but it's now a moot point...).

      Verizon "customer support" is horrific. What they first did is block all port 25 smtp traffic, instead opening port 587, which required authentication to then relay packets. No problem with sendmail / postfix, but qmail had port 25 hard-coded everywhere. I actually tried to find and replace every instance of port 25, but I could never get it to compile- not even from clean raw unchanged source. That was while I was under great pressure from customers who based their businesses on a now broken email. Within 1 day my boss moved everyone to a godaddy account. He's really smart that way; although I think godaddy is crap, at least he kept his customers.

      So then Verizon added some more layers of encryption and authentication, and sendmail / postfix handled it.

      Until, they now scan the "from" field in email headers, and flat-out refuse to relay any email packet that does not have a known valid verizon.net email address.

      Let's say you have a webserver hosting small local business's sites, and on those sites are some webforms which call up a script to send an email for, oh, maybe an order for a food catering business, or whatever. You want the email to look like it came from the prospective customer, so when the business owner / representative gets the inquiry email, they just hit "reply" and the "to" field is filled in correctly. Nope, Verizon won't allow that scenario. Comcast will, and maybe someday the boss will let me move to Comcast.

      Postfix is pretty cool.

      • (Score: 2) by hwertz on Monday September 02 2019, @05:53PM (3 children)

        by hwertz (8141) on Monday September 02 2019, @05:53PM (#888899)

        "You want the email to look like it came from the prospective customer, so when the business owner / representative gets the inquiry email, they just hit "reply" and the "to" field is filled in correctly. Nope, Verizon won't allow that scenario. Comcast will, and maybe someday the boss will let me move to Comcast."

        It's an oversite on Comcast's part to NOT block this. Think about it this way... "A greasy spammer wants the e-mail to appear to come from some random schlub, so when the spam receiver who doesn't look at e-mail headers complains they complain about the wrong address. Yep, shockingly Comcast allows this."

        The setup you had is convenient, but there's very good reasons for it to not be allowed, not just to inconvenience you.

        • (Score: 3, Interesting) by RS3 on Monday September 02 2019, @06:43PM (2 children)

          by RS3 (6367) on Monday September 02 2019, @06:43PM (#888915)

          Yup, I'm very smart, I know this. But how do you fix it? I tried using the "reply to" field but most email clients don't honor it. Everyone has to have a verizon.net account?

          Or we just break email and maybe the whole internet just because there are bad actors out there? Nevermind that the technology exists to trace their IP- they have to be connected through an ISP somewhere in the world. So punish everyone for the wrongdoings of a few? I call that laziness on the part of the "authorities" and advocate replacing them.

          In my case, the "greasy spammer" has to manually fill in the form, and there might have been re-captchas on them too, so there was very little spam.

          Oh, and Verizon have implemented very effective spam filtering long ago. It's computers (servers) running scripts and spam scanners. So I don't understand what all the whining is about.

          • (Score: 1, Informative) by Anonymous Coward on Tuesday September 03 2019, @02:32PM (1 child)

            by Anonymous Coward on Tuesday September 03 2019, @02:32PM (#889191)

            You need to use Mailgun or some other special service. You will also need to configure whatever authority dujour is popular and required in DNS to sanction it or all your mail will end up blackholed. I think DKIM or DMARC is the new hawtness for that.
            https://en.m.wikipedia.org/wiki/DomainKeys_Identified_Mail [wikipedia.org]
            The requirements seem to change every few months.

            • (Score: 2) by RS3 on Wednesday September 04 2019, @01:11AM

              by RS3 (6367) on Wednesday September 04 2019, @01:11AM (#889337)

              Yes, and thanks for the info. In fact I looked into many SMTP relay providers, including Mailgun, but the company owner would not pay for them. It's a low-budget tight business, and probably his smallest / least significant. Years ago he hosted some very very major websites, but businesses change like the wind, he lost the accounts, and moved his time and attention to other things (that are very successful). Of course I'd love to grow the hosting business, but I'm not a marketing / sales-type. And it's impossible to compete with the godaddys of the world.

    • (Score: 3, Interesting) by PartTimeZombie on Monday September 02 2019, @10:07PM

      by PartTimeZombie (4827) on Monday September 02 2019, @10:07PM (#888995)

      The ISP I deal with for work has about 50% of the market in my country.

      They offered all their staff redundancy earlier this year. Guess who took them up on the offer?

      Yes, all the staff who knew anything. I dread having to get ask of their "support" people to do any troubleshooting.

  • (Score: 2, Touché) by Anonymous Coward on Monday September 02 2019, @02:59PM

    by Anonymous Coward on Monday September 02 2019, @02:59PM (#888841)

    It makes a degree of sense. When things are (relatively) new and untested you need a greater percentage of people who understand how everything works. Get to a level of developmental stability, and unless you are introducing something truly novel you no longer need the expense of the people who understand everything. I'm assuming that those who understand everything would be getting greater compensation for their greater degree of knowledge. Once the factory has been built you need people who understand which buttons to push, not necessarily how to make all the machines - you call in maintenance people when you need to because on-staff maintenance are not cost effective.

    It might be that they retained some people who understood everything but those people are now overloaded either supervising or otherwise filtering the work of those who have more incomplete knowledge.

    This can then devolve into people understanding less and less, and a race to the bottom of personnel cost and concurrent knowledge.

  • (Score: 2) by legont on Monday September 02 2019, @08:22PM

    by legont (4179) on Monday September 02 2019, @08:22PM (#888956)

    Can't say about ISP's, but in finance it is definitely true. The only objection of mine, while they did outsource, that part of humanity knows even less.

    There will be blood; on the street that is.

    --
    "Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.