From "Marc" <m...@f1-outsourcing.eu>
You can add to this, that gmail actually is also losing email and annoying is
that you can't send zip files. I am constantly asking people to give me a
different email address.
Yup! And it's not too difficult to pull messages out of the Spam folder
and put them back into Inbox. That is, if the message makes it into the
Spam folder and isn't rejected.
I don't know if it still works but I have had people send me zip files
to my gmail acct by renaming them as like .tip or .zap or something.
Frankly it's better to share such potentially large files in a link like
from dropbox, onedrive, or any one of a number of similar things.
I don't like any daemon connecting to my mail storage. Can you imagine if your
solution gets hacked, how much data would be compromised? I prefer messages
being scanned/marked before stored. I wonder if this is even gdpr compliant,
because you can access private data constantly.
First, for people like yourself, you would want to run such a daemon
yourself on your own infrastructure, hence why I am thinking of this
could be useful to other people as open source.
Second, there are plenty of people who don't run their own email, as in,
gmail users, that entrust their email to google. Though GDPR probably
has something to say about such a service, I doubt it would be
impossible under GDPR, especially EU users using a suitable EU server
and whatever rules necessary were followed.
Why not just forward messages? Register a domain put some mx servers in front
of gmails mx. I recently was testing with such relay/forward, works perfectly,
I am only changing the envelope nothing else. DKIM, spf everyting perfectly
working.
I'd be interested to know if anyone runs spamassassin forwarding from
gmail back into gmail, how does this work? How to get it so mail isn't
in a loop? You can't do what I'm talking about just by forwarding.
More below on that.
So for the whole of Europe you need data processing agreement for accessing the
mail storage as a 3rd party.
Probably, yes. Is it any different with a mail server that uses a back
end scanner as a service? I know there are several such services for
corporate email that work with a google workspace account that allows
you to modify the mail routing which you can't do with a free gmail
account.
I think this design is just wrong from the start. I have sometimes that we see
that clients mailboxes are accessed from the digitalocean cloud because they
granted access via their phone. Especially IOS is really insecure/bad with such
privacy. It is just crazy giving access to your whole mailbox for maybe a 1
time action on a incoming email.
I wouldn't say the design is ideal but I haven't seen any better way. I
didn't find a way to do it by forwarding myself, maybe I missed
something obvious? There's no way in consumer gmail to tell gmail to
loop messages through some external service. I guess you could forward
all messages and then use POP to "import" them back in. You wouldn't be
able to manipulate folders like the Spam folder or set up spam-training
and ham-training messages. I remain unconvinced just forwarding is the
best way to do this.
You can argue that it's really crazy giving access to your whole mailbox
to your email provider too. I guess I don't see the difference here.
Your mail service provider could be broken into as well. Read about
Microsoft's recent break-in?
I'm just wondering if there's enough interest in this to do the work to
make it open source. If there were a lot of people mailing me saying
"Yes! I've been looking for something like this but I don't want to run
it myself!", then I'd consider making it into a service, as well as
probably open sourcing it. Thing is, such a service has to minimally
viable. So far, you're the only response I've seen to this and your
response appears to be overwhelmingly negative.
In my own testing of this, my gmail Spam folder varies between 1500 and
5000 messages at any given time. Sometimes there's a false positive
that no matter how many times I tell gmail it's not spam, mail from that
user ends up in Spam. I also find gmail is not perfect and it misses
1-2 spams roughly every day that end up in my inbox. I have already
pressed the spam button once this morning. I've spent quite a bit of
time pulling down individual false negative messages and running them
through spamassassin on my server and they almost always get scored
highly as spam. So I personally find such a plumbing to be useful.
What I have is a plumbing that does the message manipulation and a bunch
of other things which are not pertinent. Some of the hard work is done,
it would still need some work to release to the world. Pulling messages
out and putting them back in is not as easy as it sounds and I can
honestly say the devil is in the details, but the good news is that part
now works well. I am just trying to figure out what to do with it, if
it's useful beyond family and friends, or if there is a more general
interest in being able to use spamassassin on other providers such as
gmail or yahoo. If there's insufficient interest, that's fine, I'll
just use it myself.
Michael Grant
