[vbezhenar]

Inability to reliably send messages to gmail is huge. I'm using my own server, I own my domain for years, I asked a lot of people to remove "Spam" label from my messages, I did everything (reverse DNS, DKIM, SPF, checked that Gmail likes it all) I could, yet for new recipients gmail might mark my e-mail as spam. Gmail is worse e-mail provider, I liked it before, but I really don't like it, because it seems to punish people for decentralization. And I don't have this problem with other e-mail providers that I checked, they are happy to receive my e-mails.

[emilburzo]

Something is definitely missing in your setup, either entirely or just incorrectly setup.

I've been hosting my own email for about 3 years now, in an even worse-for-my-domain-reputation way: by using SRS.

Basically any email that arrives at my domain gets forwarded to my Gmail account.

And because I use SRS, it will re-write the envelope so it's something like hash-original_domain=user@mydomain.

Yet I've never had a problem with my emails getting marked as spam.

Actionable advice:

- setup DMARC and use something like dmarcian[1] so you have a pretty dashboard of your DMARC reports (otherwise you have to find some tool that will read the XML and aggregate the reports).

- use mxtoolbox to verify your IPs aren't blacklisted, you aren't an open relay, etc.

- if you have enough email traffic (not likely if you're using it for personal email only), signup for Google's Postmaster[3]

Ask if you need any help.

[1] https://dmarcian.com/

[2] http://mxtoolbox.com/

[3] https://postmaster.google.com

[pflanze]

I don't think vbezhenar necessarily does anything wrong. I've been (and still am?) running into the same issues with Gmail, as well as with Yahoo (but not any other providers). I'm owning domain and IPs for about a decade, using reverse DNS, DKIM, SPF, on no blacklists, also using SRS for forwarding, registered the domain with Google, not bouncing possible spam, older recipients who moved mail out of spam folder: no problem, new recipients: tagged as spam. I'm using my mail server for a few small-volume mailing lists now, with an added comment on the subscription instructions that subscribers should watch out for mails moved to the spam folder; that has been working well enough for over a year now, but I'm not sure whether that has helped alleviate the problem (I should do a test run again, but it's time consuming and worrisome to create new Gmail user accounts for testing as I fear Google linking those accounts to myself might actually contribute to the bad scoring).

I know someone who does his own mail and does less than me (e.g. no SRS), and yet he doesn't have problems and thinks I'm doing something wrong...

My best hypothesis is that Google doesn't like the network that my server is in (Hetzner, various neighbours in the network are listed on a couple blacklists). When I find the time I'll set up a server with a different provider and see if it improves things. Other hypotheses are the software used (buddy uses OpenBSD and its mail server instead of Linux and QPSMTPD/Qmail+patches, perhaps they care about software headers or are doing OS fingerprinting), the fact that I'm using a fallback server on another continent (US), network timings, and plain noise (perhaps they use some kinds of machine learning that have persistent low-level irregularities).

PS. yes I'm not doing DMARC yet, but neither does my buddy.

[Santosh83]

> it (GMail) seems to punish people for decentralization.

I wonder why.

[fauigerzigerk]

My guess is that the ratio of false positives is extremely small and hence this may be a very low hanging fruit when it comes to spam filtering.

Having an honest reason to belong to a minority that is on average very dishonest is one of the worst things that can happen to you.

This is a real dilemma, not just with spam filtering.

[loup-vaillant]

Shame on the big providers to force this dilemma on us.

I bet that's not the whole story. There was a reason they were lazy in the first place, but I bet there's another reason why they stay lazy. Punishing decentralization is a great way to get more users, after all: sent from gmail? works. Sent from little provider? Doesn't work.

The only way out of this I see right now is the generalization of the Freedom Box. Though even then, one would need to run protests to be able to send email from home. Between ISP wide firewalls, interdictions on home servers (by contract with some ISP), or the blacklisting of all residential IPs (Hotmail), it will take a lot of collective action before we can send mail from home again.

[fauigerzigerk]

>Punishing decentralization is a great way to get more users

I very much doubt that Google sees decentralization as a major threat to Gmail at this point.

[loup-vaillant]

It wouldn't take much for it to be. We basically need 3 things: a usable Freedom Box (some commercial implementation of this idea are starting to pop up), the authorization to send email, and then end of "little provider" blacklisting. The last one is basically under Google's and Microsoft's control. If they put an end to it, we now have only 2 hurdles to overcome, and both are already partly solved.

Since Snowden, people know they are being spied on. The only reason so many of them still use Gmail is because they don't know how not to. Give them a little box that's as usable as Gmail, and they will use it.

While I agree decentralization is hardly a threat to Gmail right now, it could be, and I don't see them taking any step to make it even more threatening.

[chrismartin]

The pattern -- and volume -- of messages that Gmail would receive from an independent server with legitimate users would look very different than someone running a similar server to send spam.

Perhaps a spammer with a new server could gain Gmail's trust by passing genuine-looking correspondence, but this would stop working as soon as they start to send bulk messages.

Seems to me that tuning Gmail's filters to recognize and trust small-volume email servers would not be difficult or time-consuming.

[fauigerzigerk]

That could well be. It's hard to know without access to the data, but they could probably do better if they tried.

However, I fear if Google were to try harder, spammers would also jump on that opportunity. It's easier to mimic the patterns of a small legit SMTP server than to pose as one of a few big well established email providers with known IP ranges. They could potentially use millions of compromised PCs, each sending spam in low volumes mixed with non-spam traffic.