[imoverclocked]

Yeah, it's true that having all email in a few very large baskets is risky. However, running an email server is also not without risk and requires significant IT investment at any kind of reasonable scale. Keeping up with all of the auth mechanisms, spam, block lists, security vulnerabilities etc takes real focus. It's not something an IT shop with a just single guy should take up...

I think the real risk is relying on email at all anymore. The underlaying protocol dates back to the era of "let's see if we can get bits to move at all" which predates any kind of "how do we know what we are getting is authentic" style of design. There are plenty of other avenues for communication that don't succumb to the many inherent pitfalls of email.

[jjav]

> There are plenty of other avenues for communication that don't succumb to the many inherent pitfalls of email

The pitfall in this very article is the fact that communication was centralized on a giant near-monopoly which imposes it's arbitrary rules on users by filtering whatever they want.

So in that context, can you tell what these other avenues of communication are that don't suffer from this exact same problem? I'm guessing you're thinking of various 100% proprietary channels, all of which suffer from the problem of being centralized and users and content can get arbitrarily banned or blocked for no reason.

At least with email you can simply stop using microsoft-hosted email and move elsewhere and your problems go away while still remaining email accessible to everyone.

[imoverclocked]

> I'm guessing you're thinking of various 100% proprietary channels, all of which suffer from the problem of being centralized and users and content can get arbitrarily banned or blocked for no reason.

You are looking for an open+federated protocol. Those definitely exist.

For example, an older one that I'm well aware has probably long-ago-peaked is XMPP. One can host their own XMPP domain and talk to other XMPP domains just like email can. It also has the ability to send content, presence, pub-sub notifications, offline messages (much like an email message) ... you name it. Storing contact lists and associations combined with the fact that messages come from authenticated sources by default means that spam is a lot harder to accomplish (or at least a lot easier to squash). All of this and XMPP is a 25 year-old protocol; This protocol can legally drink in the US. Just imagine what else exists today! :)

However, the problem is not what technically exists. The problem is what is popular. Email is still extremely popular and ingrained in so many places. It's easy to extend and put up a quick webpage that submits an email from some user-input. It's easy to send notifications/advertisements to. Attachment protocols have largely been sussed out. It's even used quite commonly as a second form of authentication. You can expect most people to have an email address while a much smaller percentage of people expect to have any other single-form of electronic communication.

[jjav]

> You are looking for an open+federated protocol. Those definitely exist.

Yes I am. Like you know, email.

That's why email is so awesome. I can easily spell out my email address to anyone in the world and they can now send me a message. We don't have to share platforms or apps or OSs or providers or anything at all, other than access to a TCP/IP pipe. And I will then receive that message. No company can interfere with that.

[imoverclocked]

Yup, xmpp checks all of those boxes too. The addresses even look the same.

[jjav]

> Yup, xmpp checks all of those boxes too.

Well, except one.

Go find a random nontechnical person and tell them "send me an xmpp" and see if you ever get that message!

Email not only has all the technical advantages noted above, but also the advantage of universality. Just about everyone who has ever used the internet, no matter how nontechnical, will have sent emails so they'll know how to reach you.

[imoverclocked]

I covered that too. “The problem is what is popular.”

[johannes84]

I am honestly confused what big risks you believe to be connected to running your own email server, and what you think would be a significant IT investment?

For context, I have been running a Debian mailserver (postfix + spamassassin + dovecot) with autoupdates - and occasional major version updates - for family and friends since 2007. Barring the occasional period of being preferentially delivered to the spam folder, I have not experienced any problems. My major benefit: I am sure that if a mail is sent to me, I will receive it.

The system is running on one of the cheapest root servers from Hetzners used server market, and it also runs an odd set of other websites and VMs, so the IT investment is limited. I also consider the administration and update tasks as a form of continuing education in my profession.

[BrandoElFollito]

For family and friends fine.

When you have 30,000 users worldwide is it daunting.

[johannes84]

I agree! Therefore I’d suggest more people should host for family and friends :-)

[imoverclocked]

Except, family and friends isn't the target here. It's large-ish, professional organizations with a lot more surface area and visibility than your family email server. I've run this kind of friends/family setup, but I've also run a small org setup with a lot more visibility. It's definitely two different beasts... and that was a decade ago.

[BrandoElFollito]

It depends what. I self host a lot of services for family and friends - but ony the ones I have complete control over.

If there is a problem with something, I want to have a hope of fixing it (either someone already had the issue, or I can open an issue, or I can try try to fix the code/configuration myself). These are great.

Mail not so much. This can become a continuous struggle to get off blacklists, manage spam, troubleshoot deliveries, ... All these are not dependent on me and if I get into a blacklist or if Google stops to accept my mail I am cooked. This is the reason that after self-hosting email for a few years I got back to having it done by people whose job it is .

[Terretta]

Do you distill your own alcohol as well?

I wonder if those who say they're "honestly confused" why someone would let someone else do undifferentiated heavy lifting for them are not really confused.

[johannes84]

Well, the parent comment was not saying „it’s too much work“, but „it’s risky“!

I can totally understand why someone would not do it because it’s too much work.

[JohnFen]

> There are plenty of other avenues for communication that don't succumb to the many inherent pitfalls of email.

But few, if any, that have the many advantages of email. Different tools for different needs and all that.