E-mail

De Mi caja de notas

L'e-mail moderne est un patchwork de protocoles et d'extensions. Voici un article pour les comprendre tous.

2021-05-07 Kaspar Etter : e-mail explained from first principles


sur indieweb

Email is a decentralized, non-web messaging transport, with user interfaces that enable a wide range of message formats and styles, and commonly used for account recovery by web sites and applications.

Why

Email can be useful for:

  • Asynchronous posting to your website.
  • A POSSE destination to reach people who use email as a reader

Older reasons to use email:

  • One on one or one to many messaging among older internet users, some professions, and academia.
  • Messaging to a (often self-)selected group, i.e. email list

phd032515s.gif

How to

(stub)

How to POSSE

How to POSSE to email:

This section is a stub.

  • Several WordPress plugins (Jetpack, for instance, uses the WordPress.com infrastructure for syndication) enable visitors to subscribe to your posts by email and will send out a message when you publish a new post.

For now, see

IndieWeb Examples

IndieWeb community members currently posting to their sites via email, and/or POSSEing to email:

Nick Doty

Nick Doty occasionally publishes emails on bcc.npdoty.name that he also POSSEs to mailing lists since 2009-01-22, e.g.:

Barnaby Walters

Barnaby Walters has been posting to his site occasionally via email since 2013-05-22. Example:

Aaron Parecki

Aaron Parecki has occasionally syndicated posts (POSSE) from his site to email lists since 2014-11-18. Example(s):

It is currently a manual process of first making the post, then manually copying the text to reply to the email list.

gRegor Morrill

gRegor Morrill: syndicated at least one post from my site to email since 2023-06-20

Kelson Vibber

Kelson Vibber uses Jetpack to syndicate WordPress posts to email subscribers.

Add yourself!

Add yourself here… (see this for more details)

PESOS

It's also possible to PESOS your email that you send to people or email lists to your own site. Examples of IndieWeb creators that have PESOSed email to their site.

Tantek

Tantek Çelik has at least once PESOSed an email sent to co-workers, to his own site, with some bits redacted for public consumption, since 2004-06-29:

Support

Due to its popularity and ubiquity email is extremely widely supported.

Application integration

Of particular interest is the fact that many native applications (especially on iOS) include it in their share/export/action menus by default. This could be an excellent UI to piggyback on for quick and easy posting to our own sites.

Bridgy

Bridgy does not support email currently, however there is an issue filed to support POSSE to email lists in particular (and backfeed replies)

Webmention

questo.email was an indieweb/email bridge that aimed to be a hub for all kinds of interactions between indie sites and email addresses, including email-to-webmention and webmentions-to-email.

Clients

Thunderbird

Thunderbird is a cross-platform open source email client.

Enigmail

Enigmail is a plug-in for Thunderbird that supports sending OpenPGP signed or encrypted email. A guide on doing this is published by the Free Software Foundation.

Gmail

Google Gmail is a popular Web-based email client.

Apple Mail

Apple ships a mail client with most of its operating systems. It can handle both POP and IMAP email, as well as mail from Yahoo, Exchange and others.

Brainstorming

POSSE techniques

Some thoughts on techniques for POSSEing to email, based in IndieWeb Examples above.

  • publish an article
  • name of the article --> email Subject:
  • author: <-- intended email From: of yours
  • audience: <-- intended from email To & CC:
  • content: --> email body
  • hyperlink with class="u-syndication" <-- email list permalink

If you are POSSEing a reply to an email (e.g. on a mailing list)

  • publish a reply note (no need for an article, since the name/title isn't something you came up with, but rather "just" a "Re:" and the name/title of the original email you are replying to, which can go in the reply context
  • author: <-- intended email From: of yours
  • audience: <-- intended from email To & CC:
  • content: --> email body
  • use <blockquote> for portions of the original email that you’re quoting to respond to, or lines starting with > in a plain text note (which you can upgrade to <blockquote> when rendering on your site)
  • hyperlink with class="u-syndication" <-- email list permalink

Redirect to public issues

One possible approach is to redirect incoming email to public issues, hosted on your own site, or GitHub, per:

Criticism

Bad for more than two people

Whilst adequate for some one to one conversation it scales extremely badly to conversations with more than two people.

Bad for collaboration

It is also appallingly bad for collaboration (wikis or version control systems are much better for this[1]).

Not web

  • URLs == web [2]
  • email addresses != web. [3]

Not web identifiers

  • email addresses are internet identifiers, not web identifiers, by definition. [4]

Maintenance disinterest

  • "I would rather futz with a domain and shared hosting than my own SMTP server any day" [5]

Bad for identity

Encourages Constant Distraction

Unreliable Delivery

Email delivery, especially with your own domain, has shown to be anecdotally unreliable due to overzealous spam filters' false positives, e.g.: https://twitter.com/dangillmor/status/579770619367170049

Is there a way to find out if my email is ending up semi-routinely in spam filters? Several folks recently said they didn't get my messages

Ecosystem discriminates against indie servers

The email server ecosystem has evolved to a small handful of very large (100s of millions of accounts) services that peer with each other, and are actively hostile to indie servers sending their own mail with the excuse that those indie servers lack "reputation" (an ineffable an ill-defined requirement) for the larger servers to accept email from them.

For more details see:

Email deliverability services such as Mailgun can help with this. Setting up Postfix + Mailgun for multiple outgoing domains

More Problems

See and extract/cite from:

FAQ

Can I point my domain to my VPS(/web server) but still use hosted email services? I don’t want to run a mailserver

Yes, your domain name can resolve to the IP address of your web server for HTTP traffic, but direct mail agents to look elsewhere. See also DNS.

Email Services by Type

Here are various levels of email services available from different providers, roughly ordered from easiest/cheapest/friendliest to most powerful/technical.

Custom domain email providers

Main article: email-hosting
  • to-do: providers from this subsection need to be copied into email-hosting, and then leave a summary list here of only the top 3-5 providers being used by IndieWeb folks and recommended for new folks.

Custom domain email providers have the ability to set up an email account to send email as if it is from your own personal domain.

You have to separately configure your domain (perhaps at your DNS provider or web hosting provider) to forward domain sent to your domain (e.g. example@example.com) to whatever email provider you use.

Advantages:

  • ...

Disadvantages:

  • ...

Services roughly sorted by number of IndieWeb examples, and recommendations thereof:


FastMail

Main article: FastMail

FastMail is a paid email service that has a range of options from only giving you a @fastmail address to others that allow you to have your own personal domain. Other differentiators are with how much email you can store.

IndieWeb examples:

  • Jonny Barnes is using Fastmail's service for receiving/reading/sending jonnybarnes.net emails. Fastmail works by setting up a custom domain as an alias for your fastmail inbox.
  • Kyle Mahan is a Fastmail user too. They recommend letting fastmail be your actual nameserver, but I opted to continue using my registrar's nameserver and just copy/paste MX, DKIM, and SPF records from Fastmail.
  • Dr. Matt Lee is using Fastmail as part of his grand email strategy.
  • Add yourself here… (see this for more details)


mailbox.org

Main article: mailbox.org

mailbox.org is a paid email service starting at 1 Euro a month and based in Germany. There is a help page for "Using e-mail addresses of your domain," which includes instructions for adding SPF, DKIM, and DMARC records. mailbox.org also supports "catch-all" aliases. See also: https://en.wikipedia.org/wiki/Mailbox.org

IndieWeb examples:


Gmail

Main article: Gmail

Gmail (gmail.com run by Google) is a free email service that has the ability to set it up to send email as if it is from your own personal domain, optionally using the SMTP server from your domain host (web host).

IndieWeb examples:

  • Tantek Çelik is using Gmail for receiving/reading/sending tantek.com emails but does not recommend this to new folks.
  • Dr. Matt Lee is using whatever legacy gratis-GSuite is called now as part of his grand email strategy.
  • Add yourself here… (see this for more details)


Pobox

Pobox is a paid email service that has two types of accounts: mailstore and forwarding. All of their plans allow for personal domains. In late 2024 Pobox accounts were set to merge with Fastmail accounts.

IndieWeb examples:


Soverin

Main article: Soverin

Soverin is a paid one-plan only email service that provides a "private mailbox that’s truly yours". It's a European service, based in Amsterdam, that focuses on privacy and making it simple to get up and running with e-mail on a personal domain. Makes it easy to conf

IndieWeb examples:

  • Pelle Wessman is using Soverin for his newest set up domain and an old free G-Suite/Google Apps account for his other account (also using a calendar on the G-Suite account).
  • Add yourself here… (see this for more details)


HEY

hey.com is a paid email service and client from 37signals. You can use it with a personal domain name or get email service from 37signals. Unlike most traditional email services, hey.com does not support POP or IMAP access to the mailbox, but mbox format exports are available. Once a hey.com account is paid for once, 37signals will forward email to that account elsewhere gratis.

IndieWeb examples:


Pawnmail

Pawnmail is a service dedicated to provide "Email hosting for custom domains" that gives 2GB storage "free forever" to anyone. It provides a webmail client along with SMTP, IMAP and POP3 access.

IndieWeb examples:


Zoho Mail

Zoho Mail has a free account plan that allows you to receive mail in your own domain (1 per account, in the free plan).

IndieWeb examples:


Mail as a Service

Mandrill

Mandrill is a service for sending and receiving emails run by Mailchimp. It formerly had a generous free plan, but will require a paid MailChimp account beginning 2016-04-27 and paid e-mail volume, now starting at 30$ a month.

Greyed-out information below probably not correct any more -> if you still use Mandrill, please update it!

Note: Madrill does not charge for inbound email. See: https://twitter.com/sandeepshetty/status/463330411636994048

  1. Register at http://mandrillapp.com
  2. Create a new inbound domain and set up MX records for the domain you’ve chosen detailed here
  3. Set up your web server to accept POST requests to the URL you configured
    • Make sure you verify the origin of the request as detailed here. You can see the key for your webhook here
    • The format of the POST request is detailed here. Send some test emails to yourself and store the results to learn about the format

Beware: I have experienced some inconsistencies in the mandrill responses. Namely that sometimes attachments are in the msg.attachments key, but I have also seen them in msg.images. I am currently using attachments = msg.attachments || msg.images || [] to cater for both cases. --Waterpigs.co.uk 10:26, 24 May 2013 (PDT)

Other Inbound Email Providers

There are other email PaaS companies which offer similar inbound POST request hooks instead of using Mandrill. More details coming soon.

  • MailGun - [6]
  • PostMark - [7]
  • Comparison of several providers - [8]

Mail Forwarding Services

Advantages:

  • The service provider handles all of the issues that are involved with mail delivery such as spam filtering, DKIM and SPF support and will also cache your mail if your MTA goes offline
  • ...

Disadvantages:

  • You still need to setup a MTA to receive the email being forwarded by the vendor
  • ...

IndieWeb community members using this approach:

  • Bear is using MailRoute for receiving/sending bear.im emails.
  • ...

MailRoute

MailRoute allows you to specify its mail servers in your domain's MX records and then specify what server domain or IP Address to forward sanitized emails to. It offers spam filtering, greylisting and a number of other features. Once you have an account and have configured it for your domain you are then ready to setup your local MTA.

Handling it Yourself

Mail in a Box

Mail in a Box is a script that Josh Tauberer has put together to turn a VPS into a functioning mail server.

Running your own mail server

A MTA (Mail Transfer Agent) is a process that runs on your server and accepts incoming SMTP (port 25 generally) connections for mail delivery. Running your own MTA is fraught with trouble and can be so very time consuming that even people who run servers for a living generally use a forwarding service to handle all of the messy bits.

The example I give here will be to use Mailroute as the forwarding service and Postfix as the local MTA, but other combinations can be used.

  • Note* this is a draft work-in-progress - I'll be filling in more concrete examples and other suggestions as I get time.

I use Postfix primarily because it comes from all of the OS Distros with a very sane set of defaults that you enter during setup and it just works. The reason Postfix becomes a drop-in tool is because of the work that is being done by the Mail Forwarder you setup in the prior step.

The key bits to configure is to tell the installer that you are using Postfix as "Stand-alone Internet Host" and then make sure the main.cf entries for mydestination contains your domain and relayhost contains the domain name for your Mail Forwarder.

TODO:

  • tls and sasl configuration
  • show how to configure the host's MDA (Mail Delivery Agent) to deliver emails to a program instead of a user mailbox
  • show how to configure a mailbox to use store mail to be read by a cronjob or other agent

A guide to setting up a self-hosted email server

Indieweb examples

Peter Molnar had been running his own mail stack for 10+ years; the current setup is postfix ( with postscreen ) + dovecot + dspam + opendkim + opendmarc.

Security Issues

Anyone can send fake email from any email address. You need some way of determining that inbound email does indeed come from who it appears to. Possible solutions include:

  • Make sure you’re verifying the authenticity of the request sent to your webhook
  • Using “secret” email addresses by embedding the password in the address, e.g. myreallysecurepasswordorrandomkey@example.com — then store it in a private address book to save typing
    • Flickr does this - to let you upload photos by email - and the email address are pretty short too.
  • Use a mechanism such as SPF to determine the authenticity of an email

phishing

phishing is the act of sending an email (a phish) with both a forged from address and HTML contents that pretend to be from a popular service provider (often silo), and usually have some sort of fear-invoking subject like "Account Termination", or greed-invoking like "Transfer Notification" from a bank, with a link or button to "Log in", "Verify Account", "Initiate Transfer" which appears to go to the service provider but actually goes to an attacker's website that looks very similar (if not identical) to the service provider in order to trick you into entering your username and password, so the attacker can gain access to your service provider account.

The term "phish" comes from the attacker "fishing" for your username and password, which if you enter, then you've been "phished".

E.g. (documented examples of phishing emails)

spearphishing

spearphishing is the act of tailoring a "phish" specifically for a particular individual, sometimes seeming to come from a trusted contact, friend, co-worker.

As Commenting

In 2015, when shutting down their comment section, Motherboard recommended people to take discussions to email rather than getting them burried in public discourse:

Comment sections inspire quick, potent remarks, which too easily veer into being useless or worse. Sending an email knowing that a human will actually see it tends to foster thought, which is what we want.

As of 2020, several personal blogs started including links to solicitate replies via email to their feeds. Specifically to interact with people not visiting the blogs directly and using non-social readers.

Examples

The following are all announcement posts of personal blogs adding email links to their feeds:

A smaller number of personal blogs do the same right on their posts:

See Also