#1 $$$ 100% Act now Action Additional income Affordable All natural/new Amazed Apply now Avoid Be amazed/your own boss Beneficiary Billing Billion Bonus Boss Buy Call!!!!!! free/now Cancel Cash Casino Certified Cheap Click here Clearance Collect Compare rates Congratulations Credit card/check/offers Cures Deal Dear friend/somebody Debt Discount!!!!!! Direct email Don't delete/hesitate Double your income/cash Earn Extra Expire Fantastic Free!!!!! access/money/gift Freedom Friend Get it now/started/paid Great Guarantee Hello Income Increase sales/traffic Instant Investment Junk Limited Lose Lowest price Luxury Make $/money???? Medicine Money Name!!!!!!! No credit check/experience Now Obligation Offer Only Open Order now Please Presently Problem Promise Purchase Quote Rates Refinance Refund Remove Request Risk-free Sales Satisfaction!!!!!! Save Score Serious Spam Success Supplies Take action Terms Traffic Trial Unlimited Urgent!!!!! Weight While supplies last Win Winner XJSC4JDBQADN1.NSBN32IDNENGTUBE-STANDARD-ANTI-UBE-TEST-EMAILC.34X
I know we're not supposed to comment on voting, but... this has got to be the spammiest-looking comment to ever gain this many legitimate upvotes without being removed.
I sent an email from ProtonMail to Gmail and it is right there at the top of my inbox. I even put spam in subject line. Maybe Gmail knows I emailed myself? That is a scary thought.
The only difference is there’s an ad for protonmail at the bottom
#1 $$$ 100% Act now Action Additional income Affordable All natural/new Amazed Apply now Avoid Be amazed/your own boss Beneficiary Billing Billion Bonus Boss Buy Call!!!!!! free/now Cancel Cash Casino Certified Cheap Click here Clearance Collect Compare rates Congratulations Credit card/check/offers Cures Deal Dear friend/somebody Debt Discount!!!!!! Direct email Don't delete/hesitate Double your income/cash Earn Extra Expire Fantastic Free!!!!! access/money/gift Freedom Friend Get it now/started/paid Great Guarantee Hello Income Increase sales/traffic Instant Investment Junk Limited Lose Lowest price Luxury Make $/money???? Medicine Money Name!!!!!!! No credit check/experience Now Obligation Offer Only Open Order now Please Presently Problem Promise Purchase Quote Rates Refinance Refund Remove Request Risk-free Sales Satisfaction!!!!!! Save Score Serious Spam Success Supplies Take action Terms Traffic Trial Unlimited Urgent!!!!! Weight While supplies last Win Winner XJSC4JDBQADN1.NSBN32IDNENGTUBE-STANDARD-ANTI-UBE-TEST-EMAILC.34X
As someone who has set up many SMTP servers even on very new domain names. Yhe only issue I've actually come across is outlook.com who happily will whitelist if you poke them via their support once you you have dkim and spf set up.
EDIT: if you are working from IPs that may not be clean (and in an IPv4 world thats prob true) many DNSBLs will work with you to remove your ip's from their lists if you are actually nice and polite with them. Just check your IP's before your set up your network so they have a heads up that someone will be on the other end of any complaints.
In my experience, ATT is the worst. They've been blocking me for well over a decade. They're the only provider who has ignored every contact attempt I've made.
I don't care, from my perspective they're irrelevant. The last person I communicated who used their MX died recently, and otherwise ATT can bite me. But in a fit of annoyance several years ago I did configure my servers to deliver a heartfelt custom 550 response to ATT MXes.
Yahoo made a deal with them to service the mail services SBC bought/built that were rolled up into att.net. That is one of several mail services associated with them, and not the one I'm talking about.
I'm talking about the ones managed by Synacor, formerly managed by an ATT spinoff with a bland name I can't remember. I still have my notebook logging my (lack of) progress, which happened over several years and involved a bunch of entities - partners and internal spinoffs.
I wasn't saying you didn't know any googlefu. just when you said ATT my head went to "oh you are dealing with their consumers... should thought I would C+P the link thats helped me in the past.
EDIT: As a follow up. I used to have contacts with BlueYonder, Sky and BT All ISP's that used to manager their own email systems but outsourced them to gmail and yahoo so my peronsal contacts within those companies for email have died off. It wasn't a slight on you. just one geek to another trying to help.
I think that came off as a lot snippier than intended, apologies.
All I meant is that I spent entirely too much time researching the web of entities supporting the Death Star's SMTP needs through the last decade, who on Linkedin listing those companies might be attached to the production technical team, etc. At some point I started joking that I knew knew more about their corporate structure than anyone not suing them or working in their legal department.
outlook.com is indeed the worst. Got a pointer how to make this whitelist happen @outlook? Got SPF and DKIM setup since I started my personal mailserver, but still piggybacking of my old University's open relay (on campus) to get my mail to land in outlook inboxes...
And if you get rejected with your first request, pester them with a follow up saying something like "Hey, I'm, a cloud customer. I don't control the whole IP range. I ask you to reconsider the initial rejection."
That's always worked for me with outlook. Takes a few days (which is why I say do it as soon as you know what your IP range is)
Be nice and polite (from what I understand real humans read that request) be honest with what you have done as of time of writing the requyest and what you are planning to do.
But be persistent with them and they will basically grant you a whitelist unless you start fucking up.
I ended up subscribing to an SMTP service that explicitly masked my home IP as Google's sending service included it and was causing my emails to my bank to automatically get flagged as spam.
What even is the best way (reliably and free) these days to set up a website that occasionally sends email? I have a hobby site on a linode for creative writers to follow up to each other's chapters, and it's very low volume, but I don't want to sent it all through my gmail account, either.
Looks like you're right, they abandoned the free plan altogether on March 1. The new deal is $0.80 per thousand messages with no minimum spend, which may be negligible for you, but there are likely free alternatives out there too.
Unpopular opinion, but... set up your own e-mail server. I've been running my own off my home connection for quite a while with basically no spam problems.
Mails sent from dialup IPs are almost guaranteed to be classified as spam (probably to prevent spam sent by malware). Many servers won't even accept such mail at all.
Wanted to comment the same. Initial setup is a bit bumpy - make sure reverse dns is ok, set up dkim, dmarc, spf - but once up, is should be fine, especially if it's only to send, and not receive.
Just an addition to that:
Don't use the cheapest possible provider available if you get a VPS to use as an email server; chances are the spammers are doing the same thing and that your emails will be sent straight to spam.
DigitalOcean, OVH and Hetzner are especially difficult. It is possible to run an email server there, but getting the IP reputation up will be a tedious process and some providers will simply reject sent emails simply for using one of those hosts.
Thank you for sharing your experience on digitalocean and OVH hosting providers. I want to understand the issue a bit more because we have a plan to host email service on both the platforms. Your inputs will help us to decide to go with them or to choose any other service provider. Can you please let me know when you sent those emails using both service providers is your emails authenticated with SPF and DKIM or you have used any free email service provider like gmail or yahoo as a from email address.
Thank you in advance.
I've had luck with digital ocean by sending friends emails (who have accounts at major providers) and having them mark it as not spam a few times over the course of a week or two. After that, it worked without issue.
It is definitely possible to get it up and running, but there's often problems due to entire ranges having bad reputation. There was a gigantic thread about it in the Mailop mailing list last year. If you have access to it's archives then it's definitely a worthwhile read (and entertaining too!).
It takes a lot of the legwork out. Obviously you're referring to the likelihood of a major email provider marking you as spam, which is pretty likely if you're sending much volume. But if you have all your ducks in a row, you just might be able to make it work with this.
This runs the risk of it just not being delivered at all, when what you want is for it to be deliverable enough to reach the spam folder but not deliverable enough for inboxing.
I run loads of small business email systems and have done for decades, in the UK.
That thing has GTUBE at the end of it, which doesn't look quite as dodgy as EICAR to humans.
lol.
Without the GTUBE string, rspamd scores 10.50, which is flagable by default. With it, rspamd scores 15.0 (ie whatever REJECT is set to) and ignores the rest of the message.
My selfhosted mailcow (https://mailcow.email) instance blocked me from sending it (the SMTP server actually rejected it), and then blocked the one I sent from Gmail to it with 554 5.7.1 Gtube pattern. Didn't even show up in Spam.
Gmail keeps basic CSS, I once received the famous "I recorded your webcam watching naughty stuff!" spam, and the particular attacker "hid" the compromised password (long since changed) in white text between each paragraph, making it essentially invisible.
I suspect to key the email to a particular user and prevent scambaiting? And possibly gather the tiniest bit more information in case someone replies from another email address. (Now they know that the sent email is read and the received is actively used)
You can always claim your machine had malware that includes this to all emails. Would be nice if the order of the filler words was random so you couldn’t search for all of it and end up on this page.
I suspect this would actually get through a lot of advanced spam filters. It would be easier to just send an email “from” you through a relay that has no dkim or spf configured, that will always land in spam.
Now, can somebody make a version that takes my normal email message, change a few characters, and turn it into spam in the eyes of the neural nets, similar to the one pixel attack?
Spam folder is one of things that annoys me in email. It really doesn't make sense: if message is spam, then why store it at all? But legitimate messages silently going to spam folder is critical, unacceptable failure. You could regularly browse spam folder, but then.. what's the point? You would be skimming through all the junk anyway, that's defeating whole purpose of filtering.
Personally I don't have spam folder: either message is rejected immediately at SMTP time, or it goes straight to my inbox. (another thing that annoys me is greylisting, it just breaks instant messaging for no good reason)
Storing spam messages does make sense. If you asked me the number of times when we've sent something to someone, they told us "We haven't received anything", and we answer "Check your spam", and there it is...
Checking the spam folder is useful when you know something should be there. It's not made to skim through the junk in the hopes of finding a mislabeled email. And storage is so cheap nowadays that it doesn't make sense to not store everything to shave a few megabytes of space.
Most spam filters do silently delete messages that they are particularly confident about.
But spam detection is not black and white. The existence of "maybe" spams means that you need to let some through.
Having a separate folder is still useful because you can check it less often, and have no notifications for it. I check mine every couple of days or so. No email is so urgent that I need to see it in 24 hours.
You seem to be very convinced that there is an efficient way to filter 100% of spam without false positives. Which seems optimistic if you have ever dealt with email, text analysis or any aspect of spam detection.
Google is incredibly good at this. I see maybe 20 false negatives a year (they usually get corrected if I don't check my mail for a few hours) and 1-2 false positives. This out of thousands of good emails and 100,000+ spam mails.
That said, I think it's good to keep the "spam" folder. I normally only check it if I learn through another channel that I should have got a mail, I don't "browse it every few days" as some others suggest.
Interesting. My experience has been exactly the opposite. For me, using Gmail is like using Microsoft word in 2007. Slow interface, 34 different navigation menus, emails from friends appear in either promotions or updates at random, spam filter has a false positive once per week.
The only thing missing is the little animated paperclip guy.
Can't say I've ever had personal email end up in Promotions, but would have thought it would learn after you move a message that had landed there into your inbox...
The problem is that then it would turn into an arms race - the spammers would use that information to perform reconnaissance and learn what gets through and what doesn't.
OP is saying that any failure should propagate back as an SMTP error code, rather than lying to the sender with success while silently hiding the message. OP is not wrong - it's just not how most MTAs are currently set up.
An imperfect classification is still useful. I can focus on messages that are more likely to be important most days, and only check the spam folder once a week or so. Checking the spam folder generally requires little attention and can be scheduled for when I'm tired/distracted/whatever.
Searching the spam folder is a source of entertainment to me. Every so often I'll get an especially elaborate one, they're pretty funny to read sometimes.
...Well done.
https://en.wikipedia.org/wiki/GTUBE
The only difference is there’s an ad for protonmail at the bottom
#1 $$$ 100% Act now Action Additional income Affordable All natural/new Amazed Apply now Avoid Be amazed/your own boss Beneficiary Billing Billion Bonus Boss Buy Call!!!!!! free/now Cancel Cash Casino Certified Cheap Click here Clearance Collect Compare rates Congratulations Credit card/check/offers Cures Deal Dear friend/somebody Debt Discount!!!!!! Direct email Don't delete/hesitate Double your income/cash Earn Extra Expire Fantastic Free!!!!! access/money/gift Freedom Friend Get it now/started/paid Great Guarantee Hello Income Increase sales/traffic Instant Investment Junk Limited Lose Lowest price Luxury Make $/money???? Medicine Money Name!!!!!!! No credit check/experience Now Obligation Offer Only Open Order now Please Presently Problem Promise Purchase Quote Rates Refinance Refund Remove Request Risk-free Sales Satisfaction!!!!!! Save Score Serious Spam Success Supplies Take action Terms Traffic Trial Unlimited Urgent!!!!! Weight While supplies last Win Winner XJSC4JDBQADN1.NSBN32IDNENGTUBE-STANDARD-ANTI-UBE-TEST-EMAILC.34X
When you send an email, said address is often automatically added to your contact list.
So if you ever a test message the other way around, it will be white listed.
EDIT: if you are working from IPs that may not be clean (and in an IPv4 world thats prob true) many DNSBLs will work with you to remove your ip's from their lists if you are actually nice and polite with them. Just check your IP's before your set up your network so they have a heads up that someone will be on the other end of any complaints.
That has always works for me.
I don't care, from my perspective they're irrelevant. The last person I communicated who used their MX died recently, and otherwise ATT can bite me. But in a fit of annoyance several years ago I did configure my servers to deliver a heartfelt custom 550 response to ATT MXes.
EDIT: https://www.att.com/esupport/postmaster/digital-signature/ checked the AT&T support about delievery. Seems like they do use Yahoo these days.
I'm talking about the ones managed by Synacor, formerly managed by an ATT spinoff with a bland name I can't remember. I still have my notebook logging my (lack of) progress, which happened over several years and involved a bunch of entities - partners and internal spinoffs.
Trust me, I know how to google "att email".
EDIT: As a follow up. I used to have contacts with BlueYonder, Sky and BT All ISP's that used to manager their own email systems but outsourced them to gmail and yahoo so my peronsal contacts within those companies for email have died off. It wasn't a slight on you. just one geek to another trying to help.
All I meant is that I spent entirely too much time researching the web of entities supporting the Death Star's SMTP needs through the last decade, who on Linkedin listing those companies might be attached to the production technical team, etc. At some point I started joking that I knew knew more about their corporate structure than anyone not suing them or working in their legal department.
And if you get rejected with your first request, pester them with a follow up saying something like "Hey, I'm, a cloud customer. I don't control the whole IP range. I ask you to reconsider the initial rejection."
That's always worked for me with outlook. Takes a few days (which is why I say do it as soon as you know what your IP range is)
Be nice and polite (from what I understand real humans read that request) be honest with what you have done as of time of writing the requyest and what you are planning to do.
But be persistent with them and they will basically grant you a whitelist unless you start fucking up.
I ended up subscribing to an SMTP service that explicitly masked my home IP as Google's sending service included it and was causing my emails to my bank to automatically get flagged as spam.
HN discussion from when they downgraded the free tier, includes some discussion of alternatives: https://news.ycombinator.com/item?id=22192543
Link from the email they sent: https://help.mailgun.com/hc/en-us/articles/360048661093-How-...
DigitalOcean, OVH and Hetzner are especially difficult. It is possible to run an email server there, but getting the IP reputation up will be a tedious process and some providers will simply reject sent emails simply for using one of those hosts.
It takes a lot of the legwork out. Obviously you're referring to the likelihood of a major email provider marking you as spam, which is pretty likely if you're sending much volume. But if you have all your ducks in a row, you just might be able to make it work with this.
FAQ: https://github.com/foxcpp/maddy/blob/dev/docs/faq.md
Been running my own mail server with mailinabox for 2 years and never had issues with spam.
https://www.youtube.com/watch?v=B2oLFKYNInQ
https://www.imdb.com/title/tt3844780/
That thing has GTUBE at the end of it, which doesn't look quite as dodgy as EICAR to humans.
lol.
Without the GTUBE string, rspamd scores 10.50, which is flagable by default. With it, rspamd scores 15.0 (ie whatever REJECT is set to) and ignores the rest of the message.
rofl.
the email landed in my inbox.
Note also: dunno about webmail, but e.g. Thunderbird ignores most formatting when displaying a message marked as spam.
Personally I don't have spam folder: either message is rejected immediately at SMTP time, or it goes straight to my inbox. (another thing that annoys me is greylisting, it just breaks instant messaging for no good reason)
Checking the spam folder is useful when you know something should be there. It's not made to skim through the junk in the hopes of finding a mislabeled email. And storage is so cheap nowadays that it doesn't make sense to not store everything to shave a few megabytes of space.
But spam detection is not black and white. The existence of "maybe" spams means that you need to let some through.
Having a separate folder is still useful because you can check it less often, and have no notifications for it. I check mine every couple of days or so. No email is so urgent that I need to see it in 24 hours.
That said, I think it's good to keep the "spam" folder. I normally only check it if I learn through another channel that I should have got a mail, I don't "browse it every few days" as some others suggest.
Interesting. My experience has been exactly the opposite. For me, using Gmail is like using Microsoft word in 2007. Slow interface, 34 different navigation menus, emails from friends appear in either promotions or updates at random, spam filter has a false positive once per week.
The only thing missing is the little animated paperclip guy.
If there is a subset of messages for which we can be 100% then these messages don't need to be stored.