It depends on whom you send to. Like ironically I sent an abuse complaint to Verizon for a spammer and got rejected because they blocked all of Digital Ocean's IP space. Yahoo was particularly difficult too sending me a response saying they won't take my mail immediately on a single email to my brother. I had to go through a lot to get that fixed. Again this was due to being on cloud provider IP space.
GMail is more reasonable with perhaps being spam filtered but never blocked outright. I have also been blocked by government labs and academic institutions. I also have complied with RDNS, DKIM, SPF and got a top score on mx toolbox. Now that I have been up for a while I have had less issues besides with the ones that block cloud provider spaces.
haven't tried in a while. It can, they dont' follow all the rules and do a little more blocking in the interest of their users or based off a ML spam detection or something.
Some things that should be delivered are not. I'd have to dig back into this to see what the exact issue is.
I would like to see the option for backups to be held on you own own cloud account of choice. I am in Canada and I use a Canadian cloud company called sync.com for my secured data storage knowing it will not be stored in the US.
The price point is also a bit high for a Canadian Customer, so I like the idea but a bit too pricey for North of the boarder after currency exchange.
"The residential Shaw Services are designed for personal Internet use. You may not use the residential
Shaw Services for commercial purposes. You may not run a server in connection with the Shaw Services
nor may you provide network services to others via the Shaw Services. Examples of prohibited servers
and services include but are not limited to mail, http, ftp, irc, dhcp servers, and multi-user interactive forums.
Some business services may be
exempt from these limitations."
Because it bothers me when someone sells a "secure" product where the security measures are unrelated to the threat model. The Helm server is connected to the open Internet, which means that physical possession of the Helm server is not the only or even main thing necessary to secure it from compromise. Because of how it works, the server still has a dependency on cloud providers -- you need cloud backups and the public endpoint for the ssh tunnel to get around ISP packet sniffing. Since I still need to trust other people's servers for this to work, why the focus on owning your own server?
How would you realistically completely remove the need for the relay server while still allowing the customer to run the server on a typical home internet connection?
This could be especially valuable as a way to build email apps for enterprise. Especially if there were a good API that returned email data in JMAP format.
I know Nylas tries to do this, but their model doesn't really work for me.
JMAP returns data in JSON, but with a standardized schema. It's better than the current status quo, where each email provider returns API data in JSON but using their own schema, meaning you need to build different endpoints and methods to work with each email provider. The spec is about to be finalized, so there is no reason why email providers who haven't yet released an API shouldn't be using it.
So they use a registered ip proxy to your own email server. I've been doing that for a super long time, and it's a great solution, at least until about 5 years ago.
Most providers will blacklist anyone who isn't one of them. So I front my home email server with a big account to relay in and out of. It kinda sucks, but all my stuff just works.
So I can happily fire up my Macintosh II, load up Outlook 98 and read email.
I use Office 365 to front my domain, I think it's like $12 a month for the corporate version so I can have it front domain emails. And that means I get office for all my devices so I'm not the one having to deal with having old versions of stuff.
I think this is the biggest problem. If there are a lot of bad actors, you drag down the whole system, but if you try to prevent bad actors you run into a lot of issues.
A hard problem, and I don't envy anyone trying to solve it.
No offense, but given that you are making a product that has a much higher potential to enable bad actors than usual, isn't it kind of you/your company's job to try to solve it?
EDIT: Just realized I responded to the wrong person :(
I mean, my thought is that if a high volume of spam causes other email servers to block Helm, then it makes it unusable to the good actors in the system. I didn't see the CEO address this.
Yeah, that's how I understand the issue too. I don't think there's an easy way to do things, either you end up blocking some people with a legitimate use case or you end up becoming a spam farm.
Hi graybolt, I'm Dirk, co-founder and CTO at Helm. Each Helm Personal Server is assigned their own IP address. We make sure to only use IP addresses that haven't been put on blacklists. If people abuse the service by sending spam it will only affect the reputation of their assigned IP and won't cause harm to the reputation of other Helms.
Oh boy, I know people with a fiber drop, 25tb raids with baby server farms and single character password. I think you highly underestimate the lazyness and/or stupidity of people. That doesn't even cover fishing.
Secondly, I think you underestimate the time intensive work that goes into clearing up an IP. I've run mail servers with users in the thousands. It's basically a full time job to keep a single ip clean. And that's with a half or less percentage of clueless users. I'm unsure how this will scale to hundreds of IPs let alone the thousands(x100) that would probably be needed to make creating your own hardware profitable.
Third, you're going to need to reach incompetent customers to make this profitable.
Yeah that isn't sufficient. Most people are going to get their email rejected or spam filtered from many sources. Having an IP that is not blacklisted is not sufficient to have it have enough reputation to be accepted by large providers.
I think it's the former; you can't host any site that is supposed to be accessed by the general public, only something like a control panel for your NAS or security system or such.
This serves to protect them technically (residential systems are not designed to withstand a large number of inbound requests), legally (you can't sue them for failing to serve your site) and of course to promote their more expensive business lines.
To be fair - building a business like Helm while needing to deal with other people's hardware and their software updates which you wouldn't find out broke your product until your customers start screaming about their email not working - wouldn't be fun. I could easily see how someone could want to do that and seriously consider it, then discard it as an option (or at least as part of their MVP launch options).
So make a supported hardware list,docker container, etc. The hardware is interesting, but the types of people who would buy this either already have racks in their houses and just want someone else to manage their stuff, or want to manage their own hardware because they want to make sure they have their own hardware components locked down. It's a neat project to be sure, and it's not terribly expensive for the hardware, but the real money maker is the ongoing support and security for the service, which is functionally really similar to a cloud service without a lot of the benefits.
You can send email using EC2 instances, including mass commercial campaigns (aka "legal spam"...).
However, there are a few things to do, more specifically, you must contact AWS to get "clean" IP ranges (fresh IPs, never allocated to instances), sign some agreements and pay additional fees.
It's not exactly as simple as an API call to create an ec2 instance, but it's doable.
With random IPs, there is a good chance indeed that it is already burnt by a previous allocation.
That's weird, I honestly wouldn't have expected that. They gave me a little resistance with one terminating at a home but ultimately they did it. They probably start to weigh the pros/cons (ie the money) of business level service to large residential buildings and decide it isn't worth it. Maybe too many variables once the line enters the building?
> I funded this team because they're high integrity software engineers first, and we built this out of need
I looked for the founders bio, a company contact info. There is nothing on their site. All I saw was a letter in the "About" section by the founder.
You might have gotten to know these guys after various meetings and due diligence process. There is nothing on their website that sells me on trusting them or the company.
I had to go the "Careers" section to see the location of the company.
When you're in the business of selling trust, you really need to focus on selling trust first and not technology (maybe they're connected ultimately) but I just don't feel I can trust this company based on the materials provided on their website.
What other way is there? Have a button to “let the CEO call me and pinky promise me that the website info is truthful, complete and correct”? Would you believe it then?
That's obviously not what he's suggesting? He's just saying (and correct me if I'm wrong) that, for a company whose business is based in no small part on trust, it's a bit weird to not have any information about any of the people involved in the project.
If your were real men you'd give it away for free and find a way to monetize your audience through a a value proposition that exceeds what it seems you've done. Cute marketing site but that's kinda lame yo.
Mh, not much convinced. I'm a fan of the idea of personal home server and I have built myself one having find a ISP that offer static IPv4 and v6 addresses with a reasonable price; for end-users I also understand the opportunity and need of pre-built appliance since they may understand actual sorry state of tech evolution but may not have enough knowledge to act autonomously but... Well your appliance seems to be too ridden by "modern design" I personally call it catastrophic.
It almost looks like there's a port in the top that expansions attach to. However, in the specifications, there is no expansion port listed. This makes me think that stacking is simply stacking, then we use a usb cable to attach the pieces.
322 comments
[ 0.78 ms ] story [ 170 ms ] threadGMail is more reasonable with perhaps being spam filtered but never blocked outright. I have also been blocked by government labs and academic institutions. I also have complied with RDNS, DKIM, SPF and got a top score on mx toolbox. Now that I have been up for a while I have had less issues besides with the ones that block cloud provider spaces.
Some things that should be delivered are not. I'd have to dig back into this to see what the exact issue is.
The price point is also a bit high for a Canadian Customer, so I like the idea but a bit too pricey for North of the boarder after currency exchange.
https://www.shaw.ca/uploadedFiles/Terms_of_Use/Acceptable_Us...
I know Nylas tries to do this, but their model doesn't really work for me.
Most providers will blacklist anyone who isn't one of them. So I front my home email server with a big account to relay in and out of. It kinda sucks, but all my stuff just works.
So I can happily fire up my Macintosh II, load up Outlook 98 and read email.
I use Office 365 to front my domain, I think it's like $12 a month for the corporate version so I can have it front domain emails. And that means I get office for all my devices so I'm not the one having to deal with having old versions of stuff.
A hard problem, and I don't envy anyone trying to solve it.
EDIT: Just realized I responded to the wrong person :(
Or, maybe I just misunderstand smtp idk
Secondly, I think you underestimate the time intensive work that goes into clearing up an IP. I've run mail servers with users in the thousands. It's basically a full time job to keep a single ip clean. And that's with a half or less percentage of clueless users. I'm unsure how this will scale to hundreds of IPs let alone the thousands(x100) that would probably be needed to make creating your own hardware profitable.
Third, you're going to need to reach incompetent customers to make this profitable.
This serves to protect them technically (residential systems are not designed to withstand a large number of inbound requests), legally (you can't sue them for failing to serve your site) and of course to promote their more expensive business lines.
However, there are a few things to do, more specifically, you must contact AWS to get "clean" IP ranges (fresh IPs, never allocated to instances), sign some agreements and pay additional fees.
It's not exactly as simple as an API call to create an ec2 instance, but it's doable.
With random IPs, there is a good chance indeed that it is already burnt by a previous allocation.
I looked for the founders bio, a company contact info. There is nothing on their site. All I saw was a letter in the "About" section by the founder.
You might have gotten to know these guys after various meetings and due diligence process. There is nothing on their website that sells me on trusting them or the company.
I had to go the "Careers" section to see the location of the company.
When you're in the business of selling trust, you really need to focus on selling trust first and not technology (maybe they're connected ultimately) but I just don't feel I can trust this company based on the materials provided on their website.
Hope this feedback is meaningful.
https://news.ycombinator.com/newsguidelines.html