11 comments

[ 2.9 ms ] story [ 36.3 ms ] thread
(comment deleted)
I scrolled to the bottom to find his bottom line, which is that "you can't run an email server".

Which is interesting, since I do exactly that. I've been running from a low-cost VPS for 10-15 years, and have zero problems delivering emails.

But I'm also not trying to do any UCE, which may be the use model the author is speaking about.

Michael Lucas' "Run Your Own Mail Server" should be published soon; I'll be interested to read his experiences. And Steve Gibson runs his own email server from GRC.com (colo'd server), without any issues. And that's definitely a commercial use, since it supports his software products.

UCE: Unitarian Church of Edmonton?
Unsolicited commercial email
As an ex-Bitcoiner who also worked on a large email service, I'll have to disagree with Jameson here. His retelling of the history of SMTP is engaging and accurate, but there are two points near the end where this essay goes off track.

> In 1997 Adam Back realized that the root problem of spam was that it was cheap to send ... Why wasn’t hashcash widely adopted? One reason was that there was a chicken-and-egg problem

The root problem of spam is not that email is cheap to send. This is an incredibly common mistake that I've written about before. Bill Gates made the same error. Hashcash was ignored because it's a bad idea built on faulty analysis, not due to chicken-and-egg problems (DKIM etc faced the same challenge yet were deployed).

There are enormous numbers of bulk emailers that are useful to their subscribers. Mailing lists, newsletters, Substacks, purchase confirmation emails, notifications from social networks, company-wide announcements etc. Users don't report these as spam because they want them, even though the senders may rack up millions of emails per day.

The ability to message anyone on the internet, from universities to third world internet cafes, instantly and for free, is an astounding civilisational capability. Only rich western elites could look at email and conclude that the best improvement is to charge lots of money for it. This conclusion is especially ironic in the face of the next much bigger mistake in the article:

> If you think about it, much of Bitcoin’s scaling debate was a fight against an attempt by large companies that were trying to capture the network and improve the user experience "for our own good."

If I think about it I remember that much of Bitcoin's scaling debate was a fight by random unaffiliated individuals like Gavin Andresen and myself against extremely well funded companies like Blockstream, and, unfortunately, a number of fanatics who did things like rent botnets to attack any individual or company who wanted Bitcoin to scale up.

The scaling "debate" was never actually had. Or rather it was had and those who were against it lost. That's why they resorted to systematic censorship and criminal attacks on everyone else: their position simply couldn't survive actual debate.

Jameson is strongly implying here that email would somehow be better if it was frozen in time in 1991, with the same number of users - a platonic ideal of decentralisation in which the only participants are, uhm, the military, universities and corporations, who interconnect only with other similar institutions and only grant email accounts to employees. It's an elitist vision in which the only people who deserve email are nerds with PDP-11s, and everyone else gets to stick with paper letters.

Yeah, no. To paraphrase The Simpsons: Your ideas don't intrigue me and I wouldn't like to subscribe to your newsletter.

Email is an enormous success story because computer systems exist to be used. They aren't art. We as engineers may try to optimise various aspects within that constraint, like performance, usability and decentralisation (however it's defined), but those are means to the end: utility. Deciding that you have to sacrifice real world utility to preserve decentralisation is like classic joke about the man who manages to make a perfectly secure computer by never switching it on.

Email has evolved in the way it has because all industries do. Expectations rise, meeting the new bar requires specialisation. Bitcoin could have had a great future: most nodes would have been run by specialists and companies, just as Satoshi envisioned would happen, and a few nodes would have continued to be run by hobbyists and smaller operations, just like how people do in fact successfully run their own email servers today (Jameson asserts otherwise but he's wrong). It's investments by the big players that make that possible in fact.

> The root problem of spam is not that email is cheap to send.

I spent some time searching the web and even dug through your comment history but am failing to find where this might be; would you be willing to provide a link to help my deficient searching ability?

I will note that I did find you specifically claiming that spam is all about "speed/volume", and it seems like most of your discussion of what to do is to increase the cost of sending lots of email.

Honestly, you seem to be arguing a straw man here, which is really frustrating as, I get it: you are an expert in the field of spam... yet, your conclusion seems like it is still incorrectly analyzed :(.

> There are enormous numbers of bulk emailers that are useful to their subscribers. ... Only rich western elites could look at email and conclude that the best improvement is to charge lots of money for it.

No one credible is trying to do this: every complete and in-depth model for this that I have heard involves variable pricing, decided by the receiver per-sender, and entirely solves these use cases.

> Jameson is strongly implying here that email would somehow be better if it was frozen in time in 1991, with the same number of users - a platonic ideal of decentralisation in which the only participants are, uhm, the military, universities and corporations, who interconnect only with other similar institutions and only grant email accounts to employees.

I honestly just can't find evidence that this is the case: even the old hashcash project talks about these issues and posits solutions for them... maybe those solutions don't work, but you have to argue that.

Hi, I wrote about it before here:

https://moderncrypto.org/mail-archive/messaging/2014/000780....

> most of your discussion of what to do is to increase the cost of sending lots of email.

I don't think I've ever proposed increasing the cost of sending lots of mail? Or not that I recall! I've definitely discussed increasing the cost of sending lots of unwanted mail, but that's not the same thing.

> No one credible is trying to do this: every complete and in-depth model for this that I have heard involves variable pricing, decided by the receiver per-sender, and entirely solves these use cases.

Variable pricing doesn't solve the issue because a key part of email is the ability to receive emails from strangers who haven't contacted you before. This can also be the case for bulk mailers, e.g. if you write down your email address with pen and paper for your local school, who then emails every parent. How do you price that? And is this "price" measured in abstract units people have no intuition for, like CPU cycles, because it's surely not in dollars.

So I've never seen a workable proposal for introducing pricing or charging into email.

> maybe those solutions don't work, but you have to argue that.

Jameson only mentions hashcash in passing, he's mostly writing about how email was better when it was more decentralised, before the coming of big providers. Which is a bit odd to me because in the early days of the internet the only people with email accounts were those hosted by big providers. Maybe he doesn't view them as such because they weren't primarily in the email business.

I've argued why hashcash doesn't work above, and I don't know anyone in the email industry who has ever taken this idea seriously except Bill Gates, and that was decades ago. The email industry knows how to keep spam under control, and it's with decentralised systems like reputation.

Now Jameson doesn't consider reputation to be decentralised, but this is highly arguable. I view it as very decentralised. Every email server can compute reputations to whatever degree of detail they desire. Unlike pre-reputation filters there's no need to haggle with ornery blacklist owners or sendmail admins over what exactly the word "spam" means. Reputations are entirely under the control of both sender and receiver, with nobody in the middle, and so you can't get more decentralised than that.

I suspect what he objects to is that whilst the reputation system is more decentralised in the abstract, in practice there are so many potential email senders that a small site can't actually compute them. The problem here isn't machine resources by the way, those are cheap. It's that because receiving email from strangers is such a common and desired use case, most email comes from a sender your server never saw before, both good and bad. The old DNS BL system was more centralised but the BLs were openly available, so it may have felt decentralised just because you could run your own server and that's what tech people tend to think of when they hear the word. But that server wasn't really yours in the truest sense, because you'd allowed some random third party to decide what mail you could see (and incidentally exposed the domains that were emailing you to the BL operator, a big privacy leak).

Ultimately, the current email network works fine. Its problem is neither centralisation (there are lots of competing email providers) nor the way spam filtering works, which the big players have systematically improved for everyone. Its biggest problem is simply that as a highly decentralised system it's basically impossible to improve, and so gets regularly outcompeted by proprietary platforms. One day it'll ...

Even when you have whitelist approval for certain mailing lists a user subscribes to, you can still use hashcash for unsolicited email. I don't see how to put these aspects in conflict with each other.
I have been running own mail server for over 10 years already, if you follow the standards (proper SPF/DKIM/DMARC records) - it rarely becomes a problem, rarely corp domains hosted on gmail push emails to spam, but overall 99.9% of emails are delivered correctly.
I did a lot of spam-fighting in the early 2000s, which tapered off after 2012 and came largely to a stop by 2016. This was aided by a large number of domain names I had, which all had MX records pointing to my eMail server, which was configured with a catch-all account. This allowed absolutely enormous amounts of spam to be collected into that single catch-all account, as anything sent to any username under any domain I had ended up in that inbox.

I recall SpamCop calling me out on no less than six separate occasions as the primary reason why they lifted their daily reporting limits for any single account (in steps) from 100/day to 20,000/day over about 8 years. For at least one six month period I was the most frequent submitter of spam to their reporting service, and I was well within the top ten for quite a few years. Most of my submitting past a major 500/day benchmark (I was getting desperate for a way to automate things by then) was done via MailWasher’s ability to flag-and-autosubmit.

Fun times.

I still make use of an ancient pre-subscription version of Mailwasher that’s been kitbashed with a TLS 1.2 binary so it will still work (I should really update it with a v1.3 soon), but I no longer receive more than 50-100 pieces of spam per month into that catch-all anymore. Methinks they’ve cottoned on.