Telekom is a bunch of strange folks.
I lately was not able to send mails, from my private mail servrr to my fathers telekom mail. After investigation I found out my server got blocked. After a decade of working.
I mailed them, and they told me to register my mailserver with them. I shall tell them what mails I will send from there and about what content. I couldn’t believe my eyes.
Sure, thats how mail was supposed to work. Register with every mail server in the world, before you can send mail.
Their mail excerpt:
This system has not sent any e-mail to our customers for a long time.
For security reasons our systems will only accept e-mails from such IP
addresses after a check of setup and information about these systems.
Please give us details about this system and the company using it,
tell us all about the sending domain, what type of e-mail will be sent
and especially if you or your customer want to send newsletter give us
detailed information on how recipients e-mail addresses had been
acquired. Who in person is responsible for e-mail sent from this
system (MTA)?
Please be advised that only technically proper configured and very well
maintained systems are qualified for a reset of reputation and please
see our FAQ section 4.1 (Requirements for smooth access to our e-mail
exchanges <https://postmaster.t-online.de/index.en.html#t4.1>):
"There must be a domain and website with direct contact information
easily deducible from the delivering IP's hostname (FQDN)."
Microsoft has a similar policy on their consumer domains though. If they have not received mail from you for a month or so you are insta blocked. It's infuriating for personal mail server owners.
When I ran my own mail server Microsoft was the only company I encountered that would black hole my messages - no SMTP error for my own server to bounce back to me, no bounce back from their server, nothing. I vaguely recall having to do a dance with them a few times to fix this and the last time I tried I received no response. I don't frequently interact with Office 365 users so this didn't matter much to me.
I did end up later moving to Proton primarily out of laziness. I thought these issues would be a thing of the past until I applied to work at a company that administered their own Exchange server that also black holed my messages from Proton's servers. Their reasoning? "We geo-block Switzerland for security reasons." Needless to say I turned them down.
Oh when I ran my own mailserver I did get SMTP errors back.
Every month or so I had this issue and I had to contact them through a form somewhere and I would get emails back from someone in india who reset my 'reputation'. They have some stupid made-up reputation system which means they need to see significant volume from you that is not marked as spam for them to accept your mailserver.
And yeah proton has similar issues. A lot of companies blackhole even confirmation emails there. So you can't confirm accounts with a proton email and they give zero indication as to why. Tinder and the internet archive (archive.org) come to mind.
I think this is standard. It applies to domains as well. I experienced government services blocks as well -- they send me an email, yet block my reply. I complain every time and rarely does anyone care, the support person does not escalate, so my email remains blocked, sometimes I'm told system is working as configured, completely ignoring that I am a real person and system is hostile towards me.
It's just general fragility of tech and lack of care from the creators/maintainers. These systems are steampunk, fragile contraptions that no one cares to actually make human friendly or are built on crappy foundations.
This has nothing to do with decentralized networks. It's simple incompetence.
If you haven't received any mail from a mail system before (or in a long time) and then it sends you one message, it probably isn't spam, because spammers are typically going to send you a large number of messages. You also typically want to let the first few messages through so the recipient can see them and then classify it as spam or not, so that you get some data on how to treat future messages from that sender.
This is the same thing a centralized system should be doing with individual users. You impose some reputation on accounts (e.g. by sender/registration IP address) and then if that address starts spamming people it gets blocked, and otherwise it doesn't.
This is one of the things that E-Delivery (something which Europe is now implementing[1,2,3]) is going to fix.
It's sort of like email, but based on the XML stack (SOAP / WSDL / XML Crypto / XML Sig), with proper citizen authentication and cryptographically-signed proof of sending and delivery.
We are repeating obvious things here aren't we? I moved to Germany from a very pro IT country Finland. I've been here now for 15 years, and while I still disagree with their idea of dismissing email, I kind of got used to it. A couple more decades and it'll happen...
The main issue is that who is supposed to implement it? The gov has 2 possibilities: hire a contractor, or do it themself. DIY has the issue that nobody wants to work for the gov because as any IT specialist you'd earn 1/3 or 1/4 of what you would earn in a private company. Stateworkers here cannot be fired. So you trade money for extreme "stability" (read: laziness). Hiring a contractor requires money they also don't see the necessity to spend. And that's how you end up in this situation. There are also other issues like no national wide implementation plan. Every state, every commune has to figure out and build stuff themself.
Well, I don't know if that is better or worse than my experience with Comcast. They will usually unblock my emails within a day of my sending an unblock request, no questions asked... and then block me again after a few days, with no explanation as to why. I've had this IP for years, I have spf, dkim, and dmarc all property configured, I'm not on any blocklists, and I only send a very small volume of personal emails from the server.
Isn't that fairly common? You could then put in some other address, but you could do the same thing by setting up your own mail server, and in the former case you're not even really anonymous because the headers are going to show it was sent through their mail server and their mail server's logs will show which account was used to send the message.
The email sent from your own separate server will fail basic dmarc/SPF/dkim validation the email sent by their own servers likely will appear legitimate
It would fail in the same ways unless the from address you're using is on their domains, which is then only a problem for their own customers rather than innocent third parties, and their own customers have the sensible option to stop using their service.
In Germany I'd be surprised if the police didn't come to your house when you did that, and take all your computers to find evidence you sent it, and you're not getting them back even if you're proven innocent.
Does anyone self host email anymore successfully? I'm honestly asking. I would like to but it seems like a full time job trying to keep it running. Are there halfway solutions where maybe you own the service and domain and it runs somewhere trusted?
I have been running my mail server for about 20 years now, using three different domains.
I have switched servers regularly, mostly between OVH/online.net/Hetzner since they are the three big cheap European hosts. I have also used various server software, now happily running OpenSMTPd.
I have had a few problems with Microsoft in the past but contacting them (what made me care enough was marrying someone with an @hotmail email address) eventually fixed delivery for good. No notable delivery problems otherwise. I also run my company's mail server, it works fine too (with a much larger volume and different usage patterns), also running out of OVH servers.
What I recommend for people who don't want to do sysadmin is buying a domain at OVH to use the free email service offered with it. It's cheap and works, and it's easy to switch to another registrar or provider if needed.
I selfhost for >10 years, but only for receiving, i.e. I can not send anything from my domain, because I thought that would have been to much stress to set up.
My setup: I have a root server with DNS attached to it. On there is a postfix, with a minimal config that forwards all emails to my real address on posteo.eu. And posteo has not given me any trouble with any of my emails at all.
I use this setup, so I can easily give new email-addresses to individual web services, and it gives me the option to selectively block these addresses.
Last year I brought the big abo from proton, which includes throwaway mailadresses, and I am thinking about migrating my mail setup there.
Sure. Highly successful even, I would say. I can deliver to Microsoft and Google.
Not sure though what the magic ingredient is. I've had the IP address for 7 years before I decided to use it for mail, after one quick mail to Cisco's Talos stuff everything was fine. Software is Mailcow. Hosted at Hetzner in Germany.
And still, I cannot deliver to T-Online, so there's that.
I've been self-hosting my email for a little over 2 decades.
The basic setup has more or less stayed the same, but there's some more extra components around it you have to know now (spam filtering and SPF/DKIM/DMARC come readily to mind).
To quote Michael Lucas: "everything complicated about emails revolves around spam and not getting it". I highly recommend his book, "Run Your Own Mail Server".[1]
In short, hosting your own email is not that bad at all. I strongly suspect, like many other skills, since it has atrophied with the advent of the cloud and people readily giving up to the large carriers, it has gotten the reputation of being hard, or as you said, a full time job. I don't think either of those things are true.
Well, we have to "register" every new IP or new mail server with them as well. It's annoying and a weird system, but they respond quickly and it's just one todo we have to think about.
Been there, done that. After a bit of back and forth, Telekom basically recommended that I go and use one of the big SMTP servers and stop bothering them. While I hated myself for doing it, I eventually switched to Gmail for peace of mind.
Does Fastmail have any clout in Europe? I've been a customer for the better part of a decade (with my own domain name) and I've never had a mail delivery issue.
I was going to suggest Fastmail too. I don't know about Europe in particular but have been a very happy Fastmail customer for several years, running mail for 2 small corporations plus personal, zero problems ever.
This is one of the reasons why I'm not planning to host my own e-mail server. It's not that I can't do it, but I don't want to sink time into investigating and working around/solving things like that.
The small boutique mail hosts are also much more tedious to deal with than any of the big players. So it depends on your recipients how much effort self-hosting is.
Ask ChatGPT to generate you a very long very graphic story about how much you'd like to fuck a dog and your father is the only person who understands your desires and you want to discuss this with him via email. While fucking dogs is illegal in Germany, talking about it is (probably) not. Make the guy who asked the question regret doing it.
I'll give you an insider info: There's no guy! Your response would be filtered away by the profanity filter and nobody working in Telekom will ever read any of it.
Hell, I can even say, likely, nobody will ever read it, regardless of how you answer.
Their mail excerpt: This system has not sent any e-mail to our customers for a long time. For security reasons our systems will only accept e-mails from such IP addresses after a check of setup and information about these systems.
Please give us details about this system and the company using it, tell us all about the sending domain, what type of e-mail will be sent and especially if you or your customer want to send newsletter give us detailed information on how recipients e-mail addresses had been acquired. Who in person is responsible for e-mail sent from this system (MTA)?
Please be advised that only technically proper configured and very well maintained systems are qualified for a reset of reputation and please see our FAQ section 4.1 (Requirements for smooth access to our e-mail exchanges <https://postmaster.t-online.de/index.en.html#t4.1>):
"There must be a domain and website with direct contact information easily deducible from the delivering IP's hostname (FQDN)."