I do not know about tutanota and if they are a bad actor in the email space. But I remember them having done funny things like banning the complete German Hetzner IP range because Hetzner didn't want to give them customers information without an curt order (which I guess Hetzner isn't allowed to do either iff the customer(s) in question is a private customer...).
Like consider Google banning all Azure hosted mail providers independent of their reputation and DMARK,DKIM,SPF etc. because MS keeps with the law and doesn't give Google private customer information, it's that ridiculous.
Whatever the cause, I’d be surprised if bad mail is sent in enough volumes to be noticeable to MS
last year i helped someone install miab and somehow neither gmail nor outlook nor any "major" provider logged them as spam from the get go. i was truly impressed and surprised.
i have heard war stories about people self hosting email and having problems. sure 3-5-10 years ago that might have been the case but not now for the most part.
please give your self hosted email a try again. it will take you less time to set everything up than cooking dinner. try using miab or similar email software.
go cheap, like racknerd or something and save money from vultr/DO.
I strongly want what you say to be true, and would also encourage people to self-host email, but I want to make sure people are aware of the pits so they can avoid them or at least not have to learn the hard way.
All companies cover by GDPR (or similar privacy laws) would have this requirement. Can't be handling out information on customers to random companies willynilly.
We then got the recommendation of a company (cannot remember their name) that could analyse our IPs and give recommendations. Naturally, the recommendations were the ones that you could find everywhere so they were not useful, but the company did have access to MSFT's score of our IPs, so we could know when we were close to being blacklisted and could take action/ramp down/etc. How did they have access to those internal IP scores? I don't know, but it seems totally fishy :).
For sure we spent 5k+ USD yearly in this service (which is a huge amount of money in a 3rd. world country), and "somehow" after paying our deliverability did improve, despite doing the same things as before, as the recommendations were not ingenious.
So yeah, e-mail deliverability is a mafia, for sure.
How did they have access to those internal IP scores?
That's not necessarily unreasonable, depending on which provider that is.
Sites like Wikipedia also block entire ranges to prevent spam. Unfortunately sometimes people do get caught up in that (as I did last year).
Those links are often spammer controlled and just confirm your email address as valid.
But if the mail is unsolicited or the unsubscribe link doesn't work then absolutely yes, mash that spam button.
Which is not ideal, and might explain why Gmail routinely puts perfectly legit correspondence in my spam folder - again and again.
I realize this might well be a problem stemming from email clients having but one option to flag emails: spam. Ideally one should have more options - as it is scamming, spoofing and innocuous unsolicited marketing (and slow loading messages it seems) are all put in the same basket.
Those are all spam. Especially unsolicited marketing. Fuck everyone who sends that, and I hope they get banned from whatever provider they use and it kills their company. I always report all of those even with an unsubscribe link, as it’s not as if I can trust them not to use "unsubscribe" as a "send more spam" signal, they’ve already proven themselves untrustworthy by not using double-opt-in.
Though with some providers even "mark as spam" seems to be able to leak your email as they send reports which contain the message-id. Good in our case as we don’t want to spam anyone and can then blacklist the address, but bad in case you report evil spammers.
it is all spam; none of us want to see any of it, why do we need more fine grained control?
Many providers seems to do this, respond everything ok and then drop the message silently..
It's better for governments to have just a few big email providers, so authorities have easier life if they need to snoop on someone.
You can’t control who sends email that looks like it’s from you. If your email were bounced because of a spf or dkim failure, you could get an unlimited number of emails.
Second: corporate & institutional users have no choice
Even a spotlessly configured MTA will not guarantee you anything.
That’s one of the reasons I stopped working on hosted mail. It has not turned to anything better with big companies putting their hands over it. It’s more controlled now but the same crap as before, just as dangerous and a bit more expensive.
Currently working on a system with as much control as possible but piggybacking existing providers' transports.
Nice to see you like(d) it.
Yes, sadly it gets worse, perhaps not even in bad faith but by trying to fix it.
Everything went fine until the last gas stop before arriving to our destination... only to find our cards frozen anyhow.
It took about 25 mins to get cleared up, but these big corps are so heavily dependent on automation, they can't deviate because the system will take its own actions anyhow.
I, for one, am tired of living in a society that somehow isn't able to routinely think/behave proactively rather than reacting only once "the system will let you".
Of all the major mail providers, I found getting my mails to Outlook the hardest. Gmail played nice once I setup DKIM, DMARC, SPF, MTA-STS, rDNS and a couple more things that I forgot setup exactly the way they like it.
Outlook was harder though. I had to send a series of mails spread over multiple days to people who had Outlook accounts and get them to both mark it as not spam and reply to the mail until it eventually started working.
It's been a couple of months, not sure if it still works though. Hope it does.
I have a daily message sent out from my server to a test account at outlook.com for two reasons: to try to work around this behaviour and to know immediately when there is a delivery issue.
All providers should be doing that. Most will remove IPs/domains after 90-120 days.
That being said, email as a whole could do with being replaced with a more robust solution to make it more versatile and offer other spam prevention techniques.
Not really; they will just sign up. Probably using a stolen card (I assume? I have no way to check.)
Source: have worked for email provider. Have you seen one of those films where one guy fends off hordes of zombies or other "bad guys"? It's like that. Anything that can send email will attract hordes of twats trying to spam the shit out of it. The main difference is that the spammers are more despicable subhuman twats.
it's almost impossible to figure out where to report spam; most of their support articles are about how you report spam in Outlook instead. For reference, those reporting emails are:
phish@office365.microsoft.com
junk@office365.microsoft.com
but you get zero feedback, and I keep getting repeat phishing too
they care so little about cleaning up their own act, i'm considering just rejecting their stuff with a bounce message. i checked, and there's very little important traffic from prod.outlook.com arriving in my inbox.
What's worse - often times emails sent out from an old hotmail/outlook.com account always end up in recipient's junk/spam folder. They still haven't addressed [this](https://x.com/tvjames/status/1278813439222145024?s=20), it seems, even to this very day.
1. Emails from everyone (including you) go into the spam folder. 2. I identify senders I do actually want to receive messages from.
The industry isn't doing item 2 very well, but default-deny for new senders is exactly what I want from a mailbox service.
I hate everything about M$ so damn much.