--- title: "Stop Using Gmail" description: Email was meant to be decentralised. Thanks, Google, for fucking that up. date: 2020-02-20T01:09:10-05:00 draft: true cover: /assets/pngs/gmail.png toc: true categories: - Technology tags: - Email - Privacy - Decentralisation --- Much like XMPP[^1], email was designed to be fully decentralised. Individuals can run servers for themselves and maybe some friends and family. As long as they have a public address, they can be contacted. ## History ## The fundamental problem First and foremost, over all else, Google is an advertising company; their entire business model depends on harvesting user data to more accurately serve you personalised ads. Emails sent and received with Gmail are stored unencrypted on Google's servers[^2]. This allows them to scan the text for keywords and extract data that can be used to build a detailed profile on you. If you've ever gotten an email from someone mentioning something about a mechanical keyboard and, a day or two later, you start seeing ads[^3] about them, that's why. This is generally pretty well-known and doesn't bother those who aren't really concerned with privacy. However, these people don't think about how their decision affects people who *do*. In choosing to remain with Gmail, they give it more and more power over the world of this distributed-by-design technology. *It is in Google's interest* to make it difficult for others to interact with the platform. Consider this. An individual decides he wants to run his own mail server. He sets everything up properly, [SPF,](https://en.wikipedia.org/wiki/Sender_Policy_Framework) [DKIM,](https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail) [DMARC,](https://en.wikipedia.org/wiki/DMARC) [DANE,](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) etc., sets the website and webmail client up with [TLS,](https://en.wikipedia.org/wiki/Transport_Layer_Security) implements some form of [email antivirus](https://en.wikipedia.org/wiki/Clam_AntiVirus) and [spam filtration system,](https://www.rspamd.com/) basically uses all the standard components for a good email server. He tests it, it works, it's fast, and it's reliable. In his spam testing, his system gets a negative score[^4] and passes all the requirments with flying colours. He decides it's time to reconfigure his web applications to send mail using it rather than his domain registrar's servers. Everything works well for a bit, approximately two weeks. **Enter Google.** Sayonara sucker. The email giant decides that his services are sending spam and blocks the domain. [^1]: *XMPP* stands for the e*X*tensible *M*essaging & *P*resence *P*rotocol. You can be more information about it in [NixNet's documentation.](https://docs.nixnet.services/XMPP) [^2]: For more information on how insecure email is, [read this](https://nixnet.email/docs/privacy-and-opsec/) [^3]: I recommend [uBlockOrigin](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/) for blocking ads [^4]: A positive score means emails from there are likely to be marked as spam. A negative score is *good*.