secluded/content/posts/stop-using-gmail.md

2.9 KiB

title description date draft cover toc categories tags
Stop Using Gmail Email was meant to be decentralised. Thanks, Google, for fucking that up. 2020-02-20T01:09:10-05:00 true /assets/pngs/gmail.png true
Technology
Email
Privacy
Decentralisation

Much like XMPP1, email was designed to be fully decentralised. Individuals can run servers for themselves and maybe some friends and family. As long as they have a public address, they can be contacted.

History

The fundamental problem

First and foremost, over all else, Google is an advertising company; their entire business model depends on harvesting user data to more accurately serve you personalised ads. Emails sent and received with Gmail are stored unencrypted on Google's servers2. This allows them to scan the text for keywords and extract data that can be used to build a detailed profile on you. If you've ever gotten an email from someone mentioning something about a mechanical keyboard and, a day or two later, you start seeing ads3 about them, that's why.

This is generally pretty well-known and doesn't bother those who aren't really concerned with privacy. However, these people don't think about how their decision affects people who do. In choosing to remain with Gmail, they give it more and more power over the world of this distributed-by-design technology. It is in Google's interest to make it difficult for others to interact with the platform.

Consider this. An individual decides he wants to run his own mail server. He sets everything up properly, SPF, DKIM, DMARC, DANE, etc., sets the website and webmail client up with TLS, implements some form of email antivirus and spam filtration system, basically uses all the standard components for a good email server. He tests it, it works, it's fast, and it's reliable. In his spam testing, his system gets a negative score4 and passes all the requirments with flying colours. He decides it's time to reconfigure his web applications to send mail using it rather than his domain registrar's servers. Everything works well for a bit, approximately two weeks.

Enter Google.

Sayonara sucker. The email giant decides that his services are sending spam and blocks the domain.


  1. The eXtensible Messaging & Presence Protocol ↩︎

  2. For more information on how insecure email is, read this ↩︎

  3. I recommend uBlockOrigin for blocking ads ↩︎

  4. A positive score means emails from there are likely to be marked as spam. A negative score is good. ↩︎