[GTALUG] Aggressive and Underhanded?

D. Hugh Redelmeier hugh at mimosa.com
Tue Jun 12 10:41:16 EDT 2018 

| From: ac via talk <talk at gtalug.org>

| I was wondering whether I am the only one noticing that Google and
| Microsoft has become increasingly aggressive and underhanded in their
| email operations?

No, I haven't.  But then there is no reason why I would.  I run my own 
mail server but only for my family.

Can you be more explicit about what I would notice and what they are doing 
that is wrong?  Note: I'm not challenging the correctness of what you are 
claiming, I'm just trying to understand it.  Remember I, and probably most 
other list, members don't have your level of knowledge about this.

I understand that Google and Microsoft are very very dominant in email.  
This is so very different from when I started -- every little group ran 
their own server.

I guess that the main driver is SPAM.  The above-board reason is that SPAM 
detection is a balance between hard and imperfect.  I'm willing to live 
with imperfect but many folks are not.

My amateur act spam handling: SPAM Assassin (uncustomized) + some
custom procmail rules + each user gets do delete what comes through.

I understand the G&M do much better SPAM detection.  To the extent that
they've forced all mailing lists (including this one) to change in an
unpleasant way.  Or maybe that was just Yahoo.

I think that you are saying that G&M are now pushing the burden onto other 
providers, but I don't understand how.

Is it a matter of forwarding or of originating?

I thought that very little forwarding (except internally) happens
these days.  I kind of think you only need to judge the last hop.

Your complaints about IPv6 aren't clear.  Is that about internal 
forwarding?  Is the problem that those internal nodes don't accrue 
"reputation"?  Why would IPv6 be worse than IPv4?  (I've had internal IPv4 
forwarding at times.  Those IP addresses happened to be routable 
addresses, with forward and reverse DNS entries, but that was kind of 
accidental.)

(Aside: although not currently the case, I used to and intend to use
forwarding to provide for secondary mail servers.  I.e. sometimes my
power goes down or my internet connectivity goes down and I want my
mail to go to a secondary server and then flow to my main one when it
comes back.  I haven't put the time in to figure out how I can handle
inbound DKIM correctly in that case.)

| I noticed the trend a few years ago already and have been watching for
| new patterns and collecting millions upon millions of spam emails
| 
| Microsoft and Google is dominating email relay and their market share
| in the geo areas where they dominate, has steadily increased each year.

So it seems to be relaying.

But I thought that relaying is broken by DKIM so it is no longer done.
In other words, DKIM is kind of end-to-end with no provision for
relaying.

There ought to be support for trusted relaying.  What I mean is: a last 
hop that you trust to not lie about what it is forwarding so you can look 
at the headers it passed to you with as much trust as normal last-hop 
headers.  Without this, your mail system can only really look at the last 
hop.  Is there any formal mechanism for trusted relaying?

| Both monopolies are now using more and more complex email headers.

I'm guessing that you are trusting the last hop, if it is Google or
Microsoft, and want to be able to look through their header
transformations to see what they actually got so you can filter on
that.  So your complaint is that they are making it more and more
difficult to look through those header transformations.  Am I correct?

I guess that there is another problem.  If each trusted forwarder 
has to be handled differently, there is a limit on how many can be 
trusted.  Then Google and Microsoft probably make the cut and our servers 
probably don't.

| The result of this new aggressive push is declining quality of email
| service for smaller providers - as ham is marked as spam more
| frequently.
| 
| They  (Microsoft and Google) are using their sheer size to bully out
| more market share and if the trend continues there will be no more
| 'independent' email providers in the near future as more and more
| providers are forced to run their email services through one of the two
| monopolies. 

So are you saying that they've "accidentally" made it harder for
providers to "look though" their forwarding when trying to filter?

| Anyone else noticed the more aggressive system designs, more aggressive
| non responsiveness to abuse complaints and other non ethical behaviors?
| And, is there anything that general society can even do?

"Aggressive" seems like a leap.  How about "designed to not
interoperate well"?

| If there are only two email providers in the future, how long will it
| take before there is just one?

An oligopoly is of the same nature as a monopoly. So what we have is
already a monopoly regime.  But reducing the number of players would
almost certainly make things worse.

[RANT]

I truly believe that monopolies are the scourge of our era.

Political "free marketeers" don't seem to understand that a free
market requires constraints on monopolies.  Look at the Republican
Party in the US.  It seems to be willful blindness because they
don't even get it when it is explained to them (eg. FCC and Network
Neutrality)

- there are only a few ways of dealing with natural monopolies (often
  caused by the network effect).  They should be used in combination.

  + public ownership (i.e. government ownership or co-ops).  Not
    intrinsically better than private monopolies, but with care can
    operate with a better mandate

  + regulation

  + forcing the monopoly to operate in the narrowest possible domain
    (i.e. without doing anything other than the function subject to
    the natural monopoly).  A good example would be separating
    electricity generation from transmission (a natural monopoly)

Monopolies generate a lot of "rent".  This rent is used to corrupt
governments in various ways (many tacit and unrecognized by the
participants).  This seems to be too hard for the electorate
to understand so nothing gets done.

It looks as if the next area of big change is going to be with
autonomous vehicles.  There seems to be no planning done with the
public interest in mind.  What happens is probably going to be
determined by corporate competition.  The outcomes are likely to be
determined by the wrong objective function.

[END RANT]

More information about the talk mailing list