> "Trust"/"Spam score"

See jwz's struggles with hosting his own email. (Not linking to his blog here with HN as the referrer...)

With email, the 800 lb gorillas won, and in the end it didn't even solve the spam problem.

I use a small local provider (posteo) and have 0 problems with spam.

So a 20 pound monkey can also throw around some weight. To be fair I only use it for personal stuff its probably different if you need enterprise scale l.

> With email, the 800 lb gorillas won, and in the end it didn't even solve the spam problem.

I have a 15+ year old Gmail account that I've used everywhere. Spam has been a non issue since 15+ years ago.

Your experience isn’t representative. Mine isn’t either.

I've seen plenty of Gmail accounts over the years and they pretty much look the same.

The only Gmail accounts that are "overrun by spam" are those of people subscribing to lots of spammy newsletters and then not knowing how to unsubscribe from them (or figuring they'd stay subscribed in case the next newsletter is the Magical One™). But that's 100% self inflicted and you can't save those people with any technical solution.

Email spam isn't a day to day problem for Gmail (at least) since Bayesian email filtering was first implemented.

The specific concern around uptime & reliability was baked into email systems from almost the start - undeliverable notifications (for the sender) and retries.

But yes, the “trust / spam score” is a legit challenge. If only device manufacturers were held liable for security flaws, but we sadly don’t live in that timeline.

Its not a device/MTA issue, SMTP just is not a secure protocol and there is not much you can do in order to 'secure' human communication. Things like spoofing or social engineering are near impossible to address within SMTP without external systems doing some sort of analysis on the messages or in combination with other protocols like DNS.

SMTP isn't at fault, the social ecosystem is at fault. Every system where identities are cheap has a spam problem. If you think a system has cheap identities and no spam, it probably doesn't have cheap identities — examples are HN or Reddit.

Trust / spam score is the largest one I think, second to consumer ISPs blocking the necessary ports for receiving mail.

Even if your "self hosting" is renting a $5/month VPS, some spam lists (e.g. UCEPROTECT) proactively mark any IP ranges owned by consumer ISPs and VPS hosting as potential spam. I figured paying fastmail $30/yr was worth never having to worry about it.

Not to detract from your wider point, but there's a few ISPs which own IP blocks which aren't blacklisted.

I had quite a bit of success with it and of course, DKIM and the other measures you can take some years back.

For personal emails, I don't think I had any which fed straight into spam.

For "Trust", I believe patio11 described this system as the "Taxi Medallion of Email".

e.g. you spend a lot of money to show that you are a legitimate entity or you pay less money to rent something that shows you are connected to said entity.

If everyone ran a mail server at home spam scores wouldn't be so strict

3) Upgrades suck. Admin also sucks

Maintenance is probably my number one reason for giving up on projects where I'm responsible for feeding the pet.