DMARC helped me ditch gmail

I’ve been a gmail user for many years (maybe ten). Especially since the introduction of smart phones it has been a really convenient system to read email on the go. I rarely respond to email from my phone but I’ve done that occasionally too and it has worked adequately.

All this time I’ve used my own domain and email address and simply forwarded a subset of my email over to gmail, and I had gmail setup so that when I emailed out from it, it would use my own email address and not the one. Nothing fancy, just convenient. The gmail spam filter is also pretty decent so it helped me to filter off some amount of garbage too.

It was fine until DMARC

However, with the rise of DMARC over the recent years and with Google insisting on getting on that bandwagon, it has turned out to be really hard to keep forwarding email to gmail (since gmail considers forwarded emails using such headers fraudulent and it rejects them). So a fair amount of email simply never showed up in my gmail inbox (and instead caused the senders to get a bounce from a gmail address they didn’t even know I had).

I finally gave up and decided gmail doesn’t work for this sort of basic email setup anymore. DMARC and its siblings have quite simply made it impossible to work with emails this way, a way that has been functional for decades (I used similar approaches already back in the mid 90s on my first few jobs).

Similarly, DMARC has turned out to be a pain for mailing lists since they too forward email in a similar fashion and this causes the DMARC police to go berserk. Luckily, recent versions of mailman has options that makes it rewrite the From:-lines from senders that send emails from domains that have strict DMARC policies. That mitigates most of the problems for mailman lists. I love the title of this old mail on the subject: “Yahoo breaks every mailing list in the world including the IETF’s

I’m sure DMARC works for the providers in the sence that they block huge amounts of spam and fake users and that’s what it was designed for. The fact that it also makes ordinary old-school mail forwards really difficult and forces mailing list admins all over to upgrade mailman or just keep getting rejects since they use mailing list software that lacks the proper features, that’s probably all totally ignored. DMARC was as designed: it reduces spam at the big providers’ systems. Mission accomplished. The fact that they at the same time made world wide Internet email a lot less useful is probably not something they care about.

It’s done

gmail can read mails from remote inboxes, but it doesn’t support IMAP (only POP3) so simply switching to such a method wouldn’t even work. I just refuse to enable POP3 anywhere again.

Of course it isn’t an irreversible decision, but I’ve stopped the forward to gmail, cleared the inbox there and instead I’ve switched to Aqua mail on Android. It seems fairly feature complete and snappy. It isn’t quite as fancy and cool as the gmail client, but hopefully it will do its job.

The biggest drawback I’ve felt after a couple of weeks is the gmail spam filter. I do run spamassassin on my server and it catches the large bulk of all spams, but having the gmail spam system on top of that was able to block more silliness from my phone than spamassassin does alone.

9 thoughts on “DMARC helped me ditch gmail”

  1. I have been wondering a while why *some of* my forwarded emails didn’t show up in Gmail’s inbox (I set up forwarding just as you did). Now I finally know the reason! Thanks to this post.

    So it’s because Gmail enables DMARC, right? And we can not turn it off? If so, maybe I should also consider giving up this forwarding method.

    1. @Shengbin: yes that’s exactly what’s happening. The sender’s email headers say the receiver should verify the user, and gmail does that and the forwarded emails fail that verification so gmail rejects it and it bounces back.

  2. That DMARC is designed for big e-mail providers is exactly my impression as well.

    I’m running my own mail server (I always have) and in recent years I’ve had new things to worry about (even without running mailing lists or forwarding):

    – How can I avoid (or reduce the likelihood) that my mail is marked as spam by big e-mail providers? This is increasingly based on the reputation of the sender rather than the content of the message. I started signing outgoing mail with DKIM and that seemed to help.

    – How can I (conservatively) take advantage of DMARC when filtering for spam on incoming mail?

  3. Maybe it helps if you redirect mails to gmail instead of bouncing. All mails I’ve ever redirected to my gmail account have shown up.
    I use (my own) Mail Redirect add-on, but (for now) that only works manually… There is also an add-on to redirect from a filter, but I don’t know if it adds the same headers to make it work.

  4. @Onno: sure, I could probably do all sorts of weirdo work-arounds to get this to work if I just put some efforts into it, but then I’d also lose a major point of using gmail anyway: I’d just forward email there and read them normally with the correct original sender in the From: line. And it worked fine for almost ten years!

    So no, I don’t think bending over for “the DMARC mafia” is the right way. I think the right way is to move my mail over to someplace where good old email is appreciated: away from gmail.

  5. There are a *lot* of cases like this that affect small and large players differently: complex standards, proprietary standards, opaque protocols, heavily bureaucratic specifications, vertical integration, patents, certain legal protections (or lack thereof), etc. Each of these is low cost (or beneficial) for large players, but extremely high cost for small players.

    That’s why I get worried whenever new proposals are put forward that remove old simple capabilities in favour of new complex ones. This often happens for reasons of user security, performance or convenience — so the proposals *sound* great — but a little thought often shows that they drive smaller players into the ground. (Even though this externality is *not* intentional.)

    In many cases, smaller players have managed to stand firm when the new proposal is clearly disadvantageous as given (e.g. HTML+related over XML+related; HTTP inertia over HTTPS), or band together to create or demand solutions (e.g. Let’s Encrypt vs traditional CAs; TOR/anti-tracking to protect anonymity in the face of new tracking capabilities), or otherwise organisations have stepped forward to provide the necessary help (Mozilla, both successfully and unsuccessfully on many issues in the past; but also other companies and organisations in some cases).

    Alas, though, I fear the plight of the small player is going to get increasingly difficult.

Comments are closed.