[ih] The Decline and Fall of Internet Email?

[Bill Woodcock]

> On Feb 11, 2024, at 02:08, Jack Haverty via Internet-history <internet-history at elists.isoc.org> wrote:
> Electronic mail used to be "the" mechanism for human-to-human communication over the 'net.  Now it seems to be just one of many "silos" of communications mechanisms that people can use, and the "important" email seems to be moving away from traditional email into one or more silos.   Internet email seems to be rapidly evolving into the mechanism for "junk mail”.  For history's sake, how did the reliability of network email get from the 1980s to today?

This is a fight that we’re losing, right now, despite the efforts of folks like Bert Hubert.  The silos are, specifically, commercial proprietary walled gardens, as opposed to communication based on open standards, which anyone can write to.

I think spam was the beginning of the end for open-standards based email as it was originally envisioned.  By the time spam emerged as a problem serious enough to need fixing, many people perceived the installed base of email servers as being too big to accommodate a significant not-backwards-compatible change to the underlying protocol.  And, indeed, it might have been, at that time.  That was still during the period of growth in Internet competition, when there were low barriers to new-market-entry.  Then came 9/11 and the surveillance economy and “free!!!” services, and competition began to contract.  As a smaller number of companies began to become abusive market-dominant actors, they were able to begin forcing non-backward-compatible changes, mostly under the guise of “doing something about spam” in order to prevent new market entry and undermine self-hosted servers.  Recent studies have shown that Google and Microsoft have essentially succeeded in destroying all significant federation and independent email hosting out of every sector other than government and some higher-ed.  Which isn’t to say it no longer exists (we of course can’t use any external service providers, and a few companies like Proton continue to exist) but that it’s become statistically insignificant.  Which is, of course, how abusive market-dominant actors like it…  they have enough “competition” to be able to point to when regulators come calling, but not enough to actually deprive them of any profits.

So, what to do about it?  

One approach would be using an end-to-end overlay, and (for instance) not send or accept any email which wasn’t PGP-encrypted.  It’s hard to get there, and it’s not clear how many people would be able to stick to a hard-line solution like that.  Nor how useful half-measures would be.  Three tiers of mailbox, one for signed/encrypted, one for other, one for junk?  I already have enough trouble with legit email showing up in my junk folder; typically 10-20 pieces per day of legit individual-to-individual correspondence, which is significant.  I’m not sure a third tier would make that better rather than worse.

Evangelism, and shaming people and organizations that try to outsource that core function, might work, but it feels like too little too late, at this point.  I was heartened to see a lot of public outrage about SIDN giving up on operating the .NL ccTLD registry… but it’s not clear that they’ll take it back, and now that they’ve given up, they’ll likely quickly lose the in-house competence needed to run it.  My worry is that, even though running a mailserver isn’t (or shouldn’t be, Google and Microsoft’s efforts aside) a difficult task, many organizations may already have lost even that basic competence.

Appliances.  There have been several attempts at bundling the usual open-source tools onto easy-to-deploy appliances (https://www.thehelm.com/ etc.) but they haven’t really panned out.  For folks more comfortable with doing their own sysadmin work and building something on top of server hardware, there are a number of reasonably fully-fledged bundles of open-source software (typically utilizing Dovecot, SquirrelMail, or Postfix), but they’re still quite a bit of work to install, configure, and maintain, and are reasonably fragile. The commercial-support-for-open-source-software business model has been getting more robust over time, but is also quite vulnerable to capture.  There’s little to nothing to prevent Google and Microsoft from buying (or co-opting, in the case of non-profits) such efforts, as they did with Red Hat, Git, Mozilla, etc.).

Brand new protocols.  This seems like the most likely to pan out in the long run.  The profusion of stupid little proprietary efforts which you noted indicates the degree of demand.  The problem is that too many people have either grown up, or become complacent, during the surveillance capitalism era, so they have little faith in open protocols and business models based on them.  The fediverse is a sort of encouraging swing of the pendulum back toward sanity, but it just isn’t built on actual open protocols actually designed by protocol designers…  ActivityPub is a steaming pile of web-front-end crap, and it’s not clear that it will ever be possible to whip it into a real open protocol.  But, that digression aside, it does seem like there’s demand.  Signal, for instance, may have the beginning of a protocol under it, if you ignore the company and the “but we have to have your phone number!” prevarication.  I think we’ve all learned a lot of lessons with email, spam, PGP, MIME, etc., and a lot of us understand pretty clearly what a new protocol informed by those lessons would look like. It doesn’t need to be complicated, but it does need to have incentives aligned to prevent abuse from the get-go.  And it would make life a lot easier if a few of the major MUA folks, like Apple, particularly, would commit to it from day one, so everybody didn’t have to go looking in two different places for their “email” style communication.  I believe that Apple killing support for XMPP is really what killed it for general use.  Up until Apple removed it from Messages, it was my primary real-time communication mechanism, and was for a lot of people I knew.  Having to split between XMPP for work and Apple proprietary for friends-and-family _using separate tools_ was just a bridge too far.

What do other people think?

                                -Bill

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://elists.isoc.org/pipermail/internet-history/attachments/20240211/64b5d80b/attachment.asc>