179
submitted 1 year ago by hperrin@lemmy.world to c/degoogle@lemmy.ml

Hi, I’m Hunter Perrin, and I made a new email service called Port87.

Gmail was a great email service back in 2006, but now it just sucks. They put ads in your inbox that look like unread emails to trick you into clicking them. To me, that means Gmail is malware.

I’ve been degoogling my life for the past 7 years, and Gmail is the last Google service I depended on. I love ProtonMail and use it too, but I developed a new way to sort email automatically, and wanted to write my own service based on it.

Port87 lets you use a tagged address like yourname-netflix@port87.com, and that automically creates a “netflix” label and puts all email to that address in it. This helps keep your email organized automatically, and protects against spam and phishing.

The database abstraction library I wrote for Port87 is called Nymph.js, and it’s open source. Also the UI library I wrote is called Svelte Material UI, and it’s open source too.

I hope you all like it, and hopefully it can help migrate away from Gmail.

all 50 comments
sorted by: hot top controversial new old
[-] emptyother@programming.dev 34 points 1 year ago

Nice. Why use '-', and not '+' like we are used to from google? One argument against '-' is that some people use it as part of their name.

[-] hperrin@lemmy.world 26 points 1 year ago

You can also use a plus sign if you want to, but it’s not accepted everywhere, so I recommend using hyphen instead. One example is that Microsoft doesn’t accept plus signs in emails addresses, but does accept hyphens.

Usernames in Port87 can only contain letters and numbers, so there isn’t any issue with using it as a separator.

[-] wewbull@feddit.uk 1 points 11 months ago

The reason is that + is specified in the RFC as being for email aliases, so many systems ban it because they don't want you to be able to track who they got your email from. A hyphen, on the other hand, is a normal character.

You're no RFC compliant doing what you're doing, but the advertiser won't catch on immediately because of it.

[-] hperrin@lemmy.world 1 points 11 months ago

I don’t believe there’s any RFC that says I can’t or shouldn’t do what I’m doing. The only RFC concerning subaddressing I can find is RFC 5233 (and the one it obsoletes). That one only concerns sieve filtering, which I’m not doing, and it specifies that any character can be configured as the separator character. The three examples it gives are “+”, “#”, and “--“.

[-] dpkonofa@lemmy.world 15 points 1 year ago

Yeah, this fundamentally breaks email addresses since john-hertz@port87.com is the same as john@port87.com. If someone’s name is hyphenated and they’ve been able to use that in every other email address, it breaks their email.

[-] hperrin@lemmy.world 22 points 1 year ago* (last edited 1 year ago)

Hyphens aren’t allowed in Port87 usernames in order to prevent a situation like this. It’s surprising what is actually allowed to be an email address.

"Some Guy"@[192.168.0.5]

That’s a valid email address. There aren’t really any email services that don’t put limits on usernames though. Your Gmail username can’t be "Some Guy".

[-] dpkonofa@lemmy.world 3 points 1 year ago

I get that but you're disallowing valid email addresses to do so. Gmail does actually allow you to use that email address. You would create it as Some.Guy@gmail.com and then you can address it to "Some Guy"@gmail.com because Google treats spaces and periods the same since spaces aren't allowed without quotes.

I like what you're doing here, I'm just pointing out a major issue with how you're implementing it. You could have literally chosen any character as the delimiter so it's weird to me that you chose one that's so useful vs. others that are not.

[-] hperrin@lemmy.world 17 points 1 year ago* (last edited 1 year ago)

I chose it because it is universally accepted. It works everywhere, as opposed to plus, which doesn’t work in a number of places. It doesn’t really matter that it disallows valid addresses. Every provider disallows valid addresses. _@gmail.com is another valid address, and you can’t register it.

[-] Psythik@lemm.ee 29 points 1 year ago

Are you able to guarantee that your email service will still be around a year from now? Or five years from now? Or twenty?

Not trying to hate, just want to make sure before I create an account and start using your service for literally everything. If you one day decide to shut down and I lose access to my primary email address, I'm screwed.

[-] hperrin@lemmy.world 31 points 1 year ago

This is a great question.

I can guarantee it will be around a year from now (unless California or the United States is no longer around). I have no plans to close it or stop offering the service. I’m funding it myself, and I have enough to keep it going without profit for several years (probably over five years). For now, I’m letting people on through a waitlist so I can control its growth and understand the limits of the current servers. Then I can set up automatic provisioning based on those metrics.

I’m trying to self fund it through profitability, so that the only people I have to answer to are my customers, rather than investors, who may not have the best interest of the customers in mind.

As for twenty years in the future, I would love to still be in control of it, but I can’t guarantee that. If I do sell it, one of my top priorities will be that the new owner maintain the current domain name and users. Or if I step down as CEO, I would choose a successor that shares my vision and motivations.

I’ll also be supporting custom domains in the near future, so if you join and use your own domain, then you could always transfer that to a new provider if anything does happen to the service.

I hope that answers your question well and alleviates any concerns you have.

[-] BEDE@lemmy.world 4 points 1 year ago

This is a really thorough and useful answer. Nice one.

[-] Dnlb@lemmy.ml 24 points 1 year ago

what is the business model for this service?

i couldnt find a privacy policy.

Sorting emails like this is really useful.

[-] hperrin@lemmy.world 18 points 1 year ago

Here’s the privacy policy:

https://port87.com/privacy-policy

You get 500MB free storage, and you can receive unlimited email. Here’s the breakdown of subscriptions:

  • $0.99/month to send unlimited messages.
  • $1.99/month for 2GB
  • $5.99/month for 10GB
  • $9.99/month for 20GB
  • $19.99/month for 100GB
  • $39.99/month for 1TB

I’m working on a mobile app that will be free. For now, the web app is a progressive web app, so you can install that to your home screen and it works like a mobile app.

I’m also working on other features that aren’t ready yet, but they’ll be premium features:

  • IMAP, SMTP, and CardDAV support.
  • Custom domain support.
  • Additional users for your custom domain.

So basically the business model is pretty similar to other email services. One difference is that I charge for sending mail, and basically that’s to prevent spam. Spammers are unlikely to use a real payment account, because it will get shut down when they’re caught spamming.

[-] Dnlb@lemmy.ml 11 points 1 year ago

Thanks for the informative answer.

The business model seems to be subscription based which i like(decently priced imo).

i suggest you looking into supporting external mail clients like k9/fairemail. Emails being encrypted at rest would be big.(People like to keep their stuff private even from the provider). Having a web app is nice tho.

i hope your ventures into this become succesful.

[-] hperrin@lemmy.world 4 points 1 year ago

Thank you. :)

Once I have IMAP working, third party clients like those will work. IMAP will also let you export and import emails.

One of my goals is ease of use (particularly to support enterprise users), and storing emails encrypted complicates things. (You need a bridge for IMAP, and you need to index all emails on the client side to support full text search.) I will support S/MIME and OpenPGP over IMAP though, so with the right setup, emails could be end-to-end encrypted.

[-] jonne@infosec.pub 7 points 1 year ago

Why do you think you need a mobile app when there's already a ton of free email clients for mobile?

[-] hperrin@lemmy.world 10 points 1 year ago* (last edited 1 year ago)

I’m going to support IMAP too, but IMAP doesn’t fully support the way Port87 works, so the mobile app will probably be the better experience for most people.

Labels in Port87 have the following options:

  • Get push notifications about new mail that comes to this label.
  • Show the mail from this label in the aggbox.
  • Mark incoming mail to this label as read.
  • If the sender is new, screen (hold) their emails until they pass a simple challenge to make sure they're human.
  • Include this label in the list of addresses sent to people when they try to mail your bare address.

In the app, I can present these as toggles, but there isn’t a way to do that in IMAP.

IMAP also isn’t aware of an address being mapped to a label, so in the app when you hit reply or compose, it will use the address of the label as the From address. In IMAP/SMTP, you’ll have to adjust that yourself every time.

So basically, I’m going to try to make using a third party app the best experience I can, but there are limitations at the protocol level that will be very difficult to work around.

[-] Dsklnsadog@lemmy.dbzer0.com 12 points 1 year ago

Congrats on doing your part. We need more privacy focus emails Competition and alternatives are great, I wish you success!

[-] Gargari@lemmy.ml 10 points 1 year ago

With ProtonMail filters you can do the same. Custom domain with all-catch address, use service-name@customdomain.com and use filters to send them the desired folder, or spam or delete it

[-] hperrin@lemmy.world 8 points 1 year ago

That’s what I was doing when I came up with this idea. It works well, but you have to create a filter every time you sign up somewhere. Also with mine you can screen senders (when someone new emails a label with screening, it will email them back a link to click to prove they’re human before the email is delivered).

[-] evulhotdog@lemmy.world 6 points 1 year ago* (last edited 1 year ago)

I think Fastmail already handles this gracefully, and has all the right integrations. Why should I use your service over Fastmail?

For example, the integration with Bitwarden can generate a new username for every site you go on.

I think to an attacker, your naming allows for identification of the pattern.

Also, 100% spam identification… nothing in the world is 100%. Unless you count the verification for someone to send you an email, which I don’t know if I consider spam identification.

[-] hperrin@lemmy.world 1 points 1 year ago

I’ve never used Fastmail, so I don’t know what it’s like. You’re welcome to try mine out, and if there’s something you would like me to add, I’m open to suggestions. :)

So the 100% spam block rate is talking about the prototype, which is what I was doing with ProtonMail and my Gmail account (which is where I prototyped the screening system). I’ve never gotten spam in my inbox in those places since I set up these systems. I’m not saying it’s impervious to spam, but I am saying spamming it is not really easy. If you start to get spam in a label, you can just block that label and change your address to a new label’s address for whatever account that is.

[-] evulhotdog@lemmy.world 7 points 1 year ago

This is where I think the flaw is in your system. You wouldn’t necessarily want to give your friends evul-friends@foo.com. Because once you start getting spam to it, you can’t nuke the email, because more then one person has it.

This is why one address per recipient or service makes the most sense. Not user defined, but completely random or maybe what the Fastmail automated emails do.

I suggest doing some market research before building your product/service so you are designing something that has the best fit for your consumer, and I think Fastmail handles things better than your service would right now, based upon what you’ve shared.

load more comments (5 replies)
[-] Pzulu@lemmy.world 7 points 1 year ago

Will this be a paid for service?

We all need to realise, check what you are looking at and their business practice.

If it does what you need and does not exploit you, pay for the service!

Best of luck to you.

[-] hperrin@lemmy.world 2 points 1 year ago

There is a free tier that gives you 500MB and you can receive unlimited messages. More storage and the ability to send messages are available as paid subscriptions.

I’m working on other features that will be paid as well, like IMAP access and custom domains. (I’m working on a mobile app that will be free, but the IMAP servers will be expensive to run, because they need to support more concurrent connections than the servers needed for the app.)

I can’t compete with Gmail’s 10GB for free, but I can certainly compete on the fact that I don’t track you and don’t trick you into clicking ads!

[-] DharmaCurious@startrek.website 6 points 1 year ago

This is awesome! The way this works is what I've been doing for years by manually creating different emails. Mymail.streaming@gmail, myemail.work@gmail, myemail.medical@gmail et cetera .I have literally dozens of Gmail accounts to keep things organized. The idea of people able to transition that to a single address sounds amazing. Can't wait to get approved.

[-] dpkonofa@lemmy.world 6 points 1 year ago

You’ve been doing it wrong. Gmail support Plus (+) Addressing in single accounts. There’s literally no need for “dozens” of Gmail accounts.

[-] TheButtonJustSpins@infosec.pub 2 points 1 year ago

Many services don't accept a + in an email address as a valid address.

[-] dpkonofa@lemmy.world 2 points 1 year ago

Then keep one generic gmail account for spam like that. Most services support plus addressing just fine because it’s part of the W3 mail protocol. You can also use a forwarding service for those emails. There are a ton of free forwarding/relay services.

[-] hperrin@lemmy.world 1 points 1 year ago

Yep, like Microsoft. That’s why Port87 supports plus or hyphen. Unfortunately, Gmail can’t support that, since Gmail usernames can have hyphens.

[-] evulhotdog@lemmy.world 4 points 1 year ago

Fastmail offers this as well. I suggest looking into their offerings.

[-] hperrin@lemmy.world 1 points 1 year ago

Invite sent. :) Let me know if you have any issues signing up.

[-] BlueFire@lemmy.ml 2 points 1 year ago

can I have one too please? Thanks!

[-] hperrin@lemmy.world 1 points 1 year ago

If you were on the waitlist, you should have the invite now. :)

Why should I use this over email aliasing services like addy.io or simplelogin?

[-] hperrin@lemmy.world 12 points 1 year ago

Mostly because mine is automatic. You don’t have to set anything up in advance. I was at the gym the other day, and I just put in hperrin-planetfitness@port87.com, and later when I checked my phone, the “planetfitness” label was there in my pending labels. I’m pretty sure they’re going to send me ads, so I’m just going to block the label once I’m sure I’m not going back.

But also I think it’s a really good email system, but I’m biased, because I made it. :)

[-] LunchEnjoyer@lemmy.world 5 points 1 year ago

Kudos dude! I will definitely try this out ✨

[-] nayminlwin@lemmy.ml 5 points 1 year ago

Svelete is quite fantastic.

[-] LoggedHorizon@lemmy.world 3 points 1 year ago

Definitely will try this out.

[-] RTRedreovic@feddit.ch 1 points 11 months ago

Are all of its components open source?

[-] hperrin@lemmy.world 2 points 11 months ago* (last edited 11 months ago)

Not all. It’s made of mostly open source components though, with proprietary parts added on top. Here are the open source components it uses:

Components by others:

  • Node.js
  • Express.js
  • Haraka
  • SvelteKit
  • Svelte

Components made by me:

  • Nymph.js
  • Svelte Material UI

(These lists are not exhaustive.)

I am also going to incorporate Nephele (the WebDAV server) and a yet to be named IMAP server into it, which are open source projects of mine.

this post was submitted on 04 Nov 2023
179 points (92.4% liked)

DeGoogle Yourself

7743 readers
39 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 4 years ago
MODERATORS