Thursday, March 30, 2023

GMail is Breaking Email

Email is an open system, right? Anyone can send a message to anyone... unless they are on Gmail!

School Interviews uses two email servers to send confirmation emails to parents when they make a booking:


It goes without saying that our messages are not spam, and we do everything right to prevent them ending up in spam folders. Both email servers have PTR records set up, and SPF records only allow email emanating from these two servers. Every message is cryptographically signed with DKIM, and DMARC records tell receiving servers to apply all these restrictions strictly.

Neither server is a open relay, and both send only our messages - no-one else is sending spam from these servers. 

All this effort pays off. We check our servers aren't on spam blacklists every day, and our Google Postmaster Tools account shows practically perfect scores on all metrics:

Can anyone hear a "but" coming?

But... Gmail is rate-limiting our messages daily.



Those blue dots show over 3,500 Gmail customers having the booking confirmation email they asked for delayed by up to 12 hours. Our support people get several calls a day asking about missing confirmation emails, and they wearily explain that Gmail is delaying delivery for no good reason. 

The actual error is:

Our system has detected an unusual rate of 421-4.7.28 unsolicited mail originating from your IP address. To protect our 421-4.7.28 users from spam, mail sent from your IP address has been temporarily 421-4.7.28 rate limited.

"An unusual rate of unsolicited mail"? We've established we don't send spam, and Google's own Postmaster Tools can't detect any spam, so it seems to me that Gmail's detection algorithm is broken.

And it has been broken for a while, because we've been rate-limited for months. We've done everything we can to alert Google to the problem, and this blog post is a last-ditch attempt to get the message across. If you know anyone at Google, please send them a link.

Wait, I think I hear another "but"!

BUT... Problems like this are killing independant email.

This rate-limiting issue is not the only thorn in the side of email server admins. If you search the forums, you'll come across hundreds of reports of the big three email providers (Google, Microsoft and Yahoo) making email delivery so difficult that independant email servers are becoming untenable - keeping messages flowing is just too hard. 

And this is happening after SPF, DKIM and DMARC provided a solution to the spam problem. 

Any mail system can remove practically all spam by insisting messages conform to those three standards, so Gmail could - and should - be accepting our squeaky-clean messages without restriction.

Instead, the big three are making independant email delivery so difficult that we give up and move our inboxes to their services, and use one of their partners (like MailChimp or SendGrid) to deliver our system-generated messages.

I really hope I can write a follow-up saying that fixing the rate-limiting problem proves that Gmail is still committed to the open email standard. The alternative is that email will be subsumed into giant corporation's proprietary systems, and the wonderfully open and extensible message service we've enjoyed since the dawn of the internet will be gone.