I started using ProtonMail recently, and I notice that Gmail puts a big warning for emails originating from there. This is really insidious because it's teaching the users that any email that doesn't come from a Google approved source is sketchy.
@email@example.com Interesting, I tried this with Tutanota and GMail and it was received just fine, perhaps only because Tutanota is not as of yet so well known as ProtonMail?
But this is definitely an interesting observation, and something I'll keep an eye on...
@marhaec yeah I'm really not sure how Google decides which addresses it will warn you about
@yogthos does this only happen with protonmail or also other domains?
@sid it definitely doesn't happen with every domain because I haven't seen this from any businesses like say GitHub,
@yogthos Is that definitely what it's complaining about? To me it reads as if it's saying "this <name> has never contacted you from this address _before_", which is not an unreasonable thing to flag - that the address it associates with the name has changed.
@ersatzmaus it's possible, but that's not at all clear what the root cause is
It's not evil, it's not anti-competitive. Google *does* do other things that qualify as those! But this is a pretty innocuous anti-phishing and anti-spoofing thing.
- My work email is hosted on Google Apps.
- My home email uses my own domain, and hosted on Fastmail. I sometimes send mail from home to work, because that is the cutting edge way of carrying files around in 2019.
- I have an old personal @gmail.com account that I've never used to *directly* send mail to my work address.
- All 3 accounts have the same name.
I sent an email from old-gmail to work-g-apps and it showed the same message Dmitri saw.
Sounds like our working theory is that Google matches based on the name as opposed the provider.
I still feel this is invasive because Google is actively processing information regarding whom I interact with to make these kinds of decisions.
This particular usage doesn't bother me because it's not much different than maintaining an address book. Or, it's like a cache, they're hardly processing anything.
I ran in to the same problem when I changed my email address recently.
It's been enough to convince other people to also ween away from Gmail.
GMail considers Outlook an "insecure client".
@jbob I have same thoughts, platforms like Google and Fb aim to lock their users into their own private gardens, and actively discourage the flow of data between them and the rest of the internet.
@riking yeah that seems plausible
@yogthos yeah this sucks, all email that's not from the big corporate servers are having more and more trouble.
I run my own mail server which complies with all the rules such as SPL, DKIM and DMARC but many other mail servers don't bother looking at the rules they just block anything that's not from any of the popular corporate servers.
@yogthos quick test of this: If a user name changes hosts to something that normally doesn't raise this warning, does the warning appear? I.e. is it about the host, or about the change?
Because, "hey, this is a new domain name for this user, are you sure it's them?" is not a bad warning.
@yogthos WTF? I just tried and I didn't get that message :v
@yogthos from the wording this seems to be about a known name with a new address, not about ProtonMail though?
@yogthos It looks like the reason for that warning isn't because it's ProtonMail but because it's someone using the same name as one of your contacts (or someone you've exchanged email with) but a different email address.
@yogthos The problem is that a very large number of sketchy people are using protonmail now. Enough that folks I know are just blackholing the whole domain
I actually abree with warnings about them. Protonmail is widely regarded as a dishonest actor by security professionals. I regret giving them money.
Google doesn't pretend they won't or can't comply with a subpoena. Protonmail, on the other hand, pretends that both are impossible.
@yogthos I see where you're coming from. I work some with activists in places with narrow civic space and to be honest, these I'm happy for Google to prompt people to be careful. https://www.amnesty.org/en/latest/research/2019/03/phishing-attacks-using-third-party-applications-against-egyptian-civil-society-organizations/
@Argus yeah that's definitely a legitimate concern as well, so perhaps erring on the side of caution is better here.
Unfortunately, it also creates a lock in with Google. Now, I have to contact every person I interact with on gmail to let them know I have a new email account, and that it's perfectly legitimate. That creates quite a barrier for migrating off of it.
all i'm gonna say is:
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!