not the customer but the product

[cellio]

There's apparently another widespread Gmail outage, but this one is more harmful -- it's lying to senders about addresses being invalid (permanent error).

This might be the swift kick in the rear that I needed to figure out a different approach to email. I have a domain, so I should set up a single "collector" address there to receive everything I'm currently forwarding to Gmail (which I'll have to hunt around for; Pobox is easy but not the only one). I hadn't done that before because I thought that relying on Google (a huge, hardened service) was a safer bet than relying on my domain -- what happens if my domain gets hijacked, my hosting company compromised, etc? Rethinking that now...

Fortunately, I'm already forwarding Pobox to an address on my domain, a backup for Gmail, so I probably haven't lost anything. But I might be getting silently dropped from mailing lists I cared about. We'll see.

---

Ok, I think I now have everything going to one mailbox on my domain and, from there, mirrored to Gmail for now. I'd like to have all my mail in one place, but the last download of my Gmail mailbox was a 10G file in mbox format, which I don't know how to read or plug in to something else. (I mean, obviously that's a standard format, but what can I use on my Mac to read it?) I don't really want to store all that on my domain server long-term (it'd raise my storage costs), but there's probably a lot of junk in it, mixed in with the stuff I care about. I'd already done some passes to, for example, nuke years-old mailing-list threads that I don't care about now, because Google has storage limits, but that's time-consuming.

I welcome input from people who've wrangled large mailboxes, domains, and email more generally.

Comments

[madfilkentist]

At first I figured it was a denial-of-service attack, but I don't see any news articles suggesting an outside attack of any kind. It's pretty easy to recognize a DoS attack, not to mention an opportunity to point blame, so they would have said so if that were it. It could be some kind of malware, or it could be a screwed-up system update.

Lots of news articles are mentioning the problem of incorrectly reporting accounts as non-existent, and there's no indication the accounts have actually vanished. If an account can't be reached, email protocols say to keep trying. It sounds as if Google's address lookup got badly messed up.

This could result in people being dropped from mailing lists and not knowing why. I get to see the bounces for the MASSFILC list, and so far there haven't been any from this event. In the past, Comcast has usually been the problem, and I've had to manually reinstate subscriptions on some occasions.

[cellio]

Huh, DoS didn't occur to me because I think of those as going after sites' "front doors". If Gmail wouldn't load, particularly through the web site, for example, I might suspect that. But a DoS that goes after backend servers could do a lot of damage and maybe be harder to identify. Good to know.

My address was reporting "address does not exist" to others while I had a browser tab and a phone app open and reading my (older) mail. My account was never gone; Gmail's servers told senders that it was. I hope not too many people (and mailing lists) believed them.

I was talking with someone last night who runs his synagogue's mailing list (about 1000 subscribers). Half his outbound email was bouncing back from Gmail, he said.

[madfilkentist]

It's difficult to hit backend servers with a DoS attack, since they aren't supposed to be visible to the Internet. There may be ways to do it, especially if insiders are involved. I'm more inclined (based on hardly any information, so take it for what it's worth) to think that either malware or a coding error caused the backend to falsely respond with "no such mailbox." Under normal circumstances, I'd expect Google's software to know the difference between "no such mailbox" and "mailbox temporarily unavailable" and return the appropriate error message.