Hi, I’m Hunter Perrin, and I made a new email service called Port87.

Gmail was a great email service back in 2006, but now it just sucks. They put ads in your inbox that look like unread emails to trick you into clicking them. To me, that means Gmail is malware.

I’ve been degoogling my life for the past 7 years, and Gmail is the last Google service I depended on. I love ProtonMail and use it too, but I developed a new way to sort email automatically, and wanted to write my own service based on it.

Port87 lets you use a tagged address like yourname-netflix@port87.com, and that automically creates a “netflix” label and puts all email to that address in it. This helps keep your email organized automatically, and protects against spam and phishing.

The database abstraction library I wrote for Port87 is called Nymph.js, and it’s open source. Also the UI library I wrote is called Svelte Material UI, and it’s open source too.

I hope you all like it, and hopefully it can help migrate away from Gmail.

  • emptyother@programming.dev
    link
    fedilink
    arrow-up
    34
    ·
    1 year ago

    Nice. Why use ‘-’, and not ‘+’ like we are used to from google? One argument against ‘-’ is that some people use it as part of their name.

    • hperrin@lemmy.worldOP
      link
      fedilink
      arrow-up
      26
      ·
      1 year ago

      You can also use a plus sign if you want to, but it’s not accepted everywhere, so I recommend using hyphen instead. One example is that Microsoft doesn’t accept plus signs in emails addresses, but does accept hyphens.

      Usernames in Port87 can only contain letters and numbers, so there isn’t any issue with using it as a separator.

      • wewbull@feddit.uk
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        The reason is that + is specified in the RFC as being for email aliases, so many systems ban it because they don’t want you to be able to track who they got your email from. A hyphen, on the other hand, is a normal character.

        You’re no RFC compliant doing what you’re doing, but the advertiser won’t catch on immediately because of it.

        • hperrin@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          11 months ago

          I don’t believe there’s any RFC that says I can’t or shouldn’t do what I’m doing. The only RFC concerning subaddressing I can find is RFC 5233 (and the one it obsoletes). That one only concerns sieve filtering, which I’m not doing, and it specifies that any character can be configured as the separator character. The three examples it gives are “+”, “#”, and “–“.

      • hperrin@lemmy.worldOP
        link
        fedilink
        arrow-up
        23
        arrow-down
        1
        ·
        edit-2
        1 year ago

        Hyphens aren’t allowed in Port87 usernames in order to prevent a situation like this. It’s surprising what is actually allowed to be an email address.

        “Some Guy”@[192.168.0.5]

        That’s a valid email address. There aren’t really any email services that don’t put limits on usernames though. Your Gmail username can’t be “Some Guy”.

        • Zoolander@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          3
          ·
          1 year ago

          I get that but you’re disallowing valid email addresses to do so. Gmail does actually allow you to use that email address. You would create it as Some.Guy@gmail.com and then you can address it to "Some Guy"@gmail.com because Google treats spaces and periods the same since spaces aren’t allowed without quotes.

          I like what you’re doing here, I’m just pointing out a major issue with how you’re implementing it. You could have literally chosen any character as the delimiter so it’s weird to me that you chose one that’s so useful vs. others that are not.

          • hperrin@lemmy.worldOP
            link
            fedilink
            arrow-up
            18
            arrow-down
            1
            ·
            edit-2
            1 year ago

            I chose it because it is universally accepted. It works everywhere, as opposed to plus, which doesn’t work in a number of places. It doesn’t really matter that it disallows valid addresses. Every provider disallows valid addresses. _@gmail.com is another valid address, and you can’t register it.

              • hperrin@lemmy.worldOP
                link
                fedilink
                arrow-up
                10
                ·
                1 year ago

                Also tagged addressing, subaddressing, or mail extensions. Mine is not the first service to use hyphen. The Courier server also uses hyphen. Also, with mine you can use a plus or a hyphen.

                • Yawnder@lemmy.zip
                  link
                  fedilink
                  arrow-up
                  2
                  arrow-down
                  6
                  ·
                  1 year ago

                  The point is that it’s quite “intense” to hardcore that. It should be quite easy to have that as a server side parameter, or even allow it to be a per-email setting.

  • Psythik@lemm.ee
    link
    fedilink
    arrow-up
    29
    ·
    1 year ago

    Are you able to guarantee that your email service will still be around a year from now? Or five years from now? Or twenty?

    Not trying to hate, just want to make sure before I create an account and start using your service for literally everything. If you one day decide to shut down and I lose access to my primary email address, I’m screwed.

    • hperrin@lemmy.worldOP
      link
      fedilink
      arrow-up
      33
      arrow-down
      2
      ·
      1 year ago

      This is a great question.

      I can guarantee it will be around a year from now (unless California or the United States is no longer around). I have no plans to close it or stop offering the service. I’m funding it myself, and I have enough to keep it going without profit for several years (probably over five years). For now, I’m letting people on through a waitlist so I can control its growth and understand the limits of the current servers. Then I can set up automatic provisioning based on those metrics.

      I’m trying to self fund it through profitability, so that the only people I have to answer to are my customers, rather than investors, who may not have the best interest of the customers in mind.

      As for twenty years in the future, I would love to still be in control of it, but I can’t guarantee that. If I do sell it, one of my top priorities will be that the new owner maintain the current domain name and users. Or if I step down as CEO, I would choose a successor that shares my vision and motivations.

      I’ll also be supporting custom domains in the near future, so if you join and use your own domain, then you could always transfer that to a new provider if anything does happen to the service.

      I hope that answers your question well and alleviates any concerns you have.

  • Dnlb@lemmy.ml
    link
    fedilink
    arrow-up
    24
    ·
    1 year ago

    what is the business model for this service?

    i couldnt find a privacy policy.

    Sorting emails like this is really useful.

    • hperrin@lemmy.worldOP
      link
      fedilink
      arrow-up
      19
      arrow-down
      1
      ·
      1 year ago

      Here’s the privacy policy:

      https://port87.com/privacy-policy

      You get 500MB free storage, and you can receive unlimited email. Here’s the breakdown of subscriptions:

      • $0.99/month to send unlimited messages.
      • $1.99/month for 2GB
      • $5.99/month for 10GB
      • $9.99/month for 20GB
      • $19.99/month for 100GB
      • $39.99/month for 1TB

      I’m working on a mobile app that will be free. For now, the web app is a progressive web app, so you can install that to your home screen and it works like a mobile app.

      I’m also working on other features that aren’t ready yet, but they’ll be premium features:

      • IMAP, SMTP, and CardDAV support.
      • Custom domain support.
      • Additional users for your custom domain.

      So basically the business model is pretty similar to other email services. One difference is that I charge for sending mail, and basically that’s to prevent spam. Spammers are unlikely to use a real payment account, because it will get shut down when they’re caught spamming.

      • Dnlb@lemmy.ml
        link
        fedilink
        arrow-up
        11
        ·
        1 year ago

        Thanks for the informative answer.

        The business model seems to be subscription based which i like(decently priced imo).

        i suggest you looking into supporting external mail clients like k9/fairemail. Emails being encrypted at rest would be big.(People like to keep their stuff private even from the provider). Having a web app is nice tho.

        i hope your ventures into this become succesful.

        • hperrin@lemmy.worldOP
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Thank you. :)

          Once I have IMAP working, third party clients like those will work. IMAP will also let you export and import emails.

          One of my goals is ease of use (particularly to support enterprise users), and storing emails encrypted complicates things. (You need a bridge for IMAP, and you need to index all emails on the client side to support full text search.) I will support S/MIME and OpenPGP over IMAP though, so with the right setup, emails could be end-to-end encrypted.

      • jonne@infosec.pub
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        Why do you think you need a mobile app when there’s already a ton of free email clients for mobile?

        • hperrin@lemmy.worldOP
          link
          fedilink
          arrow-up
          11
          arrow-down
          1
          ·
          edit-2
          1 year ago

          I’m going to support IMAP too, but IMAP doesn’t fully support the way Port87 works, so the mobile app will probably be the better experience for most people.

          Labels in Port87 have the following options:

          • Get push notifications about new mail that comes to this label.
          • Show the mail from this label in the aggbox.
          • Mark incoming mail to this label as read.
          • If the sender is new, screen (hold) their emails until they pass a simple challenge to make sure they’re human.
          • Include this label in the list of addresses sent to people when they try to mail your bare address.

          In the app, I can present these as toggles, but there isn’t a way to do that in IMAP.

          IMAP also isn’t aware of an address being mapped to a label, so in the app when you hit reply or compose, it will use the address of the label as the From address. In IMAP/SMTP, you’ll have to adjust that yourself every time.

          So basically, I’m going to try to make using a third party app the best experience I can, but there are limitations at the protocol level that will be very difficult to work around.

  • Dsklnsadog@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    Congrats on doing your part. We need more privacy focus emails Competition and alternatives are great, I wish you success!

    • hperrin@lemmy.worldOP
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      That’s what I was doing when I came up with this idea. It works well, but you have to create a filter every time you sign up somewhere. Also with mine you can screen senders (when someone new emails a label with screening, it will email them back a link to click to prove they’re human before the email is delivered).

      • evulhotdog@lemmy.world
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        1 year ago

        I think Fastmail already handles this gracefully, and has all the right integrations. Why should I use your service over Fastmail?

        For example, the integration with Bitwarden can generate a new username for every site you go on.

        I think to an attacker, your naming allows for identification of the pattern.

        Also, 100% spam identification… nothing in the world is 100%. Unless you count the verification for someone to send you an email, which I don’t know if I consider spam identification.

        • hperrin@lemmy.worldOP
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          1 year ago

          I’ve never used Fastmail, so I don’t know what it’s like. You’re welcome to try mine out, and if there’s something you would like me to add, I’m open to suggestions. :)

          So the 100% spam block rate is talking about the prototype, which is what I was doing with ProtonMail and my Gmail account (which is where I prototyped the screening system). I’ve never gotten spam in my inbox in those places since I set up these systems. I’m not saying it’s impervious to spam, but I am saying spamming it is not really easy. If you start to get spam in a label, you can just block that label and change your address to a new label’s address for whatever account that is.

          • evulhotdog@lemmy.world
            link
            fedilink
            arrow-up
            8
            arrow-down
            1
            ·
            1 year ago

            This is where I think the flaw is in your system. You wouldn’t necessarily want to give your friends evul-friends@foo.com. Because once you start getting spam to it, you can’t nuke the email, because more then one person has it.

            This is why one address per recipient or service makes the most sense. Not user defined, but completely random or maybe what the Fastmail automated emails do.

            I suggest doing some market research before building your product/service so you are designing something that has the best fit for your consumer, and I think Fastmail handles things better than your service would right now, based upon what you’ve shared.

            • hperrin@lemmy.worldOP
              link
              fedilink
              arrow-up
              1
              arrow-down
              2
              ·
              edit-2
              1 year ago

              That’s why you’d use screening on evul-friends@foo.com. Spam mail generally doesn’t have a valid Return-Path, and if it does, it’s probably not a monitored mailbox, so the spammer wouldn’t even receive the screening email, let alone follow the instructions in it.

              (By not valid, I mean a return path that leads to an actual mailbox. It can be a valid email address, just a bogus or spoofed one.)

              • beetus@lemmy.world
                link
                fedilink
                arrow-up
                4
                ·
                edit-2
                1 year ago

                I think you are misconstruing spam in this context.

                While you are right about “spam” mail not meeting valid header details or authentication, a lot of “spammy” content does - marketing emails.

                fastmails aliased emails allow for users to generate unique email addresses for each individual service they sign up for. What this enables is that when that service inevitably sells that email address to another spammy, potentially legitimate, but still spammy provider. They can then unsubscribe from that alias email entirely.

                What you are describing seems less focused on protecting one address from being sold and shared. I think you need to accommodate for the fact that businesses sell lists of email addresses against their users wishes. That use case doesn’t seem to be met yet

                • hperrin@lemmy.worldOP
                  link
                  fedilink
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  1 year ago

                  You can block a label in Port87. So, if some place sells the address you gave them, you can block that label, and that address will start rejecting emails. The error response that is returned to their server is “that mailbox doesn’t exist”, so if they look at the bounce message (which they almost definitely won’t do), it will look like that email address was deleted.

  • Pzulu@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    Will this be a paid for service?

    We all need to realise, check what you are looking at and their business practice.

    If it does what you need and does not exploit you, pay for the service!

    Best of luck to you.

    • hperrin@lemmy.worldOP
      link
      fedilink
      arrow-up
      4
      arrow-down
      2
      ·
      1 year ago

      There is a free tier that gives you 500MB and you can receive unlimited messages. More storage and the ability to send messages are available as paid subscriptions.

      I’m working on other features that will be paid as well, like IMAP access and custom domains. (I’m working on a mobile app that will be free, but the IMAP servers will be expensive to run, because they need to support more concurrent connections than the servers needed for the app.)

      I can’t compete with Gmail’s 10GB for free, but I can certainly compete on the fact that I don’t track you and don’t trick you into clicking ads!

    • hperrin@lemmy.worldOP
      link
      fedilink
      arrow-up
      12
      ·
      1 year ago

      Mostly because mine is automatic. You don’t have to set anything up in advance. I was at the gym the other day, and I just put in hperrin-planetfitness@port87.com, and later when I checked my phone, the “planetfitness” label was there in my pending labels. I’m pretty sure they’re going to send me ads, so I’m just going to block the label once I’m sure I’m not going back.

      But also I think it’s a really good email system, but I’m biased, because I made it. :)

  • Dharma Curious@startrek.website
    link
    fedilink
    arrow-up
    7
    arrow-down
    1
    ·
    1 year ago

    This is awesome! The way this works is what I’ve been doing for years by manually creating different emails. Mymail.streaming@gmail, myemail.work@gmail, myemail.medical@gmail et cetera .I have literally dozens of Gmail accounts to keep things organized. The idea of people able to transition that to a single address sounds amazing. Can’t wait to get approved.

    • Zoolander@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      2
      ·
      1 year ago

      You’ve been doing it wrong. Gmail support Plus (+) Addressing in single accounts. There’s literally no need for “dozens” of Gmail accounts.

        • Zoolander@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Then keep one generic gmail account for spam like that. Most services support plus addressing just fine because it’s part of the W3 mail protocol. You can also use a forwarding service for those emails. There are a ton of free forwarding/relay services.

        • hperrin@lemmy.worldOP
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Yep, like Microsoft. That’s why Port87 supports plus or hyphen. Unfortunately, Gmail can’t support that, since Gmail usernames can have hyphens.

    • hperrin@lemmy.worldOP
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Not all. It’s made of mostly open source components though, with proprietary parts added on top. Here are the open source components it uses:

      Components by others:

      • Node.js
      • Express.js
      • Haraka
      • SvelteKit
      • Svelte

      Components made by me:

      • Nymph.js
      • Svelte Material UI

      (These lists are not exhaustive.)

      I am also going to incorporate Nephele (the WebDAV server) and a yet to be named IMAP server into it, which are open source projects of mine.