cross-posted from: beehaw.org/post/21500261

If you’re not in Europe, move along. You’re stuffed and this thread can’t¹ help you.

European email self hosters–

Tech giants screw self-hosters over by crudely blocking email on the sole basis of IP address (e.g. if the IP is residential). Before 2016, we were as fucked as everyone (in fact worse b/c European ISPs tend to block² egress port 25).

Post 2016, we have the GDPR which has an Article 22 that gives us rights against Automated Individual Decision Making. It has become unlawful to profile people on a crude discriminatory basis without human intervention. The motherfuckers “predict” that you’re a baddy/spammer based on your personal information, which wholly consists of nothing more than your IP address. It’s as unsophisticated and prejudiced as it gets. They’re not using anything intelligent like spamassassin (as the cheap bastards want to save money for their greedy shareholders by reducing processing power at your expense).

Why let them get away with it? And unless you’re a boot-licker, you don’t dance for them either. Well, to some extent you may have to implement DKIM, SPF, DMARC, etc, but it’s debatable. Either way, you do you, and if in the end MS or Google or whatever imperial tech giant empire blocks you from sending email to their server on the blunt basis of your IP address, consider filing an Art.77 complaint to the relevant DPA citing Art.22 violations.

¹ Exceptionally, some non-EU regions have created their own variant of the GDPR like Brazil and some US states (e.g. CCPA in California). But AFAIK, they are all very watered down, weak and mostly useless. Just there for show. I don’t imagine that Art.22 sentiment has been adopted outside of Europe but plz correct me if I am wrong.
² If egress port 22 is blocked by your ISP, then you’re probably fucked anyway but there are some tricks to get the block disabled (free and non-free).