Home » email

Tag: email

Matrix, Synapse, and Element – Secure, Decentralized communication

Privacy and censorship are essential items in the minds of spiritual people. We like to be empowered and not give away our freedom to this company or the other. 

We have found alternative email providers that promise to take care of our data, but what can we do about the instant chat applications? 

The privacy-oriented alternatives to Messenger and WhatsApp that most people know about are Signal and Telegram. Those apps are now experiencing a surge of new users. 

But there is still an inherent problem with both Signal and Telegram. We need to rely on their promise that they will not sell out to the highest bidder and that conversations are kept private. On top of that, since each one has a central server, they are super easy to ban and block. Their terms of use may prohibit users from talking about certain topics deemed “fake news” or “misinformation.”

[Matrix] – The Open Standard 

One solution is to use an open standard called [Matrix] for our instant communication. 

Being an open standard is very important. It means anyone can implement it, but more importantly, anyone can inspect it to make sure it keeps its promise of decentralization and data privacy. 

The best way to understand how the [Matrix] standard works is to think of how we use emails. We each have our own email providers that may be different, and we each have our email applications that can also be different. And yet, we can all email each other with no problem. Isn’t that beautiful? 

What if we can bring the same ideas to instant chat? The idea that you can use different servers and various apps and still talk to one another. [Matrix] does that. 

Because it is open and designed to be collaborative, anyone can start their own servers that will connect to each other, and anyone with the skills can create a chat application or improve the existing ones. This openness encourages innovation, collaboration, and transparency. 

Since you can start your own chat server, you don’t need to send your communication data to a company like Facebook or even Signal. It can all stay on your server where you decide what happens to it. 

So why isn’t everyone on Matrix yet?

In one word: convenience!

A centralized server, a unique application, and a big company financing the system are incredibly convenient for the user. Why? Because everything is polished and streamlined to cause as little friction as possible because the company needs your attention and your data. So it is convenient, but you pay with your privacy. 

A decentralized architecture is much more challenging to create, maintain, and understand. It is not easy to grasp the idea that you can reach your friends on a different server and in a separate app. It is also more difficult to create an account because of all these micro-decisions that you have to make: what server will I use, what application is best for me, what kind of data am I willing to share on this server, whom can I trust in this eco-system? Oh, it’s is so much easier to “just use WhatsApp!”

And when you bring in encryption, things get even more complicated! 

What are public and private keys? Why should I care? Why do I need a passphrase? How will I remember all this stuff? What do I do if I get locked out? 

To understand this challenge, let us take a step back and look at the bigger picture. 

Here is what Facebook promises: “just give us your fingerprints, and use our app and we will take care of your security for you. You don’t have to worry about a thing. Everything will work at the touch of your finger. Let us be your BIG BROTHER.” 

Here is what [Matrix] promises: “we want to guarantee your privacy, and therefore we don’t want to know anything about you! So all the passwords, the keys, the personal identifiable data, it is yours to care about and store as securely as you know-how!”

Which one would you choose? Do you know how to store the password securely? Are you tech-aware enough to be confident in your decision? 

These are hard questions that you need to grapple with if you value your privacy and your ability to connect with your friends without a middle man.

The Open Standard – A blessing and a curse

Remember the talk about “email” from before? Do you know what made email so great? 

It was TRUST! 

When email was invented, the people that would use it would know each other and trust each other. This inherent trust allowed them to create something so open, so interoperable that it seems naive by today’s standards! 

The assumption was that every email user is a good person, and they will not abuse the system because abuse will make things worse for everyone.

Of course, we all know what happened soon after: spam, identity theft, and hacking. 

It really breaks my heart that an open standard based on trust is a honey pot for bad actors willing to abuse the system. It takes everything that makes the system beautiful and efficient and turns it against itself. Instead of focusing on innovation, you need to focus on security and locking things away.

The blessing of “anyone is welcome to use it” turns into a “someone will likely abuse it” curse.

We now live in an era where trust is at an all-time low. Especially on the Internet! All the open systems that we create today assume the exact opposite from the age of email: nobody can be trusted anymore

As sad as this may be, it is the reality we need to work with right now. And it is why tools focused on privacy are anything but easy, and flowing, and convenient. They can never achieve that goal because you will need to carry around, securely, your private key chains, your passwords, your passphrases. 

There are two takeaways here:

1) don’t even hope that a truly private app will ever be as easy to use as Telegram or Signal. That is not possible. It is you who needs to be responsible for your own data, not big-brother. 

2) in an open system, there will be bad people. What this means is that not all [Matrix] servers are good ones. Not all users on the [Matrix] servers are good ones. And not all chat apps that work over the [Matrix] network will keep your data private and secure. [Matrix] empowers you by not “taking care of you.”

Is your head spinning yet?

I understand. I am a tech person, and it took me days to digest this information and try to present it in a way that most people would understand and use. It is normal if this feels “hard”. Press on! 🙂 

My idea of helping is to shoulder some of the responsibility with you. If you trust me enough, you can use my recommendations below to get into the [Matrix] network easier. 

As an app I recommend Element

For a server, it is best if you can start your own, but if that’s not your thing, you can request an account on mine

I would avoid creating an account on Matrix.org. As they also point out, it would make them a sort of “central point,” which is counter to their philosophy. (If you need a hand setting up your own server, let me know.)

I will end by giving thanks to my friend Tim for making me aware of this information and to all the people behind Matrix and Element that put a ton of effort into imagining and bringing this forward. 

Meetings – as a display of power

Why yet another writing about meetings? Because it is an old habit that needs to change. And because it is so old, we need to challenge it strongly and repeatedly to defeat the inertia.

Most people go to meetings because they feel they have to, not because they want to or need to. 

When there is no engagement, the meeting becomes a waste of time and a show of status (“who’s who”).

If you are the meeting organizer, you may care a lot about your project or your idea or about getting feedback. But not everyone in the meeting cares about the same things that you do. And if all you can see around you are bored people who would rather be someplace else, what can you do differently? (assuming that you care)

You could change the meeting duration from one hour to 10 minutes! No more room for fluff, for checking the phone, or for being late. And above all, you show respect to the other participants forced to spend their time with you.

You could also simply cancel the meeting. Do you need to send an update? There is email; there is slack; there is the phone. Do you need feedback? You can use online surveys or schedule one-on-one interviews in cases where you need to go deeper. 

Above all, seek and measure engagement. If people around you are not engaged, everything moves in slow motion, and you are also missing on a ton of creativity that has no room to be expressed. 

If you are meeting participantwhat would happen if you didn’t go? Would the project miss a critical piece of insight, or would “people upstairs get upset”? If it’s just people getting upset for you being honest about not having anything of value to contribute, then maybe you need to bring this up. Challenge the reason you have been invited to the meeting and make sure you need to be there. If you know your input is valued and sought after, you will be more likely to be engaged. But if you feel like a replaceable cog in the system, then you won’t be missed. 

Another thing you can do is start a discussion about meetings around the office. Are they effective? And how do you measure that effectiveness? If there is little engagement, what can you change to have more of it? What would happen if you canceled the meeting? What is the difference between synchronous communication (phone and meetings) and asynchronous (Slack, email, voice messages)

With new technology, we can do better. Show respect and seek engagement, not a display of power.

How do you think meetings should change in the new environment? Who are meetings for, and what are they for?

Staying on top of your email. One account to rule them all!

Why yet another email management article? 

I am writing this article because, in my work, I have met many people who still struggle with managing their emails, and I can suggest a reasonably simple solution. 

The problem

Online communication still requires an email address. From making purchases to setting up a subscription and staying in touch with your audience, you will need to use email

The wrong solution for this is to use your personal account for all situations. The main reason people use this is that it is convenient. There is one account to check, one password to remember, one email client, to learn to use. It is hard to argue against these advantages. But there are serious drawbacks as well. 

  1. You expose your personal email to spammers. The logic is quite simple: the more places you use an email address, the more likely that some spammers will find it. 
  2. It also becomes harder to keep track of email and categorize it based on purpose: subscriptions, business, personal, marketing, etc. Everything piles up in one big inbox. 
  3. There are some privacy concerns. Using the same email everywhere allows data tracking algorithms to follow you around and to infer some usage patterns that you may not want to be exposed. But even more fundamental than that, you may want to avoid online stackers and trolls by being very careful with whom you share your personal email. 

A better solution is to use different emails for different purposes. It is keeping things separate. While this solves all of the problems above, it creates a big hassle with having to check multiple email accounts, managing various passwords, and using different email clients. 

The Best of Both Worlds

If you make good use of auto-forwarders and filters, you can have the best of both solutions. 

With auto-forwarders, you collect all of the emails into one central account. (For advanced users I recommend POP3 pooling instead, as it is better when handling SPAM.) The best way to create forwarders is to use the “Forwarders” feature for your hosting provider or email provider.

The second part is to use filters into your main account, you categorize, label and organize the incoming email based on the email address it was actually sent to. E.g., email that was forwarded from the business email goes into the business folder, emails from the customer care address will go into a customer care folder, and so on. 

The way you choose to organize your inbox is up to you, but you now have the power to do so because even though all email arrives in your main inbox, you know where it came from. 

Now that incoming email is sorted out, how about outgoing? 

Most email services allow you to configure “aliases” that will hide your main account email. In effect, this will enable you to “Send email As…” The power of this approach is that you can also send all of your emails from your favorite client, as long as you use the proper “Send Email As…” when you need to communicate from a different email account. 

The Short Recipe

1. Create different emails for different purposes

2. Setup auto-forwards to collect all the email into your main account

3. Use Aliases/Identities/Send As features to send email from the main account but “as if” from a different account

4. Use filters in your main account to organize the incoming email

The Discipline

For this to work, you need to be disciplined and follow this process. If you are in a rush, you may be tempted to use your main account when someone asks for your email. It is best to have a “disposable” account on hand for this situation. An account that is already configured. This way, you will avoid the temptation to share your main email account because you can’t be bothered to set up a new email.

What other strategies do you use to keep spam out of your inbox and organize your email accounts? 

WordPress and the Email Problem

Have you ever had a WordPress site and your outgoing email was just getting sucked into some kind of black hole, never to be seen again?

I have discovered through experience that this is very common. And the problem is not with WordPress, it is actually with your hosting provider.

The only reason WordPress seems to be the most affected it is because it is so widely supported by hosting environments and that it is free. And not all of the hosting providers do a good job with delivering your email.

When your website is using what is called a “shared plan”, this means you share the server resources with other websites as well. And those websites may not be as friendly and ethical as you are. In fact, because it is free and so easy to use, there are many people who abuse the email feature of WordPress to send spam.

The easiest solution for the hosting providers, in this case, is to just block the outgoing email capability for everyone, including you!

This does not only affect shared plan users.

After 10 years or running an online business, and keeping an email quality score of 9+ out of 10, our email got suddenly dropped. We had a dedicated server, so we were not sharing our IP with anyone else. And we only found out of this problem because of our customers complaining about not getting their orders delivered. Yaiks!

Contacting support did not help. There was just a general reply that all outgoing email was now routed through a different grid and they were very strict in their rules. The problem was that everyone was treated the same: spammer or genuine business! And of course, the common rules were those applied to spammers. The good history and reputation of our business did not matter anymore.

Complaining did not help so I had to look for

Alternative solutions

There are two that I found:

1) Move to a different hosting that knows how to manage outgoing email well. At the moment of writing, the only one I can recommend is SiteGround.

2) Buy an outgoing email service.

I will focus on the second one because there are some mistakes I made and lessons that I learned.

Since we were used to having free outgoing email with our server, it did not make sense to me to get a paid service. So I just looked for companies who offered free email delivery if you stayed under a certain quota.

This plan backfired big time. Most of our email was sent all right, but it was going straight into the spam folder of most of our customers.

Out of the Spam Folder

The problem was that the free plan was again shared with other people who were in fact spammers.

It was time to do the math and it became obvious that we were losing a lot of customers because we could not communicate with them any longer. At this point paying for a high-quality outgoing email service began to make much more sense. Once I took the leap I had no regrets. The kind of tools you get with a paid service, and most importantly the deliverability, generated more than enough customers to cover the costs.

For an online business where it is important to stay in touch with your audience, it makes sense to have a paid email solution.

I have used SendGrid in the past and I was very happy with them. But I have moved to MailChimp because of their better automation and better integration with WordPress.

Some Technical Details

Correctly setting up outgoing email involves some technical details about DNS, MX records, DKIM, SPF and others. These are beyond the scope of this article, but if you need some guidance ask me in the comments section.