By "stopping spam" in a manner that defines all[1] email not originating at Google or MS as spam, while at the same time allowing thousands of spam messages to be send via their infrastructure with limited ways for others to block it....
[1] yes I am aware not all, but unless you are a big player good luck getting gmail or ms to accept your mail
> but unless you are a big player good luck getting gmail or ms to accept your mail
This 'evil corp blocks my SMTP server' superstition really needs to stop. False positives hurt them as much as it does you, so you bet that there is 0 incentive to block emails from your IP.
If the email is properly DKIM aligned for the domain, it really does not matter which IP address the email is originating from.
IP addresses (especially with IPv6) are ephemeral, and email providers have figured this our years ago. If spam filters were IP based and persistent, they would have blocked the entire IPv4 internet by now. So they don't.
Spam filters (not the one you run at home, but proper ones used by Google and MS) use the email's content and domain reputation. Most of it is ML driven. IP addresses are irrelevant, unless when you force the receiver to fall back to IP assessment by not signing your email.
TL;DR: if your SMTP service is being blocked by 'large evil corp', it is because your domain and/or SMTP service are not properly configured.
That is not a requirement specific to Google. Most inbound SMTP services require this, even most open-source implementations. This requirement is not invented by Google, but caused by spammers using botnets.
Also, not being able to set a reverse DNS for a domestic IP is not Google's fault, it is your ISP not allowing you to 'own' an IP, and not allowing you to set a reverse DNS for the IP they lease to you.
This is why ISP offer business packages. These will allow you to own the IP (block), and set reverse-DNS for it.
an example that comes to mind : find me in the RFC where it is stated that blocking residential ips is ok. (google does this, so not compliant to original standard)
I would also add (but this is not email per se) : no adoption for GPG/PGP this makes your cryptographic signature a bare textfile attachement.
My mail server occasionally receives mail from residential ISPs and it's literally always spam.
If people could be trusted to manage their mail server we wouldn't have this problem, but IoT crapware is still listening on port 23 till this very day and the manuals still state that you need to disable the firewall and forward all traffic to your shitty webcam for it to work. Reporting this abuse to the carrying ISPs is about as useless as shouting my complaints down the toilet.
Until both IoT production companies and individual consumers take responsibility for the awful internet created by these maliciously incompetent users and the laughably bad IoT devices they buy, I'm not removing this filter rule from my mail server.
I do usually get a notification that something hit quarantine so if it sounds important I can still see it, but I've never had to release mail banned for this reason so far.
Denylisting whole ip ranges is lazy and hurtful. Google accepts email from residential ips. Why can't you?
> My mail server occasionally receives mail from residential ISPs and it's literally always spam.
I sent mail from my home isp for years, until people like you made unfeasible.
> I do usually get a notification that something hit quarantine so if it sounds important I can still see it, but I've never had to release mail banned for this reason so far.
Most small operators refused to allowlist me even after making phone calls, etc.
> Google accepts email from residential ips. Why can't you?
Because Google receives enough email to tweak its spam filters sufficiently. I have to rely on more general block lists.
> I sent mail from my home isp for years, until people like you made unfeasible.
I've accepted mail from home ISPs for years but a recent-ish (±5 years ago) but short wave of spam from botnets made me turn on the spam filter on my new server.
> Most small operators refused to allowlist me even after making phone calls, etc.
With my setup you won't even have to call me because I'll probably whitelist your server anyway. May take a day depending on how recent the latest quarantine report was, but that's no different from normal email anyway. My spam threshold is quite high so if you take the normal measures (SPF/DKIM/reverse PTR/etc.) you probably won't even hit the spam filter.
> find me in the RFC where it is stated that blocking residential ips is ok
Is there one that actually states it isn't OK, that I'm unaware of?
It perhaps goes against the spirit of the RFCs and other documentation written at the time, but that is understandable because a lot of that stuff was written from the standpoint of being able to trust people on the Internet, including that they fully understand and have properly secured the hosts under their purview…
I send mail from home just fine, though my connection is through an ISP that is generally identified as offering commercial accounts (AAISP). You do have to make sure that you have SPF and DKIM configured but that is the case elsewhere too.
My machines see quite a lot of activity (SSH login attempts, attempts at brute force logins & scans for known vulnerability in old versions of HTTP(S) hosted software, and more, not just attempts to send junk mail) from what appears to be compromised machines on residential connections.
How so?