Why does netgate.com have googlemail MX record?

johnpoz

@VerticalTechnik said in Why does netgate.com have googlemail MX record?:

GAFAMs

Wouldn't that now be GAMAMs now.. with facebook now being Meta

michmoor

@VerticalTechnik
But how does that help
In evaluating a companies ability to do commerce or treat your data securely.

Unless you are saying that because Netgate uses Google mail servers Google can read their mail…but smtp is insecure anyway so what’s the point.
If we’re being honest you just have a “security” policy of not j business with any entity that doesn’t own their mail servers which is a bit insane in 2024 but that’s your decision. It’s just strange that you’re choosing an insecure protocol by default as your decision point but ok

johnpoz

@michmoor maybe he is ok with the other mail providers, and spam filtering services that many a company, and very large ones especially run their mail servers through.

Proofpoint is a big one that many a large company uses, we are moving away from them - they have been missing obvious stuff.

MS is part of GAFAM or now should really be GAMAM, so maybe they don't do business with anyone that uses any of these services. Companies putting their info up on onedrive for example.. MS prob filtering through that stuff for data as well, if they mining data in email ;)

dem

@VerticalTechnik said in Why does netgate.com have googlemail MX record?:

@michmoor GAFAMs.. for the ones who want to understand my thoughts on security and privacy evaluation.

Tell us your thoughts on the icons near the bottom of (what I assume is) your home page.

NollipfSense

Google is in the business of extraction of information without privacy regards...it's their nature and that's bad for the living or dead human being. I champion the small group from Spain that took on Google and won for the right to be forgotten. Doing business with Google supports that extraction. It doesn't bother me that Netgate is hosting their email server on Google...it's mostly or all encrypted emails when I communicate with the company. However, I wouldn't support Google economic extraction engine and I completely understand why that could turn off a potential client.

JonathanLee

PfSense needs one for alarm emails, also they have one to preset NTP on boot up before NTP servers come online for log tracking also. Don’t worry about it

johnpoz

@JonathanLee

JonathanLee

@johnpoz

dw

@VerticalTechnik
You haven't setup your DMARC properly.
No cloud services? what's this - Microsoft office 365.
Try to google for "could act" and you will not be able to sleep.

NollipfSense

@dw said in Why does netgate.com have googlemail MX record?:

You haven't setup your DMARC properly.

You really think DMARC policy stops Google...think again...here is a list from my company's DMARC report account of silly hackers attempt at using Google email service...OP's concern is legitimate..

dem

@NollipfSense said in Why does netgate.com have googlemail MX record?:

You really think DMARC policy stops Google...think again...here is a list from my company's DMARC report account of silly hackers attempt at using Google email service...OP's concern is legitimate..

Google will send a DMARC report even if it has only received completely legitimate emails from your domain. The fact that you've received a report from them proves nothing.

You can send your reports to a site like dmarcian to get a detailed report about what's really in them.

michmoor

OPs concern aside, i find this conversation pretty interesting. Grabbing my popcorn

VerticalTechnik

@dem Sure.. this is a good argument, and currently in progress to be changed. Nevertheless, this has an lower priority as giving potentially critical Hardware informations about Firewall, Network etc.. And this topic might be a controversial discussion.
Primally I wanted to give an input to Netgate, that this MX record does exist, and can avoid potential clients to buy their products. Sure its none of my business what Netgate thinks about it, but mabye some clients do care.

dem

@VerticalTechnik As someone who runs your own mail server, don't you find that most messages you send end up in SPAM folders? Also I'm curious, do you trust Proton?

NollipfSense

@dem said in Why does netgate.com have googlemail MX record?:

Google will send a DMARC report even if it has only received completely legitimate emails from your domain.

Not true...one receives a report only on spoofing or mistyped addresses...why would one need a report on legitimate addresses?

dem

@NollipfSense Google's help page says:

We recommend that you regularly monitor the daily DMARC reports that you get by email. Reviewing the information in the reports helps you understand what messages sent from your domain are passing Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) authentication, and DMARC authentication.

DMARC reports tell you:

• What servers or third-party senders are sending mail for your domain
• What percent of messages from your domain pass DMARC
• Which servers or services are sending messages that fail DMARC
• What DMARC actions the receiving server takes on unauthenticated messages from your domain: none, quarantine, or reject.

NollipfSense

@dem said in Why does netgate.com have googlemail MX record?:

As someone who runs your own mail server, don't you find that most messages you send end up in SPAM folders?

A properly configured email server rarely gets spam delivered...that's because all that spam gets trapped in quarantine or rejected...if you send me an email without me first allowing it to be delivered...I would never get it.

Cool_Corona

@NollipfSense Thats clever. Or not...

johnpoz

Spam is prob one of the biggest reasons companies just leave it to the big boys to deal with, ie host their email with a service.. Trying to play the wack-a-mole game of filtering spam from the users mailbox is an almost never ending job.. So you have a smaller company like netgate.. Should they hire someone just to run their email, and to do it right he/her/them is not going to be cheap.. And you prob going too end up with more than just 1, and then there is hardware, and then there is uptime to consider, etc..

While you might be all worried about email hosting company X data mining your email?? The client company just wants their email to work, and not be flooded with spam or viruses - phishing, etc.. which 1 user on their network clicks the wrong thing, fills out the wrong request for info they got in email they thought was legit, and the whole company is down or compromise way worse than any company doing mining of info from email they might be scanning..

Your free to pick and choose with whatever criteria you want for picking who you do business with.. But google email is a huge player, there are millions of companies running their email through them.. If you limit to who you do business with that run their email through google - your not going to have many vendors or customers to work with that is for sure..

Where should a company spend their most likely slim margins they are making.. On hosting and filtering their own email, making sure its up 24/7/365 and their own users can access it and not get phished, etc. Or farm that out to a service that does it with great efficiency and a reasonable price.. Which leaves money, resources of the company to do more worthwhile things like improve their product, support their customers, innovate in their field.. Or even just pay their employees better with the money they save not having to support and run their own email infrastructure..

NollipfSense

@Cool_Corona said in Why does netgate.com have googlemail MX record?:

Thats clever. Or not...

I set up a strict DMARC policy quite a while now and have filtered out most spam...a sender must first verify that the sender has the correct address before the sender is allowed to send me an email and if it's the first time sending me one, I'll need to retrieve it from quarantine.

Most companies are moving to a strict DMARC policy.