Get the top HN stories in your inbox every day.
mosura
stingraycharles
To be honest, the internet was worse without Cloudflare, so as long as they provide a good service for their customers, I’m fine with it. This is one of those.
Google is in a perfect position to compete but they don’t, so it’s not like Cloudflare is a monopoly or something.
At least they’re not selling ads using your data.
egorfine
> the internet was worse without Cloudflare
It had much more freedom. Currently it's up to Cloudflare to decide whether you will read that article or not. Tomorrow some stupid law will mandate certain ideas to be hidden from children[1] and Cloudflare will happily comply.
chipgap98
How is this not a problem with the law rather than a problem with Cloudflare?
zenmac
For example, recently certain big corp ask me to verify something. I clicked on the link in the E-Mail and it was suck on Cloudflare the click button over and over again. No matter how many times I clicked.
Do I need to find another internet access now?
_heimdall
Nearly any company under a government's jurisdiction will comply to a legal order to censor content, especially if its done in the claimed goal of protecting children.
Those companies that don't comply will be shut down or targeted in some way if the legal order had any political teeth behind it.
There's no way around that unfortunately, short of limiting government power in the first place so such an order would never be lawful.
ezfe
It's not up to Cloudflare, it's up to the businesses that choose Cloudflare for that protection.
osigurdson
>> Currently it's up to Cloudflare to decide whether you will read that article or not.
How is Cloudflare gatekeeping things? I believe you but don't understand the mechanism.
stickfigure
> It had much more freedom
...right up until you got DDoS'd off the internet by some script kiddie "for the lolz".
Crosseye_Jack
> Tomorrow some stupid law will mandate certain ideas to be hidden from children[1] and Cloudflare will happily comply.
Already happening, Well its more more "think about the big corps" than think of the children, for now....
https://torrentfreak.com/cloudflare-starts-blocking-pirate-s...
thedelanyo
What's stopping you from creating a competitive feature?
marginalia_nu
So far Cloudflare have generally been good guys on the web. They're in an incredibly abusable position, but so far have refrained from doing that.
So far.
The problem with Cloudflare is that institutions change over time. It's a slow process, doesn't happen overnight, but it does happen to almost all of them sooner or later. Building institutions that stay good is one of the big unsolved problems for humanity.
The problem with Cloudflare is what happens the day this good guy MITM:ing half of the web is no longer a good guy. We need to at least have a plan for dealing with this scenario, because otherwise this could get very ugly.
cookiengineer
I've got a treat for you, cloudflare's business model moved heavily towards crime as a service during the last decades, including DDoS botnets that host their own CnCs behind cloudflare, while themselves even relaying cloudflare DNS data to DDoS cloudflare instances itself.
The guy behind Crimeflare, when it was still available, tried to accumulate a dataset by running his own resolver, which filtered out domains in the zones of cloudflare's known ASNs.
This was actually also part of a lawsuit against lieferando (takeaway) because they're registering domains of restaurant owners and blackmail them into using their delivery service, after they already registered the Google business entry with that cloudflare domain to a call center of Takeaway, so the actual owner of that restaurant has no chance in terms of SEO and google searches that people would find them again.
Anyways, the dataset is pretty fascinating:
[1] https://web.archive.org/web/20210826102143/http://www.crimef...
[2] https://web.archive.org/web/20210826103036/http://www.crimef...
NotHereNotThere
Let's see what we discover during the next NSA leak.
segmondy
The internet is worse for me with Cloudflare. I'm using a cellphone router for my internet. My guess is I don't get a dedicated IP and probably behind a NAT with other users. 85% of my request needs me to solve a cloudflare captcha. on bad days I have to do this easily 100+ times.
r00f
It is not Cloudflare's fault. It means the website operators were so fed up with bots and bad actors that they just applied a carpet ban and called it a day. Thanks to Cloudflare I was able to reduce my website load threefold and downscale my VMs and my monthly cloud bill, and seeing how 50k daily requests were shown CAPTCHA and not even tried to solve it makes me terrified of running anything without Cloudflare.
Don't blame site owners and service that is trying to help them. Blame the fact that 90% of today's Internet traffic is bots
gruez
But what's the counterfactual? People use cloudflare because they want protection from ddos attacks and bots. If cloudflare didn't exist there would probably be similar measures.
hnav
Have you played with IPv6 vs IPv4? Wonder what's worse there, CGNAT-ed IPv4 or an inherently low-reputation IPv6.
jasonvorhe
I don't know what kind of internet you used but mine didn't randomly decide to block my access to a website because some quasi monopolist decided I wasn't allowed to use a certain website for intransparent reasons.
troyvit
Being blocked from a web site and having to hit a little box are two different things. Are you talking about the former or the latter? If it's the former ... that has literally never happened to me unless I'm on a VPN and even then it's rarely (if ever) CF that's doing the blocking.
If it's the latter then it reflects the sad truth that we can't have nice things anymoret. I have lots of problems with the accessibility of that box, but either Cloudflare would be implementing it, somebody else would be implementing it, or a huge chunk of data would be unavailable to you anyway because of accidental DDoS attacks caused by irresponsibly deployed bots.
stingraycharles
That’s the website owner deciding to do that, Cloudflare just gives them the tools to do so.
riedel
CDNs always existed IMHO. The world before cloudflare was just much more hidden. In general I find their take at the typical cloud business from a network perspective mostly refreshing.
However, I guess they have become the major player now and certainly try to optimize the world towards their business model.
IMHO it needs other enterprises entering the competition. Maybe it could be new more software defined mobile network providers offering edge compute. Maybe data from IoT could never enter the Internet and we could have some confidential computing power when we need it for our IoT stuff. Maybe we could get a more decentralized Internet again...
motorest
> However, I guess they have become the major player now and certainly try to optimize the world towards their business model.
I don't think that's it, and I think the explanation is much more simple and straight-forward.
Cloudflare established a very successful business model around a straight-forward, very transparent, no-bullshit CDN. Now, they started offering other cloud services build around their CDN. Cloudflare Workers kind of extend their CDN pipeline to allow clients to run arbitrary code to customize caching logic, but it turns out their function-as-a-service model is exceptionally good, and higher-level services like email are a low-effort way to meet existing needs.
agrippanux
Oh I remember a time before CDNs and a big part of your startup fundraise was to build out your own setup inside a data center.
mrweasel
I still believe that CloudFlare means well, but that doesn't mean that I agree with the increased centralization. This isn't the fault of CloudFlare, they are just exploiting a business opportunity and as you say: At least they're not selling ads.
It is a legitimate business, from my perspective. I'd just wish we weren't in a situation where CloudFlare isn't exactly struggling to sell their services.
motorest
> I still believe that CloudFlare means well, but that doesn't mean that I agree with the increased centralization.
I'm perplexed by this sort of comment. Cloudflare doesn't even feature in the top 10 of cloud provider market share, and the number 8 spot already reports 2%. And here you are, complaining about Cloudflare and centralization.
Furthermore, AWS is by far the biggest cloud provider, reporting around 30% market share, and I don't see AWS being referred as a concern.
kalaksi
> At least they’re not selling ads using your data.
Yet. Since it's an american company with an ever-growing influence, I dread and expect that to change, among other things, down the road. I assume the three-letter agencies also already MITM the traffic.
nenenejej
Assume your beloved tech company can be bought by Oracle and proceed on that basis.
1vuio0pswjnm7
"To be honest, the internet was worse without Cloudflare, so as long as they provide a good service for their customers, I'm fine with it."
Cloudflare not only blocking IA but asking for money on behalf of the website operator, as a "service"
https://web.archive.org/web/20250920180605if_/https://www.th...
542458
That's the site owner demanding payment via cloudflare, not cloudflare unilaterally deciding to charge money (as far as I can tell at least).
https://blog.cloudflare.com/introducing-pay-per-crawl/
Looks like The Verge either set up an excessively tight pay-per-crawl policy or doesn't want IA scraping their stuff.
stingraycharles
Cloudflare offers a service to website owners to do that, yes. It’s the owners’ decision if they want to monetize on the content.
Is it that bad that Cloudflare offers people these choices?
1vuio0pswjnm7
Not restricted to CF
https://web.archive.org/web/20250826113041if_/https://www.in...
safety1st
I dunno, I am basically a dick to Big Tech all the time, give me an opening and I will go after them with gusto, but I can't really find fault in Cloudflare offering email sending infrastructure.
The ire should be reserved for if and when they establish some kind of monopoly or other anti-consumer practices, fall afoul of anti-trust law, and inevitably the US government gives them a free pass for criminality like it has been doing for years with dozens of other Big Tech mergers, rollups, exclusivity dealings, etc. and appears to have just done again with Google a few weeks ago.
It is fine for big companies to offer competing email sending services. It is not fine for them to break competition laws.
Also yes, please do set up SPF, DKIM and DMARC for me. I may very well end up using this down the road because they say they'll do that for me and I just don't want to think about them in some situations.
toomuchtodo
> Also yes, please do set up SPF, DKIM and DMARC for me.
I'm going to take this opportunity, because hopefully Cloudflare will see it, to request they support SPF record flattening natively.
neximo64
And then they'll offer to 'protect' you from AI scrapers for a fee and then bulk negotiate against Google, etc for another fee.
nextos
If you use an old web browser, lots of sites are already not usable because Cloudfare's CAPTCHA will deny you entry.
New but non-standard niche browsers are also problematic.
pmdr
I usually have the same (residential) IP for weeks on end and there's absolutely no malware or scraping or whatever the heck it is that Cloudflare thinks it's protecting against going on in my house. Yet I still get blocked or captcha'd.
Website owners may understandably be appreciative of CF. But as as someone browsing the web, I think it's done a lot of irreversible* damage to the open internet.
* I say irreversible because I don't think they'll be looking to improve this anytime soon, but rather add more restrictions.
ta1243
And when you use decent protections against the worst bad actors on the internet (dns blackholing, adblocking, cookie dropping/corrupting, vpns) cloudflare again causes problems
Just be a good little consumer.
mosura
I am certain this is the intended endgame. LinkedIn/X style verification to prove you are not a bot once the hold is in enough places.
That such a database has other uses would be a happy coincidence.
blibble
and then capture the data on the sly and sell it to the AI scrapers anyway
matthewaveryusa
Yes, but also you can't send an email in any meaningful way on the internet without going through a middleman anyways so while philosophically you're correct, in reality it's already the case.
SahAssar
I don't think that is true for email or xmpp. Could you please explain?
implements
You can roll your own email if you can get your head around setting up an OpenBSD box and configuring OpenSMTPD and the correct domain DNS records - but the issue will be email deliverability. Gmail etc are going to treat as spam most emails that turn up from a residential or VPS linked IP address.
Personal email servers will communicate with each other happily but you need a middleman one for important recipients if you want to be sure it gets into an inbox.
bilekas
Yeah it's already a known point of failure. The annual chaos is always when they have some downtime. They do offer an incredible service though. Would like to see some competition but it's not easy.
johncolanduoni
I’ve never understood the evil MITM endgame here. Cloudflare’s ToS and contracts prevent them from doing nastiness with your data without breach, and approximately all their revenue comes from large enterprises that will leave in droves (and some will actually sue them) if they started exploiting it.
The thing where they let DDoSers use them to protect their public sites from rival DDoSers is sketchy as hell, but doesn’t rely on having your data.
encrypted_bird
> Cloudflare's ToS and contracts prevent them from doing nastiness with your data without breach ...
Contracts can be and regularly are changed. Ebay, PayPal, Etsy, Google, Microsoft, ad nauseum all have done this many times.
Contract-based protections mean very little if those clauses are non-perpetual and revokable.
johncolanduoni
Sure, they could try adding “your data is our data” on the renewal of a few million dollar enterprise contract and see how that goes - probably a redline with a nasty Zoom call attached. They could rug-pull this on free and small business users to a degree, but I don’t even see how it would be worth it. It’s such a small proportion of their traffic, and the fact that this is even a thing on their platform would scare away regulated customers for sure.
blackoil
Changed by informing in advance. If they change it to scrape your data to sell it to advertisers or someone, drop their service.
no_time
>Cloudflare’s ToS and contracts prevent them from doing nastiness
Crypto AG's ToS also presumably said "we pinky promise not to backdoor our devices" when selling it to foreign governments, and look how they ended up.
johncolanduoni
Crypto AG was a literal CIA front. Are you saying you think Cloudflare is a CIA front?
pluc
https://blog.cloudflare.com/enterprise-grade-features-for-al...
That's great - and maybe I'm cynical - but that's right where my mind went when I read that. Trading income for control isn't a bad game..
olivermuty
I have been logging in via ssso on business non enterprise plan for a year. Am I a part of an a/b test or what?
jimmydoe
Good point, but I guess we are stuck here.
I don't think Cloudflare did anything major wrong, most of what they offer have plenty of alternatives, but Cloudflare is able to do a lot for free which really isn't their fault.
There are complain about its cache's captcha, I get it, ideally it should not discriminate any human user, but IMO it's an economical problem unless we collectively decide what they do is public utilities.
6thbit
> Today, we're excited to announce just that: the private beta of Email Sending, a new capability that allows you to send transactional emails directly from Cloudflare Workers.
So many comments here assumed from the title they're offering a hosted email service, they aren't, they are announcing their own Sendgrid.
mustaphah
More like Amazon SES than Sendgrid.
stavros
That's exactly why I'm excited. I could really use this.
toomuchtodo
Please blog about it if you do!
stavros
I can, but wouldn't that be a boring post? "I set my SMTP servers to this other thing and they still work"? :P
Or do you mean if I get access to the beta? I probably won't :(
SilverElfin
What’s the point of it for Cloudflare? It feels like they’re randomly offering different products. Are they trying to be a full cloud platform like everyone else? If not, then what?
qeternity
> Are they trying to be a full cloud platform like everyone else?
Yes.
mvdtnz
Cloudflare workers are incredibly powerful and only getting better. This is just another step in the right direction for them.
undefined
xyst
Relying on a single, US based company for this need is a bit dangerous.
maz1b
It's unfortunate that email hosting and email infrastructure can really be done only well by major players. The days of people running and maintaining their own are pretty much long gone.
Fwiw, not a knock against CF. I like their products, mostly simple, fair pricing, etc. Just a bit unfortunate commentary on the state of email infra on the internet.
drnick1
I run my own email server and you couldn't pay me to use a commercial provider like Google instead. The privacy benefits are huge and there is no one to restrict my storage or change my "terms and conditions" overnight.
The days of people running their own servers are gone because of the shortsightedness and laziness of IT managers. They though the "cloud" would be easier and cheaper, and they are now trapped.
matheusmoreira
You don't have deliverability issues?
I entertained the idea of running my own mail servers for a while. After researching the topic it turned out that the internet now runs on an IP reputation system. Major email services like gmail assume that anything sent from unknown IPs is malicious.
So it looks like we've gotta be well connected to federate with the other email servers now. A nobody like me can't just start up his own mail server at home and expect to deliver email to his family members who use gmail or outlook. So I became a Proton Mail customer instead.
dpifke
I've run my own mail servers for many decades and have never had any deliverability issues. I've also never used bargain basement cloud VPS services with horrible reputations.
The best way to ensure a good reputation is to obtain your own address space from a RIR. Barring that, you need to choose a provider with a decent reputation to delegate the space to you.
nicoburns
> After researching the topic it turned out that the internet now runs on an IP reputation system. Major email services like gmail assume that anything sent from unknown IPs is malicious.
You have to buy/rent a dedicated IP address (that you'll be able to keep long term), and it warm it up by gradually increasing mail volume over a few months to weeks. But once you have, deliverability shoudl be fine.
I think the bigger issue is needing to keep on top of mainenance of the server.
truekonrads
Deliver via sendgrid*, receive directly is probably the only viable path for self hosted systems.
Where sendgrid=any major player, could be Mimecast, proofpoint or anyone else who will forward outgoing email.
drnick1
I don't have deliverability issues to the big providers, but that comes down to the age of my domain and my IP in a clean non-residential block. But you won't have reputation issues if your friends and family also run their own server and don't enforce such arbitrary requirements. Running your own servers, not only for email, is the only way to regain control over your computing.
jedberg
> The privacy benefits are huge
Are they? I'd bet 90% of the email in your archive went through Google or Microsoft or Yahoo's servers, and most likely a copy still resides there.
If you're sending to or getting a message from a Gmail account, Google still has a copy.
xp84
Can you share what your antispam strategy is?
I have arrived at the opinion that what I would do if I moved to selfhost would just be to pay some trivial amount for outbound email via a provider like sendgrid as someone else in these comments has also mentioned. Since I send out maybe a half dozen emails a month I don't think this would be a big deal.
But when I relied on selfhosted email several years ago, I was always inundated with spam, which SpamAssassin was wildly undermatched to handle -- that was one of the main reasons I moved to gmail. So I'm curious what people who are happy self-hosting today are using.
drnick1
My suggestion would be to use a unique alias for each website/company. This way, if you start receiving spam at that address, you know who leaked it, and can simply delete the alias. You should also then publicly name and shame the source of spam.
I also run SpamAssassin on my server, but I don't believe it ever had to do anything.
kuon
Reverse DNS check and rspam check at connection phase (no spam folder and false positive gets an email from their MTA)
undefined
stackskipton
I’m the reverse, I can Microsoft 8 bucks not to mess with this? Sign me up!
cullumsmith
I've run my own mail for 10 years (postfix/dovecot/rspamd), no issues. Reverse DNS, SPF, and DKIM records need to be in place, but that's a small lift.
Well, one time I was unable to send mail to a guy with an ancient @att.com email address from his ISP. I got a nice bounce message back with instructions to contact their sysadmins to get unblocked.
To my surprise, they unblocked the IP of my mail server in a matter of hours.
everfrustrated
Private email will have no problems. I also ran my own mail server for personal use and had almost zero problem (and this was on an AWS IP!).
Where people will absolutely have problems is trying to run a marketing campaign through their own IP. You absolutely will (and should) get blocked. This is why these mixer companies exist and why you pay for an intermediary to delivery your mail.
sgt
This is a myth though (with some truth to it in certain cases). I've run my own mail infrastructure since 1999, no issues.
cj
I suspect if you shared more info about your mail infrastructure, it might reveal that what is working for you is too complicated for 99.9% of people to set up and maintain themselves.
seszett
I don't think the goal is that every non technical person can host their own mail infra.
But most people who can run a server should be able to setup OpenSMTPd with the DKIM filter and Dovecot. It's much easier than configuring postfix like we had to do in the past.
To answer a sibling comment, the last time I received an answer is a few minutes ago. The correspondent's email infra is hosted by Google.
sgt
You're right, it used to be a bit complicated. Now you just need to have a reputable and clean IP address, and knowledge of running some services in docker and of course understanding DNS and its crucial role for running a mail server.
I used to run all the components and maintain it (even that wasn't bad), but I changed to mailu[1] about a year ago
[1] https://mailu.io
kordlessagain
Your argument might have worked 5 years ago. Now, with AI, it's very dated.
zokier
It is probably because you have run it so long that you have good reputation and less issues. Too bad we don't have time machine to go back to ninties to start building up reputation.
lomase
Every single IT team I know wanted to get rid of the mails servers.
I don't know why. At the same time they don't want to get rid of the bbdd servers, or the app servers.
Maintaining a email service must not be as easy for them.
nicce
Have you had static IP since then? A problem is that most new mail servers will have IP address with history.
sgt
The current static IP (it changed over the years) I got in 2016 or so.
logicallee
>This is a myth though (with some truth to it in certain cases). I've run my own mail infrastructure since 1999, no issues.
when was the last time you got a reply to an email you sent?
sgt
All the time. I use it in production and I have many users.
SoKamil
Well, it’s hard to beat 26 years of expertise.
python273
It's really not that hard to run a mailserver with https://github.com/docker-mailserver/docker-mailserver
The problem is that Gmail will bounce any emails from DigitalOcean IP, even if you sit on this IP for years (so no recent spam), even if replying to someone, even if you registered as 'Postmaster' on Google.
So if you want to selfhost, you'll first need to find an IP that's not blocked to begin with.
TZubiri
> It's not hard, if you do it in a way that you can't send to like 50% of the recipients.
So it's hard (to do well)
>The problem is that Gmail will bounce any emails from DigitalOcean IP, even if you sit on this IP for years (so no recent spam), even if replying to someone, even if you registered as 'Postmaster' on Google.
>So if you want to selfhost, you'll first need to find an IP that's not blocked to begin with.
I'd say this is just the thing antitrust was made for. Hopefully some incumbent can get them to court.
SahAssar
That is not my experience at all. Using a pretty fresh IP and domain I get pretty good deliverability as long as I have proper rDNS and all the other normal steps (like DKIM, etc.)
sgustard
Cloudflare's customers are companies that have to send out, say, reset password emails and verify account emails and other crumbs of the modern web. You want me to build my own infrastructure for that? Personally I can't wait for them to expand to SMS and crush Twilio.
parliament32
> The days of people running and maintaining their own are pretty much long gone
This is very much a myth. There's a lot of FUD around how mail is "hard", but it's much less complicated than, say, running and maintaining a k8s cluster (professionally, I'm responsible for both at my org, so I can make this comparison with some authority).
Honestly `apt install postfix dovecot` gets you 90% of the way there. Getting spambinned isn't a problem in my experience, as long as you're doing SPF and DKIM and not using an often-abused IP range (yes, this means you can't use AWS). The MTA/MDA software is rock-solid and will happily run for years on end without human intervention. There really isn't anything to maintain on a regular basis apart from patches/updates every few months.
btown
I think that there's a mindset among younger coders that "if it's not a modern post-AWS cloud provider, servers will take ages to come online and aren't going to give me full access, that's why EC2 exists." And this is conflated with the myth that running a mail server is hard.
But in practice, you can find any number of VPS providers, running in local datacenters, with modern self-service interfaces, with at least some IPs that aren't already spam flagged (and you can usually file a ticket to get a new IP if you need it), that are often cheaper per month than AWS, and give full root and everything. Find a service that will help you warm the IPs before you send to customers, and you're good to go!
drnick1
This is 100% my experience too. Self-hosting email isn't any harder than self-hosting something else and there is no maintenance beyond apt update and apt upgrade. Even if you choose to do this in hard mode using postfix/dovecot instead of a dockerized stack, you can get a working config in a few minutes from an LLM these days.
tyingq
I think this quote:
> > The days of people running and maintaining their own are pretty much long gone
Is less about the pieces you've mentioned, and more about reliable delivery without fighting blacklists, ip/domain reputation blackholes, etc.
jedberg
> There's a lot of FUD around how mail is "hard", but it's much less complicated than, say, running and maintaining a k8s cluster
The main difference is that you're fully in control of the k8s cluster, but no matter what you do, you don't have control over the email infrastructure, because deliverability depends on the receiver. On every receiver you send to.
People say "I don't have deliverability problems!" but how do you know? Most places don't tell you they rejected your email.
parliament32
Meh, one could also complain they don't have control over backbone networks, transit, peering agreements, and intermediary routing therefore hosting a service on k8s is futile without using a managed provider / PaaS.
> People say "I don't have deliverability problems!" but how do you know?
Because people reply to my emails.. because I email documents to family/friends/landlord/etc and they receive it as expected..
> Most places don't tell you they rejected your email.
Of course they do, this is what DMARC is for.
TZubiri
I see this common pattern where a previously private infrastructure is opened up (usually from low abstraction), and the ecosystem is split into an open base and a private thin layer, and that private layer might just reimplement the same tradeoffs that the incumbent private monoliths made.
Examples being Git/Github, Crypto/Centralized Exchanges, and as per the topic, email.
But I think that it's an important distinction that the base infrastructure is open, and that technically an incumbent could join the fray, albeit with a lot of catching up to do, and mix it up.
egorfine
> I like their products
I do, too. What I don't like is that they became too large and now are effectively in position to gatekeep the whole internet.
pier25
Great move. Will probably switch to it immediately from Sendgrid as soon as it goes GA.
Sendgrid recently killed their free tier (100 emails per day) and their lowest plan is now $20/month for 50,000 emails. It's totally overkill for low traffic projects.
rcleveng
Even with those pricing structures, 95%[1] of the spam I get comes from sendgrid. To their credit, their abuse@ address is good at handling the reports and they reply with a followup that the report was received and able to be acted upon[2].
The volume of spam (for me) doesn't seem to be decreasing from them, so there's a lot of moles to whack.
[1] Just a guess from looking at the last weeks [2] I know it's automated, but often there's 2 that come with the 2nd one stating it's acted upon, so i'm hopeful.
friendzis
These services are just spam-circumvention as a service. It's cheaper and easier to pay 20 bucks to sendgrid and let them fight the fight with google/microsoft/yahoo than to circumvent spam protections of the big providers.
You can very reasonably and reliably expect spam amount to correlate with the cost of sending said spam or expected return. At any service. There used to be a time where you HAD to check your mailbox several times a week or it would (literally) overflow with spam.
mfkp
Zeptomail by zoho has been reliable for me and extremely reasonably priced: https://www.zoho.com/zeptomail/
stavros
This is really cheap, is the deliverability good?
mfkp
Yes, honestly been much more reliable than my previous provider (mailgun). Their IPs were constantly getting on spam blocklists with yahoo and hotmail. No issues with zepto so far, been using about 9 months.
pier25
This looks great. Thanks for sharing!
richwater
> Sendgrid recently killed their free tier (100 emails per day) and their lowest plan is now $20/month for 50,000 emails. It's totally overkill for low traffic projects.
With a pricing structure like that it appears they became too tired of verifying/validating users to not send spam. Unfortunately I don't blame them.
bachmeier
$10/year for 10,000 messages/year is 10 cents per message. (Or some other volume at 10 cents/message.) Surely too high for spammers but cheap enough for an app with a low message volume.
athorax
$10/year for 10,000 messages is a tenth of a penny per message
richwater
It's not about optimizing for low volume side projects.
Barrier to entry for (12 * $20) is much higher than $10/year and they figure that was worth the tradeoff of losing small fish customers.
pier25
isn't this done automatically?
sophacles
Sure, and then the spammers figure out how to fool the checks. And sendgrid has to figure out how to detect the new and improved spammers. Then the spammers figure out how to fool the new and improved checks... and so on.
The part where sendgrid has to keep figuring out how to make new and improved validation is expensive.
tmiku
Re: Sendgrid killing their free tier - I used them for the contact form on my personal website, and after they ended the free tier I was able to move to Resend (who has a similar free tier) without too much work. Pretty happy with it so far.
albertgoeswoof
The lowest plan $40/year for 1k emails/month isn’t on the Pricing page, but you can select it when signing up.
littlecranky67
Sounds expensive. Amazon SES has 1k emails/month included for free (if you use an API to send). When sending via SMTP that quota does not apply, but still 1k Emails just costs 0.1$ (yes, 10 cents). I do not use any other AWS services but SES for my emails because of the pricing, I host everything else on Hetzner.
albertgoeswoof
Yes but AWS SES emails don't get delivered to inboxes
johtso
Thanks for recommending mailpace, £7.50/month for 10,000 emails is very reasonable, _and_ they support idempotency! Definitely makes me consider switching to them..
iamcalledrob
Been using Mailpace for a few years.
Has been a 10/10 experience -- rock solid and extremely good deliverability.
Wish the pricing increased non-linearly though at higher volumes.
pier25
Thanks. It's not very smart to not list that plan in the pricing page IMO.
undefined
jasonfrost
Or migadu for 19/yr
sltkr
[dead]
alpn
smtp2go.com offers a free tier with 1,000 emails/month. I’ve been using it for a few small services I run and haven’t had any issues so far.
noman-land
Cloudflare themselves recommed(ed) Resend to send emails with workers. Generous free tier, simple. I didn't get too far down this road but for anyone interested: https://developers.cloudflare.com/workers/tutorials/send-ema...
mustaphah
Mailgun offers 100 emails/day for free [1]
freetonik
Finally. My two production projects are built entirely on Cloudflare workers platform, and I dread every time I have to login into AWS to manage SES. I even wrote a note for myself with instructions which buttons to press and where to navigate, like you'd write for your elderly relative who's "not good with technology".
aprilnya
Honestly this is why I like what Cloudflare is building nowadays. They aren’t just a CDN but rather they’re becoming a full on cloud, like AWS and Azure are - except their developer experience is just so incredibly better than any other cloud
aetherspawn
One thing I like about Cloudflare is that each product makes sense on its own, not like AWS: go make access policies in one place, ACLs in another, and before you know it you have no idea how anything works without taking an AWS Certified Consultant course.
Cloudflare feels like separate silos, each individually complete and usable. And the “minimum viable path to make-this-work” is usually 1-2 button presses, rather than filling in pages and pages of configs.
I also love that Cloudflare is scoped under each domain, it helps keep my projects separate.
SahAssar
My experience is pretty much the opposite. Bad support for common APIs like S3, terrible support for terraform/opentofu, none/lackluster help in support or github issues.
Manouchehri
I documented the process of using AWS SES from a Cloudflare Worker about a year ago.
https://www.ai.moda/en/blog/ses-emails-from-workers
Hopefully it’s helpful next time for you!
NoahZuniga
> Imagine a user emails your support address. A Worker can receive the email, parse its content, call a third-party API to create a ticket, and then use the Email Sending binding to send an immediate confirmation back to the user with their ticket number. That’s the power of a unified Email Service.
This is/was already possible. You can just reply to an email from an email worker.
joshcartme
I had the exact same thought. I guess now you could put something in a queue if you have to do non-trivial processing before replying, but that’s not what they wrote
fernandotakai
i did this exact thing literally 15 years ago with a simple django app -- there's no way they are using this kind of example in 2025 year of our lord.
mtrovo
Kind of off-topic, but it's such a pity that we arrived at email as the local minimum for the best communication protocol for transactional messages. Having to set up an email service just to be able to enable authentication flows on a new website is such a hindrance that I keep wondering if it would be different if sending push notifications to a cell phone was made an open protocol..
parliament32
It's because every communication protocol since has been a walled-garden with a rent-seeker attached. This is why open, federated protocols are so critically important.
citizenpaul
I hear your pain. However I think if you really look at it email is a good thing. Its brokenness is a highly desired feature. It is the last generally accepted tech bastion that keeps us from becoming some sort of always on the job star trek borg style creatures that cannot have plausible deniability that the computer failed.
Oh i didn't get that email.
Oh spam filter.
Oh so backlogged on email.
charcircuit
This is the fate of most open protocols. It becomes too hard to migrate to a new spec due to the increasing difficulty of coordination and then the protocol gets stuck in time.
ectospheno
Spam push messages don’t need to be a thing. Ever.
pphysch
China was able to pull that one off, pretty much no one uses email there.
mtrovo
What exactly are they using? Wechat messages?
parliament32
For registering/authenticating to service, SMS mostly. Same deal in Russia in my experience, basically every website/service signup asks for your mobile number and just texts verification codes.
jesterson
Thats nowhere near reality. Its used a lot in corporate world.
tracker1
I keep thinking that Email would be a pretty natural extension process with the workers model in general... if they offered workers that could handle a tcp connection as stdin/out from the application perspective. Especially in concert with D1, R2 and other services.
I think the biggest issues would come down to server-side search functionality though. For very basic services, and even most of common IMAP/JMAP, it could be pretty great. Working on an a major email platform is something I've really wanted to do for a while now. (cloudflare, call me)
xp84
Question for the Cloudflare people: We use sendgrid today, and create subaccounts through it (entirely with API calls) to allow our customers to add and verify their own domains (with a couple of DNS entries the customer can create). Then we can send out email on their behalf "from" their domains -- with DKIM, SPF, and all that still being happy.
Does the Cloudflare email routing product provide this same capability?
Oras
Been waiting for this for a long time! CloudFlare developer platform is underrated. The ability to use queues, cache (KV), Hyperdrive, and R2 (an S3 equivalent) with one line of code is just brilliant.
pluc
About their developer platform: https://blog.cloudflare.com/cloudflare-developer-platform-ke...
mtrovo
Same here. Cloudflare products are a really good balance for small projects that could eventually need to scale up. Durable objects is such a cool concept in itself that I don't know why it didn't catchup the same way in other providers.
codegeek
I really like CF focus on developers but their R2 is not quite configurable yet as S3. I am looking forward to move away from S3 if R2 can get their bucket policies and permissions as advanced as S3.
kylehotchkiss
Could you accomplish your needs in R2 just using more buckets?
codegeek
potentially yes. but that will not be a clean solution. One bucket per customer is our rule.
RandomBacon
My understanding is that "Best Practice" is to use different companies for different services (not to have all of your "eggs in one basket") in case something goes wrong with one company and they take everything down.
This is what I have...
Domain Name Registrar: Dynadot
DNS: Cloudlare
Hosting: Dreamhost
Email: Fastmail
Should everything be under Cloudflare? I think they also do domain name registration and now, soon email. Not sure off the top of my head if they do hosting.
ry167
You can't connect to your email or hosting if your DNS with Cloudflare is down.
Plus, Dynadot uses Cloudflare for their site, so you couldn't even change your nameservers if CF is down.
A random scatter won't protect you from a service like CF / AWS / GCP being down, and most users won't benefit from protecting from that sort of unlikely and major scenario anyway...
RandomBacon
That's a good catch about Dynadot using Cloudflare.
Ideally there would be a setup to avoid having the domain name registrar use a different DNS than me.
I'm more concerned if an over-zealous algorithm or employee shutting down an account and being able to just switch that one service to another company rather than losing everything.
hamdingers
I'm not sure what best practice actually is, but each different company you depend on is a different failure point. If CloudFlare goes down half the internet does (which is a problem of course, but not my problem), so from a purely utilitarian perspective depending on them feels like a safe bet.
bachmeier
Does Fastmail have an easy API for sending messages from an app? I've tried it before but found it much more complex than an API call.
nojs
They do, it’s call “pages”
Topfi
That seems very similar to Resend, which has been a joy to use for my part.
Get the top HN stories in your inbox every day.
Eventually all Internet protocols will be MITMed by cloudflare. Your single point of interception!