Email immutability matters more in a world with AI

https://www.fastmail.com/blog/not-written-with-ai/

68•brongondwana•1h ago

Comments

blibble•1h ago

> The world is changing, and we need to adapt and understand it.

fastmail: read my lips: I pay you because you offer a traditional email service

if you add a single AI feature I will return to self hosting

toomuchtodo•58m ago

+1 as a fastmail family account customer.

mbesto•57m ago

Same here. Fastmail customer for slowly peeling myself away from gmail. Just keep giving me reliable email service and I'll pay you.

barbazoo•27m ago

Is there such a thing as a family account?

> Add a user to your billing plan to give someone their own Fastmail Inbox and login. Build your team, be it work or family, and share calendars, contacts and more. Give users extra addresses for free

The way my UX works is I can add users but they always have to have their own paid plan. Makes sense for heavy email users but not so much for my partner or our kids. I was hoping there was a 5 accounts for the price of 3 thing like Spotify et al do.

spott•24m ago

They have a “family” plan on their pricing page. “For up to six in a family. Private, secure email for everyone.”

withinboredom•55m ago

And all these services doubling or even trippeling their price to offer the same thing ... but with AI! I'd happily pay fastmail double the price, without the AI.

gdulli•37m ago

Heard, but let's not give them ideas.

jimbo808•20m ago

I genuinely tried to embrace them, but I have found these AI "enhancements" to be utterly useless. Very rare that they can answer the question I'm having about the product. I'm not sure what the norms are for how these assistants are trained or fine tuned for the specific products they're being offered in, but it seems that they're pretty bad. They don't seem to know anything about the product you're using them in.

daveguy•50m ago

The entire article is about protecting against AI, and their internal policy on AI use. No new features mentioned.

28304283409234•44m ago

Same. Family account. Stay simple.

dlcarrier•14m ago

Self hosting? I can't even visit simple static web pages without Cloudflare blocking me because my web browser isn't sufficiently trackable. There's no way they're letting self-hosted email messages get through.

mlhpdx•1h ago

Interesting take. I have decades worth of email archived, so it does ring true for me at least. I doubt anything in there is more interesting to Big Brother but who knows?

Night_Thastus•54m ago

Interesting to federal government, not likely. Interesting to marketers and scammers, absolutely.

Night_Thastus•55m ago

"An email is your copy, and the sender can’t revise it later."

Sort of. They can't change plain text, but modern emails often include vast swaths of remote content. When you open the message, it retrieves the relevant assets directly from whoever sent the email. That remote content is not permanently stored. It's cached for a bit and will not be re-used if the email is opened months or years later.

If those assets disappear or are changed, there's very little any email provider can do about that.

toomuchtodo•52m ago

The provider could create a snapshot at receive and/or open (fetching these potentially mutable asset dependencies within a message), similar to what https://github.com/karakeep-app/karakeep and https://github.com/gildas-lormeau/SingleFile do with url bookmarks, and attach it (or otherwise associate it) to the message. Optional of course.

The benefit of this is senders couldn't treat it as a read receipt, because the provider can state "Our infra performs this operation for the user for immutability purposes" similar to other email operations that proxy these requests for privacy purposes.

kenferry•50m ago

Modern marketing emails, yes… not emails written as correspondence. I don't think this post is talking about marketing emails.

mikepurvis•49m ago

I don't think that's really the case, is it? At least, not in any formally-specified way. Modern email clients will extract metadata for things like airline reservations, shipping trackers, ICS calendar invites, etc, and give you live tiles specific to that time-sensitive info, but it's very clearly supplementary and at least in GMail none of it is pretending to be part of the message itself.

IanCal•43m ago

Images are the clear thing that is typically remote - sometimes to the point of an email that’s entirely just an image, or rather a link to an image.

ian-g•2m ago

Narvar's tracking emails are mostly-image

And on the one hand, it's cool as hell to see your email update itself to show tracking progress

On the other hand, just send me a new email. It's fine, I promise.

acdha•41m ago

If this was correct, you wouldn’t be able to read those messages with remote content loading disabled or when in airplane mode. It’s pretty uncommon for me to get messages where that’s the case, and those are almost always marketing spam so, as they say, nothing of value is lost.

Apple’s private loading feature also shows how that could be fixed: the mail server can retrieve the referenced content once and save it so you’d always know what was served at the time the message was sent.

bbarnett•39m ago

This isn't entirely true. While HTML email sometimes does have html tags in it, and can remotely download embedded images, it doesn't necessarily retrieve the asset from the person who sent it.

It could be anywhere, which is another knock against HTML email.

Which is why text only email is still king, and used in a lot of places still.

munk-a•36m ago

When it's a silly marketing email - sure. But you'd be surprised how hard you need to work as a sender to ensure that your content will render correctly if your business is actually to deliver information via email. Remote content is ignored by default by almost all modern email clients (since developers got sneaky and started using it for tracking) so a good email with rich content is usually embedding all that content into a multi-part email and leveraging static styling rules to provide as much formatting as possible.

lupire•42m ago

This is just an ad.

azhenley•40m ago

So should I stop building my AI-first email client?

IncreasePosts•25m ago

The article says they're fine if you want to use AI but they're not going to foist it upon you

cypherpunks01•36m ago

Your own emails are immutable, if you trust nobody's modified your copy.

But proving to others that an email hasn't been modified is a more difficult task. As I understand it, you'd need to retain DKIM keys for the signing server, to check that historical DKIM signatures verify correctly and the old message was not forged or altered.

Are DKIM signing keys issued in some kind of Certificate Transparency log, where you can verify whether a particular DKIM key existed for a particular domain in the past, in order to do this in general?

Alex3917•33m ago

There is at least one service that scrapes and archives the DKIM keys of popular websites.

acdha•26m ago

They at least were not historically archived. This came up during the Hunter Biden laptop investigation where people were able to verify some of the messages only because the Gmail key was archived in many places because that service is so popular. I’m not aware of anyone making a comprehensive archive but I’d be unsurprised if someone did based on news like that.

https://github.com/robertdavidgraham/hunter-dkim#but-gmails-...

EDIT: this one exists but is incomplete: https://archive.prove.email/about

bananapub•20m ago

people are trying to do the opposite - publish DKIM private keys regularly so everyone knows that old DKIM signatures can be forged, so that they can't be used against you.

Imnimo•33m ago

>In a world where there’s enough AI capability to process the entire web and rewrite every page to remove something, the cost of “changing history” is much reduced, so we can expect more of it.

I gotta be honest, this scenario is not a concern that impacts my choice of email provider.

estimator7292•32m ago

Is email immutable? Honestly I haven't looked into it very much, but as an email self-hoster I do know that i have the ability to decrypt any email in any user's inbox. I presume I could also edit and re-encrypt them, but I don't really know.

But as in all cases, you can only be truly sure no one is tampering if you don't give it to anyone else.

kuroguro•20m ago

Clearly we need blockchain to solve this, not AI! /s

neuroelectron•17m ago

General web immutability matters more than ever and not just because of AI. Please support archive.org and its sister sites.

pkilgore•14m ago

Kagi & Fastmail are two of my favorite bills to pay.

myhf•7m ago

I stopped paying for Kagi because they added AI.

instagraham•5m ago

The immutability of documentation tech matters more in a world with AI.

The cameras used to document "news" will need to be watermarked, fingerprinted and authenticated, like what Canon and Nikon are already doing (and which AFP has already adopted).

It may have seemed gimmicky at first, but in a year or two, you'll probably only be able to trust visuals from companies that do this (wire agencies like AFP, AP and Reuters are heavily disincentivised to create fake news anyway but that's another topic).

At a certain level, I imagine social media apps will also encourage direct camera-to-post for documentation/videos of reality, since this will be the only end-to-end method to verify an image was created unaltered. I can imagine a world where, if you film a protest through the Instagram app, you'd get some kind of "this is real" badge on it, whereas if you upload a video, it gets treated as "could be AI" like 99% of all future content.

NoSalt•5m ago

Commercial for FastMail???

Anti-Aging Breakthrough: Stem Cells Reverse Signs of Aging in Monkeys

Ask HN: How has your experience been with iOS 26?

"OpenAI Is Trying to Get Sued" – Nintendo IP Floods Sora 2 Video Generation App

New Zealand's Institute of IT Professionals Collapses

Ask HN: Does AI understand your ideas better than humans?

AI Stan Lee Debuted at L.A. Comic-Con

Why most product planning is bad and what to do about it

The First Decade as Faculty

Our project is participating in Hacktoberfest 2025

The Mythical Man-Month

What WASM 3.0 launch means for .NET Developers

Trump Explores Bailout of at Least $10B for U.S. Farmers

Accounting for uncertainty to help engineers design complex systems

The architecture behind 99.9999% uptime in Erlang

The other space race: why the world is obsessed with sending objects into orbit

Your Agent Test Suite Is an Essential Onboarding Document

Universities must Comply with federal rules for funding

Ask HN: Preemptive practical security steps for a postquant world?

Half the forests have fragmented over the last 20 years

Show HN: Enhance – A Terminal UI for GitHub Actions

Drone No-Fly Zone Imposed over Greater Chicago Area

Gov Workers Say Their Shutdown Out-of-Office Replies Were Forcibly Changed

Building an Animated Pattern

Healthcare hacks undermine public trust

A History of Large Language Models

A.I firm spent $1M+ on NYC print advertising graffitied by locals

Microsoft releases Agent Framework for Python and .NET

Exploring Techniques for Photo Editing and Management

DHH Is Worse Than I Thought

Vibecoding a Cyberpunk 3D GUI for System Commissioning