Email and my own working life have been closely intertwined. I started using email in 1983 and over the years I have used more than three dozen different systems and sent thousands of messages and probably deleted millions of questionable ones too. So I thought I would put together some important milestones of my own usage, mapped against some significant historical email developments and show you how email has changed from those early days.

For the first 15 or so years, email use in business was a rarity. Few companies had any external connectivity, which meant users had to connect via modems back to the main office. Now we take internet and Wifi for granted.

• 1983: Started using both MCIMail, one of the first global systems that was available to the public (the Internet was not yet available to the average worker) and a conferencing system called EIES. One job I had back then was to write automated scripts for processing messages between the two at a small software firm.
• 1984: At an insurance company, I used an IBM mainframe email product called DISOSS for internal communications.
• 1986: Used 3Com’s 3+Mail for internal communications at PC Week. This was one of the early LAN-based email programs. We thought we were hot stuff because we could hook up our remote offices around the country to it, something now taken for granted.
• 1987: Wrote my first column for PC Week about hotels, modems, and email. Today the problem still remains, just replace Wifi and VPNs for the modems.
• 1988: Managed my first remote team with editors reporting to me from California, Denver, Texas and other places. Email connectivity made this all possible.
• 1989: Covered the launch of Lotus Notes, one of the first collaborative software tools, and lobbied Ziff Davis, where I worked, to start using it in place of 3+. They eventually did a few years’ later. Compuserve and MCIMail begin offering Internet gateways to their users on an experimental basis.
• 1990: I started Network Computing magazine, where we routinely used Internet email addresses for our writers in their bylines. We used Network Courier LAN-based email, which was the precursor to Microsoft Exchange and Outlook. This was also my first entry into Internet-based email: we were able to communicate with anyone using a gateway that was maintained by UCLA.
• 1991: Began to chart ways to send emails between two formerly disparate  systems, using various gateways. The rise of Soft-Switch, which at its height could connect more than 50 different systems. They were eventually acquired by Lotus. Again, something taken for granted now. Also the year that Phil Zimmermann released PGP for email encryption. To get around US security laws, he soon published its source code as a printed book.
• 1992: I was one of the first wireless email users of a product called RadioMail, which eventually became the BlackBerry. It worked with a one-pound radio and a one pound HP palmtop.
• 1993: Obtained my first Internet domain name, strom.com, for free from Network Solutions by requesting it from them via email. Before then, private businesses couldn’t really become masters of their own domains easily.
• 1994: Groupware was the big deal back then, and Novell’s Groupwise was one of the best. Too bad that it withered away, along with the rest of Novell. This was also the year that AOL began offering an Internet gateway so its users could communicate with each other. It was far from perfect: for example, the early Mac AOL clients couldn’t read attachments from Internet senders.
• 1995: Began the first of a series of weekly email newsletters called Web Informantusing a collection of Unix scripts. Still writing them, using a hosted Mailman server by Pair.
• 1996: Experimented with Intermind’s push technology for notifications instead of sending emails for my newsletter. Didn’t last very long. Push pooped out quickly.
• 1997: Gave up my laptop and used borrowed computers when traveling. That didn’t last very long either. Did have the very early smartphone from AT&T that used broadband (well, it wasn’t all that broad) cellular data called CDPD, the precursor to what we all use today on our phones. This was the year that Apple acquired NeXT and incorporated its email software into various Apple operating systems.
• 1998: This was an important year for me and was the year that I co-wrote my email book with Marshall Rose, the inventor of the POP protocols. The book covered the more popular email programs at the time, which included Lotus cc:Mail (extinct), Netscape Messenger (extinct but replaced by Thunderbird you could say), Eudora Pro (still very much alive with this open source project),  Compuserve (not extinct but should be), AOL (ditto), and Microsoft’s Outlook Express (which has gone through various evolutions and still exists with its Office/365 products). Penn Jillette, of Penn and Teller fame and an early email user, wrote our forward to our book. Out of that research is this Web page that I haven’t touched since then that shows the state of email encryption interoperability. Luckily, it has gotten better, sort of.
• 2001: Was a regular user of Lotus Notes, which by then had been purchased by IBM, while working back at CMP.
• 2002: Wrote about Michael Dell’s bandwidth separation anxiety here, probably one of the first of many popular instances of cutting off email.
• 2004: At the annual VIP economic forum love fest gathering in Davos, Bill Gates proclaimed: “Two years from now, spam will be solved.” Right. Not even close on that one Bill.
• 2005: Began using Mozilla’s ThunderBird as my regular email client. Here is a story about the trials then.
• 2006: Switched hosting my various email domains over to Google Apps. For free. Began using Gmail as my regular email client, although it wouldn’t talk IMAP for another year. Also the year that the concept of “email inbox zero” was introduced.
• 2008: Reminisced about ten years after my email book in my post here. Vint Cerf wrote this then too about ten years of using the Internet.
• 2009: First of many “email is dead” articles in WSJ and elsewhere analyzed here.
• 2011: The latest in a series of days without email proposed to make some obscure point.
• 2017: Better email authentication protocols (DKIM, SPF, DMARC) come into wider use. As I wrote about at the time, becoming master of your email domain is incredibly difficult to implement, still true to this day.
• 2018: IBM sells off Lotus Notes to an Indian conglomerate. That link will take you to why Notes was so significant in its heyday.
• 2019-2022: Helm is released, an interesting dedicated email server appliance. It closed its doors at the end of 2022, victim to supply chain issues and IMHO, a bad collection of features.
• 2022: Google begins charging me for my domain for the first time since I began using their email service.
• 2023: Yes, I still try to have less than ten messages at the end of each day in my inbox. Encrypted email remains for the most part ignored by the general public, even as phishing continues to rise. Some things never change.

How many times a day are you asked to provide your email address for something that just generates more inbox junk and adds you to some marketer’s list? If you are getting tired of these email come-ons, you need a disposable email address. The idea is simple: instead of providing your “real” email, you create something that will still forward messages, but gives you some control over how these messages appear in your inbox.

Now, you could use the email filtering feature of your mail software to prevent these messages from ever darkening your inbox, but a more elegant way is to make use of one of the “disposal email service providers” (as I call them) to help you out. The way these providers work is that you set up an account on their service, and start using a special alias to flag the origin of the mail.Before you dive into this product category, realize that there are dozens of semi-shady providers, such as Emailondeck or E4ward.com. These have lots of limitations, such as only offering a single alias with very short forwarding lifetimes (such as an hour, which renders them useless for newsletter subscriptions), or don’t allow you to create your own alias, or have paid accounts that only accept BTC. The ideal provider allows you to set up your own alias and keeps the mail flowing as long as the company is in business. Also, some providers don’t protect any replies to the forwarded email, so your real underlying address is now available.

Here are three providers you should check out: DuckDuckGo’s @duck.com, 33Mail.com, and Yahoo.com. All three are available for free (and the latter two also offer paid plans) and work reasonably well. My favorite is 33Mail, which I have been an avid user of their free account for many years now and have set up dozens of aliases. The setup process is nothing: you just start using “something@youraccount.33mail.com” and the service takes care of getting the message forwarded to your real email. The forever free version has unlimited aliases, which is handy because it shows you the alias used at the top of your message, in case you want to send all inbound mail using that alias to the bit bucket. You can sign into the web portal of your account and view the transaction log shown here as well as the status of the various aliases that have been used to forward mail to you, and those emails that you have blocked. The free account does come with bandwidth limits, which I have never come close to reaching. There are several pricing tiers that remove this along with other restrictions and support other customizable settings.

DuckDuckGo takes a somewhat different tack from 33Mail — they do their work inside a browser extension and they support a wide range of them, including Brave, Chrome and Edge. You’ll need that extension to manage the various configuration features. If you are already using DDG as your search engine or for its other privacy-enhanced tools, then it is worth checking this tool out. Here is a list of its features and FAQs. One downside of DDG is that it doesn’t use aliases, which means you have to filter messages on your own.

Finally, there is Yahoo. Remember them? Remember both of their massive data breaches back in the day? Well, it has been years since I used them for anything other than a spam collector, and the free version immediately begins placing ads in the form of a rolling series of messages at the top of your inbox. (You can remove these if you upgrade to a paid plan.) You can setup three aliases (what Yahoo calls “keywords”) on your account, using this menu shown here. It isn’t as convenient as 33Mail, and of course you need a Yahoo email address for this to work.

I had an opportunity to test drive the Helm personal email server over the past couple of months. I give them an A for effort, and a C+ for execution. It is a smallish pyramid that can be used to self-host your own email domain.

It has some great ideas and tries hard to be a secure email server that is easy to setup. And its packaging and reviewer’s guide is a design delight, as you can see from the photo below. But it has a few major drawbacks, especially for users that want to do more than protect their email correspondence.

If you want to read a more thorough test, check out Lee Hutchinson’s Ars review here. While I didn’t test it as thoroughly or write about it as much as he did, I did try it out in two different modes: first, as a server on a test account that Helm reserved for me. Then I reset the unit and tried it to serve up email on one of my existing domains. I will get to an issue with that latter configuration in a moment.

My biggest issue is its lack of support for webmail clients. I understand why this was done, but I still don’t like it. I have been using webmail exclusively for my desktop and laptop email usage for more than 10 years, and only use the iPhone Mail app when I am on the phone. Certainly, that leaves me open for exposure, man-in-the-middle, etc. But I am not sure I am willing to give up that flexibility for better security, which is really at the center of the debate.

Brian Krebs blogged that users can pick two of security, privacy and convenience, but only two. That is the rub.

If you are concerned about privacy first and foremost, you are likely to want to use encryption on all of your emails. That is probably for very few folks. Even with zero-trust encryption, this isn’t easy. Helm doesn’t support any encryption such as PGP, so this audience is off the table.

If you are concerned with convenience, you are probably going to stick with webmailers for the time being. So this audience is off the table too.

If you are concerned with security first, maybe you will consider Helm. But it is a big maybe. If you already use a corporate email server and your company has hundreds of mailboxes, I don’t think any IT manager is going to want to have a tiny box like Helm at the center of their email infrastructure. And if you are a SMB that has < 100 mailboxes, perhaps you might move from GSuite or O365, but it will take some work. Certainly, the pricing tipping point is around a dozen mailboxes, depending on the various options that you choose for these SaaS emailers.

Hutchinson’s piece in Ars says, “Helm aims to give you the best of both worlds—the assurance of having a device filled with sensitive information physically under your control, but with almost all of the heavy sysadmin lifting done for you. If you’re looking to kick Google or Microsoft to the curb and claw back control of your email, this is in my opinion the best and easiest way to do it.” I would agree with him.

However, the issue for this last group isn’t the email, but the other things that depend on email that they already use seamlessly: calendars, contacts, and email notifications. Setting up calendars and contacts will take some careful study before you actually configure them. This is because you have to read and understand the web-based support portal pages so that you know what the steps are before you do the configuration. I ended up creating several device profiles before I got all this together, because I couldn’t access the existing details to set up the servers etc. (I understand why you are doing this, but still calling them “device profiles” is confusing.) And then I still had issues with getting things setup for my calendar and contacts. The pretty reviewer’s guide really falls down in this area.

One plus for the security audience is that it supports DMARC/SPF/DKIM with no extra effort. (See the screenshot below.) They don’t make a big deal of this, other than a brief nod to it in the support pages here. My report from mail-tester can be found here, showing that this was implemented correctly.

Another sticking point for me is the use of the smartphone app for configuration and reporting. I have had problems with other consumer-grade products that do this – such as most smart home devices, the Bitdefender Box (I did an early review of this for Tom’s Hardware but haven’t looked at it for a while since then), and some SMB router/firewalls. The problem is that your screen real estate is very limited, forcing you to make some bad UI tradeoffs. For example, a notification alert comes up on my phone during certain times.

One issue that Hutchinson also had is that if you use Helm to serve up your own domain, it needs to take control over your domain’s DNS settings. You can use its smartphone app to add your own custom DNS records, but it isn’t as flexible as say the average ISP DNS web-based management screens. Speaking of DNS, Helm doesn’t support DNSSEC because of the way it moves your email traffic through its AWS infrastructure.

Finally, the backup process didn’t work for my pre-configured unit and I never got a successful backup, even after initiating several of them. It worked fine for my hosted domain. There is no phone message notification of either success or failure: you have to check the app, which also seems like a major omission.

If you aren’t happy with the security implications of Microsoft/Googleplex owning your messages and are a small business that doesn’t use much webmail, then Helm should be a great solution. It costs $500 initially, with $100 annually for a support contract.