Plaidophile: One step forward, several steps back

November 16, 2010

One step forward, several steps back (customer experience, geekery, rant)

by fluffy at 3:50 PM

An intersection of confluent issues with how Google and GMail handle their various accounts has just made my life much more difficult, again.

I use GMail for Domains on both of my main domains (beesbuzz.biz is for personal/arty/online persona stuff, and then I have another domain that is for semi-professional and RL persona stuff). As a result, I have the following Google accounts:

fluffy at beesbuzz.biz: both a GMail Domain account and an apps account (primarily for Google Reader, and for sharing items and so on)
[real name] at [other domain]: both GMail Domain account and an apps account (primarily for Google Calendar)
[real name] at gmail.com: unified GMail+apps account (primarily for my Android phone, since lots of Android stuff doesn't work on apps accounts, and doesn't seem to respect GMail Domain accounts as existing)

For the most part this worked out pretty well; most of the time my browser is logged in to the beesbuzz.biz apps account, and then GMail Domain accounts use separate credentials so I could check my email on both domains from work without having to run multiple browsers or whatever, and of course the apps account connections on my Android device just stay separate anyway (because Android is well-designed for handling multiple accounts).

However, on the other domain, Google just transitioned it to using the new unified GMail+Apps infrastructure. The major implication of this change is that now to log in to GMail for Domains, that also signs me in to it as an apps account — meaning that I get signed out of Google Reader as 'fluffy' and am logged in as [real name]. While I could in principle just transfer all my data to this apps account, it means losing all of my sharing with others; I'd have to reconnect to everyone with my other domain name, which is not something I want to do.

This also means that when they transition beesbuzz.biz over to the new infrastructure, I won't be able to sign in to both accounts simultaneously for email at all.

Obviously, the least-sucky solution for now is to just set up an IMAP email client on my work machine, but that has legality and privacy implications, or I could use two different browsers at the same time, but that has other obnoxious issues.

This is basically a specific case of the problem as browser-as-OS: when you have single-sign-on to a whole bunch of applications, and those applications don't expect you to have multiple accounts in use at the same time, shit breaks, badly. I heard a while ago that Google was looking into changing their sign-on stuff to allow multiple concurrent apps account signins, which would partially address this issue, but I suspect they'll still screw that up somehow too, and anyway in the meantime I'm going to have to figure out some other approach.

This is the sort of thing which makes me want to just set up my own MX so I can run a decent spam filter without having to put up with Google crap.

I really wish DreamHost still supported some way of running custom filter processes on IMAP-capable mail accounts. It used to be that the email, shell, and web account were all the same one served off the same server, which is obviously a Bad Idea, but they "fixed" things by running the MX and IMAP on servers that have no shell access, and using a web-based panel for configuring procmail chains. Which is fine for the common case, but it makes it so that you can't run custom filters there.

There's also some hackish stuff where you can forward messages to an account that does have shell access (meaning it'd be possible to run a private instance of bogofilter et al), but there's no IMAP support for those, so setting up a training mechanism gets incredibly difficult and cumbersome (and probably involves forwarding messages around to special addresses, which means that you risk losing or misrepresenting header information, which is the single most important part of decent spam filtering in my experience).

I guess for now my best bet is to just install Thunderbird on my work machine for personal email and use that to keep my personal mail separate from my work mail. But again, I'm concerned about the privacy and security implications. Ugh.

Comments

#13548 TheoEsc 11/16/2010 10:55 pm Browser-as-identity sucks

I often end up with 3 different browsers running, each representing a different identity: professional me, spammable me, and online-bloviating me.

#13549 Neillparatzo 11/16/2010 11:19 pm

My email solution is still to VNC into my home PC... despite all my efforts last year to stop needing to do that.

#13550 Neillparatzo 11/16/2010 11:22 pm

Also, worth mentioning: Thunderbird 2.x will cache headers locally. Thunderbird 3.x will cache whole messages locally (a la Outlook) unless you turn off a specific option. This is the main thing that torpedoed my "Thunderbird at work" plan.

#13551 fluffy

11/16/2010 11:27 pm

For now I'm throwing caution to the wind and running Thunderbird 3 for personal email. Yeah, I know.

#13552 Linktoreality 11/16/2010 11:42 pm

Huh. On some level, I know that many people make efforts to keep their professional identity separate from their online identity, but I suppose I never actually thought about it since I don't exactly have a professional identity yet.

Not that I've done anything online that could reflect poorly on me later in life. ...I hope.

#13553 fluffy

11/16/2010 11:50 pm

It's not that anything I've done really reflects poorly on me, but everyone everywhere has at least some segregation of identities. You have your private life self and your professional life self. The Internet has this horrible tendency of muddling them together though. I mean, just because you wear pajamas to bed doesn't mean you'd wear them to a job interview.

#13557 hulver 11/18/2010 02:54 am

Google Chrome, and an Incognito window.

You can open up as many of them as you like, and each one is treated as a separate session.

That way you can log in to multiple google accounts at the same time.

#13559 fluffy

11/18/2010 08:28 am

Oh, good idea. I already use Chrome anyway - I'd forgotten that incognito existed.

#13566 HeuristicsInc 11/22/2010 10:25 am

you know, dreamhost told me they were moving me to a new server and i wouldn't have shell access to run pine anymore... so i installed thunderbird, but my workplace has blocked imap access to external sites. so i tried out pine on my new server and it still works. sssh - don't tell them. i hate the webmail client and it's all i've got from here otherwise!
-bill

#13567 fluffy

11/22/2010 10:42 am

Sounds like they screwed up your transition. Or maybe your email account was flagged as "shell access," which would explain why you have PINE but not IMAP.

#13568 Neillparatzo 11/22/2010 10:46 am

Doesn't shell access come standard with all Dreamhost accounts? I remember not needing it but getting it anyway, and it made my initial setup hell of easier than messing with cPanel.

#13569 fluffy

11/22/2010 10:49 am

I meant shell access to email, not shell access period.

#13575 HeuristicsInc 11/24/2010 07:19 am

nah, i've got imap, because i can use it from home. but i also have shell access to email Smile

-bill

#13578 fluffy

11/29/2010 08:46 am

Weird. Is PINE actually going to a local Maildir or is it going over IMAP, though? The important thing about shell access to email (to me) is being able to run procmail on it and manage Maildir/ entries via cron.

#13582 HeuristicsInc 11/29/2010 02:30 pm

i tried to test this just now. in pine, i took a message from my inbox and moved it to the "mo" folder. then i checked on my phone and the message is indeed moved into the mo folder (using the imap).
so yeah? i think?
-bill

#13584 fluffy

11/29/2010 03:47 pm

That doesn't say anything about whether Pine is using Maildir or IMAP. Just look to see if you have a Maildir/ directory in your shell account, and if there's anything in it (using ls -ar).

#13585 HeuristicsInc 11/30/2010 02:58 pm

no, my mail is in mail.
-bill

#13586 fluffy

11/30/2010 04:20 pm

I'm not sure what you mean by that.

#13590 HeuristicsInc 12/01/2010 07:17 am

a directory in my home called "mail". On my old host I had a .mail and a Mail and a mail - what a mess! No idea.
Actually these files in mail haven't been touched since 2007 so those are obviously old.
you know what, the actual mail folders are on some other host. it's my mail.mywebhost ...
-bill

#13593 fluffy

12/01/2010 08:21 am

Then that means your account has the same limitations as all other DreamHost accounts regarding email access. You can only do procmail rules that are dependent on whatever's installed on the IMAP server, and you can't run cron jobs against your stored mail.

Although I just realized that there IS a possibility for setting up something like what I want to do using a pair of email accounts (one shell-accessed, one IMAP-accessed): mail comes in through the shell-accessed one, runs procmail and bogofilter there, and then forwards to the IMAP-accessed one, which uses the Bogofilter headers to place it into the appropriate folder. Then my training cron job just fetches the train-spam/train-notspam folders by IMAP.

If I felt like dealing with a gigantic migration away from GMail right now that's probably what I'd do (but I don't).

#13596 HeuristicsInc 12/01/2010 10:39 am

heh, okay. but my original point remains - they said "you won't be able to use pine" but i still can Smile

-bill

#13640 fluffy

12/13/2010 03:18 pm

Oh, cool, Google have made it so that now you actually can sign in multiple accounts simultaneously. I guess I wasn't the only one with this issue. Maybe I should get rid of my at-work Thunderbird now and go back to web-based gmail.