Do you use Telstra's BigPond service? Why? They're one of the most expensive services, and they don't have real technical support. I've gone into the matter in this page.

But even if you insist on staying with BigPond, there are three serious reasons why you should avoid using their email service:

1. It's non-portable: when you finally get fed up with them and move on, you can't take your email address with you.
2. It refuses certain types of legitimate mail, “suspecting” it of being spam. You don't even get the choice to examine it. In particular, it rejects secure mail with digital signatures. Read on below.
3. It uses dubious online services to refuse mail from specific IP addresses. In this case the mail is rejected rather than swallowed, but the recipient still has neither information nor control over the fact.

I've never used BigPond mail, but it's my guess that it's also not very good. A much better choice is Gmail. It's free, and you can hold on to the email address if you move to a different supplier. And they offer reasonable spam protection, including the opportunity to catch false positives.

In the rest of this page I'll discuss digital signatures. For point 3, see my diary.

So what do I do instead?

There are several free online email services around that aren't tied to an ISP. That way you can change your ISP without losing your email address. My recommendation is GMail. It works, it's free, and it's relatively easy to use. Follow the link to sign up.

So what's this digital signature anyway?

How do you know that the email you receive is really from the person it claims to be from? It's triviality itself to forge mail headers and claim that the email is coming from somebody—anybody—else. But there are methods: digital signatures. All the mail I send contains a digital signature. You can download a key to decode my signature from http://pgpkeys.mit.edu/, and various programs will verify that it has been signed in a manner that only I can do. See this link for more details.

Of course, most mail that I send doesn't need verification. It's not sensitive enough, and there's no reason to believe that it doesn't come from me. But that's not enough: over the years companies who should know better get thoroughly confused by the signatures. They're clearly identified as signatures in the mail message. Here's what the Mutt mail user agent shows:

The first attachment is the message itself, and the second is the PGP signature. But it confuses the hell out of Microsoft “Outlook”, and BigPond thinks they're spam:

Apart from what this says about BigPond's technical expertise, it means that all mail I send to BigPond users gets rejected unless I remove a layer of security. Yes, I can do that, but I have to remember, and I'm usually reminded by a bounce message like the one above. Others may not. The result is that you, poor unsuspecting BigPond user, don't get mail that you should be getting. And there's nothing anybody can do about it: I've tried complaining to BigPond “support”, but they didn't even understand what I was talking about. And you, as a user, can't do anything because you never find out. Try gmail. It works.

Unfair to BigPond?

Of course, maybe you're from BigPond, and you object to this page. That's fine: call me up and I'll tell you how to fix the problem. It would be nice to find somebody at BigPond who passes the Turing Test.