I've been working on an email client for about a year to fill the Newton Mail shaped hole in my heart. I put it in the store about a week ago.
Newton Mail: https://en.wikipedia.org/wiki/Newton_(software) Emma Email (my app): https://emmaemail.app
Emma only runs on iOS and only supports Gmail. I have started building it 3 times over the past 5 or so years - because Newton has gone out of business 3 times in that timeframe. The first two times, it was saved by savior companies who bought and revived it, so in those two instances, I stopped working on a "rebuild". The most recent time it went out of business (June/July 2024), it died permanently. Nobody saved it and despite promises from the most recent company that bought / revived it that if it went out of business again, they'd open source it, that never happened. I'm not super upset about that; que sera. Especially after contacting those people (the last company that revived Newton), via reddit about their stack. Sounds like it was a mess of legacy code and super expensive to run.
So, anyway, after working on my most recent rewrite for almost a year, I felt it was just mature enough a couple weeks ago to put it in the store and its immature state wouldn't be mortally embarrassing. It's not ready to be your only client; I keep a Superhuman install on my phone and paid subscription while Emma matures.
After making that decision, I needed to get approval from Google to ask people permission to access their inboxes via Google Oauth. Turns out, while you're testing, you can use your own gmail accounts just fine to work through the technical nitty gritty details of loading inbox threads, receiving webhook requests to send push notifications, etc. However, when you go to get production approval, for it to work with any gmail account, not just my whitelisted personal account, you have to go through a "security" approval process. And apparently that cost 2k USD after a 50% discount, "generously" gifted by google... I wish that'd been made more clear. It was pretty upsetting, but I paid it. Getting to the point where I could go through the security approval process, was a manual back and forth with google in an email thread, but I'm pretty sure the actual security scan was an automated thing that took a couple minutes. I uploaded an IPA file. They scanned it. You needed like a 6/10 to pass. I think I got a 9.7. Super unclear on how any of that's calculated.
After launching, my brother and a friend downloaded the app and I was getting useful real world info from a couple users I could call up and interrogate when something interesting that I hadn't provisioned for happened.
Last week, though, I made an offhanded comment here on reddit when someone made a post in the r/iOS subreddit complaining about the size of the Gmail app. Emma is ~30MB where Gmail is ~600MB (IIRC), people seemed concerned about that/upset by it (Gmail's app size), so I posted a link to my app. I got about 50 users overnight, which is great - but I wasn't ready. They started doing things I hadn't thought of - they removed access for Emma to read their inbox by going into their gmail account and removing it from their list of approved third party apps, after trying it and signing in, giving it permission earlier. That resulted in their refresh tokens getting revoked, and breaking a bunch of stuff.
The past week or so I've been up all night (literally all night) as many times as I've gone to bed. It's been a constant chase of going through Sentry errors, realizing I need to pay papertrail for extended logs (the app receives tons of requests; mostly automated from google when users receive emails, so the logs take up space fast), installing and configuring breadcrumbs with Posthog in order to kinda know what someone had tapped / done before something crashed.
Right after getting a bunch of people using it, something happened that evening and the logs blew up. There were tons of errors. Sentry sent me an email saying "hey, look, we're not sending you anymore emails; you're way over your limit." (I sent them an email asking for them to bill me for the overage, because I felt bad, and they were super nice about it, FWIW) I also had papertrail configured to send me error logs (if any had accumulated) every 10 minutes. I got one of those emails from papertrail, tapped it (opening it with my own app) and the app crashed immediately. That scared me. The error logs were for the server. Why is the iOS / Expo / RN app crashing when I open it? Something was super wrong. After spending some time, I found that the reason for the server errors was correlated with the crash happening in the app, but not directly; Emails are HTML. I render them in react-native-webviews (popular dependency maintained by infinite red / Jamon Holmgren, I think). The papertrail email's content was so huge, it crashed the RN webview. So the two issues were kinda related. I opened the same email in the gmail client to find that they auto parse email content that's over a certain length and only render the beginning, providing a link to view the full email content in a dedicated browser tab. So I need to do that.
It's just been a firehose of intel / learning. It's tons of fun, but it's a lot. Something happens every other day that makes me think "maybe I can't do this". Then you work through it. Remember to touch grass, people. Walk the dog around the block with an ice coffee before you whip the laptop through a window.
The Expo side... Has actually been very solid. And I've been writing react for work and personal projects for almost a decade now, so I've got a reasonable handle on that end. What I haven't done so much of recently is server side stuff - which for this is just an API which handles the Expo app's requests, and generally just forwards them to Gmail's servers, and sends modified versions of the response back to the client. The ways the FE/BE communicate have been surprisingly stable; it's the third parties that are the users interacting with the app and gmail interacting with my server that've surprised me with tons of unexpected stuff. Anyway, for server side things: I love rails - but I knew this app would be serving tons of requests, compared to what I'm used to. I've built a lot of apps for companies to use in-house. Or for startups, the biggest of which got to just over a million users while I was working on it - and in those cases every request is typically triggered by a user actually tapping something to trigger some CRUD action. So not so big. When the magnitude of requests are on that smaller order, I was happy with rails. I chose to try something new and use Phoenix/Elixir for the server/api side code for this project. It's very new for me, and a little tougher to swing but I'm starting to get it. Wouldn't want anyone seeing that code :/ feels like dirty laundry. Imposter syndrome++
There's just so much that's happened over the past week. When google sends a webhook request to let ya know that a user received a new email, about 50% of the time the new email hasn't propagated through Google's system yet. So when I receive the webhook request, which only has metadata about the new inbox email, I make a request to get the details of the email in order to send a push notification with a subject and snippet preview - though because it hasn't propagated through their system yet, about 25% of the time, I get a 404 response. I think I'm supposed to handle those by requesting again with "exponential backoff". So much.
I did not write that like a paper; This is all disorganized thought vomit. If you read it, thanks for reading. Sorry for the organization of that post. I need to get back to it! 😂