This tutorial is available in other languages. Help translate more
Quote from Spamhaus news article:
outsourcing (the mail service) does not come without costs, even when the outsourced service appears to be "free". Hidden costs include:
Another organization can see the content of all messages. In some cases, the contents of messages are stored on the outsourcing company's servers indefinitely. External access to unencrypted emails poses privacy and confidentiality issues. Furthermore, the outsourcing company may be located in another country and be subjected to different regulations and obligations.
In some cases, the outsourcing company's terms and conditions allow it to search the content of emails to aid in targeting advertising, which poses even greater privacy and confidentiality problems.
The organization no longer has control of its own email security. Server-based encryption and authentication is managed by the outsourcing company, requiring end-to-end encryption for sensitive communications.
Large companies with many customers are often a target of cybercrime attacks aimed at stealing customer data, and some of these attacks have succeeded.
Inspection of SMTP transaction logs may be impossible for the end user. Troubleshooting failed deliveries and other email problems requires interacting with an external support desk. Support desks are sometimes slow to respond. First-line support, in particular, might lack the training and access to fix any but simple problems, requiring escalation and further delays.
Sharing a mail server with other organizations can cause delivery issues when a user at another organization sends spam through that mail server. When the outsourcing company fails to detect and block spam, or is slow to terminate service to spammers, the likelihood of problems increases substantially.