Only by those who never worked on these kind of services. Running something like a webmail service is being flypaper for dickheads. As soon as you gain any sort of popularity you will have some very hard and sharp lessons about the lengths spammers will go through to make abuse your service.
First rule of designing anything: "if some cunt can make a buck by completely fucking over your system then that cunt will completely fuck over your system because that cunt is a cunt."
You don't even have to be running a webmail service, the instant you use any service to send an email with even one user-controlled field (even something as innocuous as their name) you already have a problem.
Yeah, I meant "webmail" in the broadest possible sense. And it's even broader than that: anything that allows making anything public really: from forum comments to Instagram to WordPress sites to Wikipedia.
Remember that for about ten years there was a person who consistently and frequently inserting images of ceiling fans in random articles.
First rule of designing anything: "if some cunt can make a buck by completely fucking over your system then that cunt will completely fuck over your system because that cunt is a cunt."