Counterpoint: I lost a domain when a registrar went out of business, and another when a registrar bumped the price 10x and refused to give me authenticode unless I physically show up to their office. Sure, I cheapened out and used shady cheap registrars, and this all happened a while ago so things are probably more regulated now, but for comparison I never permanently lost access to hosted email. (Losing access temporarily is another thing, Google likes blocking me from my own account when travelling.)
For people reading this that are worried, .com and .net domains are price capped and while the price may rise, it's regulated directly by the ICANN. If you're paying more than that then either your registrar is not following ICANN regulations or you're buying a domain that is being resold by a third party.
One time I had several domains at a registrar that began to fall apart organizationally. They couldn't transfer my domains out with their automated tools and they weren't answering my emails. I filed a dispute with ICANN and had all my domains transferred out within a week.
So at least for .com and .net there's a responsive third party with procedures to work around failing registrars.
Even if you don't do dealings with shady registrars or TLDs (.af was a fun TLD until the Taliban returned to power...), you can lose your domain. For instance, lots of British people lost their .eu domains when they were no longer EU citizens thanks to Brexit.
On the one hand, using national TLDs can be a problem if the area you live in is no longer considered part of your country (I imagine .ua owners may have that problem in the future with the way things are going). On the other hand, using TLDs like .com/.net/.ai/.io puts your domain under control of foreign law enforcement (US for .com/.net, UK for .ai/.io).
It really ought to be standard that people who already have domains when something like this happens retain them.
It looks like .io will change jurisdiction. Another thing to consider with regards to jurisdictions. There is a good argument for you own national TLD.
That said, a lot of ccTLDs are not that restrictive. Anyone can register a .uk for example (so, Scottish nationalists have one less thing to deal with in their plans).
In the case of Ukraine they will probably want to allow people in any territory they lost to retain .ua domains as a way of maintaining a claim (that is assuming their rules are restrictive in the first place).
Same thing happened to me over 20 years ago back then it was common to get domain hosting email all from one provider. They hiked up the price to something extortionate and changed the owner details on the domain to themselves cost me a fair penny to get that back from then on I kept my domain email and hosting all separate and stuck with what are hopefully more reputable providers. And of course these days if it happened I'd go straight to legal action something that young me didn't think of.
This is why you (1) keep a local backup and (2) never ever use shady registrars for anything important. Hopefully you have learned from this and you regularly backup your email from Google in case your account becomes inaccessible for whatever reason.
I think the main worry about losing access to email is not losing access to your historical archive of email messages, but rather your sudden inability to reset passwords and recover access to other accounts.
Not to mention the risk that someone else takes possession of said email accounts and domains, in which case they essentially own every account you have that's bound to that email.
The archives can be quite important, I frequently have to reference my email history for one reason or another. If I temporarily cannot receive new email, it’s not such a big deal as long as we aren’t talking about hostile account takeovers. But mostly I use self-hosted services so even that wouldn’t be the end of the world. It would be annoying to deal with, yes.
While I did lose access to a hosted email and other services, and only permanently lost access to a free domain name so far, also was close to losing access to regular paid domains on multiple occasions (once because of the used registrar, twice because of the place I live in and international politics, being disconnected from payment systems, though with registrars also contributing a little).
Mandatory reliance of services on other services (whether it is email, phone, or a more explicit identity provider) is generally unfortunate. I think it is best to not look for a perfectly reliable setup, as it is unachievable, but to keep in mind that they are not reliable, to have recovery plans and fallback options if possible, reduce dependence on online services, especially those depending on others. Though a personal domain name still seems more reliable to me than that of an email provider.
I lost mine when a TLD (.xyz) thought I was malicious. I've also just failed to renew a domain before. So you're relying on the registry operator for the TLD itself to not ban you, the registrar to successfully renew, and yourself and your bank to successfully lay the registrar.
In fact the entire reason I stay on free email from a company I don't like is because I think it minimizes the chance I lose access to my email. My conclusion is essentially the exact opposite of the article.
It was some address in Warsaw, so if I needed that domain badly, it'd be one Ryanair flight away, and definitely an interesting experience :) But I was only using it for a small blog, so I just let it expire. I hoped I would be able to register it again immediately after it expires, but some scammers beat me to it (probably scanning for expiring domains with good reputation/SEO), so last time I checked, the domain is used to advertise some magic pills.
Been doing this for years, and surprised he didn't seem to mention the other benefit: "infinity" email addresses. Oh, rando burger spot wants an email for some free fries? Great, hit me up at randoburgerspot@"mydomain".com .
I do this, too - but I've been running into more and more companies that block you from using their company name in the email address.
It also results in awkward conversations if you have to talk to staff. I had ordered some pet supplies online a while ago registered like this.
Then I go in store more recently and they ask "Do you have an account with us?", I give them that email when asked, which causes them to pause. We went around a few times of them asking what my email was, before getting a manager who thought I was doing something dodgy and decided to try looking up my account by phone number instead of email.
Same experience, but a different perception. I’ve always found it to be a great conversation starter when I did this with my business domain. Of course, it’s mainly about spam control, but some people even felt flattered to have their own personal email address. Then there was that one time I tried to open a new bank account using bankname@mydomain - it ended up involving three levels of management. On the bright side, though, they now greet me by name whenever I walk into the building.
Companies tried to block Apple’s Hide My Email in the months after its release, but I haven’t been blocked in years now. I’m assuming they quickly realised that it was here the stay.
Fun fact: Apple blocks using Hide My Email with itself, which I found out once I tried to use it in my contact details when ordering a phone. Their online system reported unknown error when placing the order until I specified a Gmail address instead.
Perhaps you missed it or the author updated the article, but I think this does cover it:
>Oh, and I highly recommend providers that offer a "catch-all" feature. This way, you can have one main email address and unlimited <put something here>@yourdomain.com email addresses. It's useful to have it separated, like [email protected], but still receive the emails inside the same inbox.
I've been using my own domain for mail like that for over fifteen years now, and it happened only once that I've had to explain "no I don't work at $drugstore" when giving my "[email protected]". And even that one time only got me like a weird look, but no further discussion. I enter my mail address into some form myself most of the time, after all.
I only had once in over 20 years someone asking me to clarify that. Maybe because I add a short standard prefix before “randoburgerspot” (which also happens to serve as a wildcard filter).
I got a LOT more confused looks, especially because I stupidly used a subdomain for this purpose. Imagine like, [email protected] when someone is expecting an @gmail.com.
If I could think of an unambiguous .com, .net, or .org that is a pronounceable word that wasn't registered already by 2001, I'd be maybe willing to try this again.
Same here. I have a .dev tld (Ooh ahh very fancy). My email is [first]@[last].dev . The amount of times they go "@ gmail?" Is astonishing. These are people who all day, countless times per day, for countless years, are collecting emails (front desk clerks, support reps, whatever), and not one email in the history of emails is the format [email protected]@gmail.com, but somehow they think mine is. Should've just stuck with the Gmail
I've had [email protected] for a few years now and so far haven't had any confusion. They just read it back to me to make sure it's correct. I used to do the businesname@mydomain and that caused lots of confusion, especially when support ask me for my email and I can't remember what it was. And they are confused because my email has their name in it.
I’ve been surprised how infrequently I need to explain this — definitely fewer than 10 times in the last 20 years of doing some variation if this consistently.
I keep expecting to have to explain, but the vast majority of the time people don’t ask.
I use their "Advanced" billing mode which is usage-based and ended up cheaper than the fixed-price "Simple" mode. This was my bill for last month (received ~300 emails):
Total: $0.35
Storage (GB/month): 0.00 ($0.00)
Emails sent to non-Purelymail accounts: 19 ($0.00)
Emails sent: 19 ($0.00)
Emails sent (GB): 0.00 ($0.00)
Yearly account fee (days): 30 ($0.33)
Shared-domain user fees: $0.02
They don't actually support wildcards, but there's a matching pattern "Any address starting with" for which I just entered "evidlo".
Could also be useful if someone puts a typo in your email username when sending you an important email. You'll still get the email with a catch-all emails set up on your own domain. But you won't without this.
Even having a Gmail address doesn't make you immune from someone putting in the wrong address.
I made a throwaway/spam account with a silly name back in ~2007, and then in ~2015 someone established a fairly successful company with that name. I now regularly get job applications, tax documents, and employee timesheets to my email. They even signed up for the service that controls their website with my email.
I keep waiting for them to contact me about taking over the address, but as far as I can tell they don't even realize they don't control it.
Over the past few weeks I've been systematically migrating every one of my accounts to a domain under my control.
During the process I've been marking them in a spreadsheet with their 2FA status (no 2FA, TOTP, security key, etc.) and adding their passwords to a password manager.
This is all in case I ever need to go through the migration process again for whatever reason, or if I lose/break a Yubikey, I will know what I'm signed up for, and will know where to enrol my new Yubikey(s).
It really is a massive hinge for many people that isn't even really considered, most people's entire digital lives would be uprooted if they lost access to their email for whatever reason.
Thankfully that doesn't really ever happen to most "normal" people to my knowledge, since most just use Gmail, but I know it can and has happened through account bans or such.
Two factor tokens that can't be backed-up create stupid make-work.
Wouldn't it be great if Yubico let you back-up and restore a Yubikey?
It's maddening that they haven't come up with a reasonable way to allow a purchaser to register multiple Yubikeys to enable freely restoring backups between them. (Think of if analogously to buying multiple padlocks keyed the same from the factory.)
I'd prefer to be able to just set the same DKEK on the devices myself. Failing that I'd settle for Yubico being the arbiter. It would make the devices substantially more useful and less scary in loss / destruction scenarios.
If the secrets are routinely copied or otherwise extracted, then it reduces their security value. What I recommend people do is buy two or more and set them up all at the same time. It is inconvenient though.
I suppose I should have preemptively made that argument and then argued against it.
My point is that there should be a mechanism to extract key material in an encrypted form. The backup could only be restored onto properly-prepared hardware (either by way of a device master key held under escrow by Yubico, or by an initial "seed" set by the user when commissioning the hardware).
Setting up multiple keys at the same time isn't just inconvenient, but actually defeats the purpose of backup. If both keys have to be present in the same place at the same time it's not a backup.
The workflow with tokens that can't be backed-up creates needless labor and risk. HSM vendors have solved this problem (albeit with tremendous vendor lock-in) but apparently that's too difficult for consumer token vendors to handle.
> It's maddening that they haven't come up with a reasonable way to allow a purchaser to register multiple Yubikeys to enable freely restoring backups between them.
It is possible, using a cryptocurrency hardware wallet allowing to install tiny apps on the hardware wallets. These wallets are meant to initialized by a "seed" and there's a protocol to easily write down that seed (a list of words, all coming from a dictionary of 2048 words and the list of words contains a checksum in [part of] the last word).
Now from that seed, cryptocurrencies hardware wallet can derive any secret. And it's possible to derive a secret that's used like Yubikey.
So as long as you have your "seed" backed up somewhere, you can duplicate your 2FA key.
I did test the old U2F version, pre FIDO2/webauthn, using early Ledger Nano hardware wallets and it worked.
I think there's now a more recent version available but haven't checked that. A Ledger Nano S Plus, from their website, costs 70 EUR / 80 USD. I'd say it's not too pricey to try it and see if it could suit you. Check their available apps first and see if there's one that can simulate a Yubikey (or a similar 2FA security key).
I know HN loves to hate on cryptocurrencies but I'd say that at least the crypo-bros got the "you cannot trust your computer" part right. The attack surface of a cryptocurrency hardware wallet is not only minimal: it's minimal on purpose, built on the premises that computers were not devices to be trusted. They're literally built with the idea that they can be used on a compromised computer and you should still be safe, so there's that.
Step 1 : go with the one company that's known worldwide for abusive & permanent bans with no recourse.
This post is a bit too generic, but it's true that using your own domain for mailing is the best solution to avoid getting locked out. Although you need to pick a good registrar, too...
It's worth pointing out just in case someone might forget/not think of it... Don't register your domain or DNS with Google Domains / GCP if you host your email with Google Workspace... since if you get locked out of the Google account you could be unable to update your DNS.
The saddest thing though is that in some ways Gmail is harder to hack into than some registrars. I remember a postmortem write-up from a guy who had his personal domain easily hijacked by social engineering someone at the domain registrar, which then served as the foothold of a larger identity theft attack against him. Google, by virtue of simply not even doing customer service, is much harder to social engineer, so the author of that piece pointed out that ironically if he'd put more of his eggs in the GOOG basket, he'd have been safer.
There was also the time where the itch.io domain got nuked for a day because a copyright bot sent an automated complaint to the domain registrar and the registrar just immediately took the domain offline.
> Don't register your domain or DNS with Google Domains / GCP if you host your email with Google Workspace... since if you get locked out of the Google account you could be unable to update your DNS.
This seems like a potential rabbit hole.
Use a different domain with your registrar than the domain you’re registering. Same thing with DNS host. Do you have two domains with two registrars and two DNS hosts? Presumably if either one gets compromised, the control of one domain could be used to gain control of the other. And you’ve quadrupled your attack surface by having two domains with two registrars and two DNS providers.
I don’t disagree with you, but I also don’t know a robust solution for this (happy to hear one, if you have it).
Highly recommend mbsync/isync for backing up your email. Quite simple to set up for fastmail, gmail. Everyone recommends n+1 backups of everything else, why should your email be less deserving?
As a bonus, if you install notmuch you get quick offline searches and can "mine" your email with shell scripts (or easily share it with sam altman if you're into that kind of thing).
(Alternatively, if you prefer being GUI, just install Thunderbird – this can also download your full imap and give you local search. You don't even have to use Thunderbird for it to be useful as a backup; it's probably the easiest way to quickly become more independent from google randomly deciding your account should be locked, which does happen.)
I've been doing this for years, though I don't really think of it as "having a backup" so much as "using an IMAP client". Works fine. It's really useful to be able to make up a new email address for every company who wants one; they each get their own folder. If I get any unexpected mail, it's obvious where it came from and easy to deal with, though in practice this rarely happens.
Downloading email via POP or IMAP? Ever since I started using email in the 90's. I never deviated from it. In the old days, even the free mail hosts gave you POP access.
Yep, pretty much the same story here. The only (relatively) recent innovation is the bit where mail sent to [email protected] lands in a folder called "foo", so I neither have to sort out a messy inbox nor check many accounts individually.
As of last week, Google is on-track to discontinue POP-polling functionality. I've been using this for about 20 years, not sure what to do. What a pain.
This is alarming if you just skim the headline (which I did, and was slightly alarmed), but it is about having gmail download from third-party accounts, not downloading emails from gmail. I don't think many people do this anyway, but I'm sure it was very convenient for some.
The caveat is that if your account gets banned, the IMAP access will also be blocked. An email forward is more likely to remain active, is the point made in TFA.
There is nobody but me who can ban my account. If the hosting service I rent my mail server from chose to drop me as a client, I could sign up with a different service, transfer the domain name, and keep on going with minimal disruption.
Forwarding emails is problematic especially if your provider for the primary mx does not have great spam filtering and then you end up sending spam to your backup account.
It certainly does not get around the ...if your account gets banned maybe the forwards will still work... concept but in general something like https://github.com/joeyates/imap-backup to backup your email and then add them to a typical backup process with your other files works well.
Anyone wanna share their email strategy? I'm thinking of going for the following but I'm still undecided:
1. 1 custom domain (<simple-word-or-two>.com): this will be used for friends, family and any online accounts that know me IRL.
Use Fastmail masked addresses with my custom domain where it makes sense like an online account for amazon.
2. 1 custom domain (<online-nickname>.xyz): this will be used for a blog, professional IRL interviews, correspondence, github.
Use Fastmail masked addresses with my custom domain where it makes sense.
3. Masked emails using fastmail.com: for online accounts that are ephemeral, random newsletter signups etc. Don't want to associate any of my custom domains or IRL identity. Don't care if these are portable.
My main goals are:
- Separate my online identity/alias used for my blog (2) from gov entities, banks etc (1).
- for more anonymity/privacy use the fastmail.com domain with masked addresses to blend in with others on this domain.
I'd love feedback and to read what you do if you want to share :)
Your strategy seems good to me. The primary reference that I use for this kind of stuff is Michael Bazzell's book "Extreme Privacy". It goes into some detail about his strategy for using custom domains to compartmentalize things. That's what I base my own strategy on.
The only thing that I would add is that I prefer to "salt" my single-purpose email addresses with a bunch of random characters to prevent enumeration attacks, since it would be trivial to figure out the email address that I use for different services by just guessing. If I used [email protected], I might also use [email protected], etc. Adding a salt prevents this from happening.
I got banned by .xyz once. I did manage to get it cleared up, but being banned by the TLD itself is pretty unpleasant. It's hard to even figure out that's what happened. And then I had to "prove" I was no longer distributing malware, with a list of what things I'd done to clean up the site and prevent further malware distribution - which was difficult as I was never distributing malware to begin with. Just a static website for a wordle variant, no ads or other 3rd party content.
What scenarios are you thinking about to lose the domain? To me, the most common would be forget the pay the bill, or your credit card on file expires.
A light Google search tells me that it is possible with several different providers to pay for up to 10 years in advance. Still, the exact same issues can happen at the 10 years and 1 day mark! How do large corporations handle this problem? Do they have a special contract where the domain register will always keep the domain registered, then bill the corporation directly? That seems like a business venture with juicy margins.
Have you ever lost a domain? I haven’t despite having many domains across a number of registrars over the years. Are people just using bad registrars or what?
Sorry to hear that. Some registrars let you pre pay for multiple years now, it’s a good idea if you have a crucial domain that you know you will be holding onto.
Looks like a good intro for people who want partial self-hosting, which is better than leaving it with a megacorp (especially for non-professional email).
In before:
* running your own mail is too much of a burden
* I used to host my own mail but I couldn’t figure out DNS or used a bad IP or something and Microsoft/Gmail won’t accept my mail
* if “they” want to ban you they will just seize your domain or kick down your door and shoot your dog
* it’s good that they can ban you from your email because I don’t like spam
Edit: lol, I was not in fact “in before” the comment about domain seizures. Unbelievable.
I learned this lesson when switching away from the first ISP I had email through. Rather than switching to another transient ISP email, I registered a domain. I've been through a couple of email providers but my email address never needs to change again.
I am actually working on doing the opposite and getting rid of my custom domains. I’m not really doing anything with them except spending money to have them. Working on getting all my socials to basically match with a similar username and just go from there.
If I host my blog, assuming I actually start making posts, on GitHub with a custom domain, when I die then the domain will likely expire and the blog is no longer accessible. If I keep it with my GitHub .io url, it’ll be there for as long as the account is there.
We are all so vulnerable and have no protections. This is where government should be stepping in, but they won't until it happens to enough important people. This is fundamental
I am using my own Mail Server (mailcow) beside my old gmail and other adresses. But for convenient, searchable offline Backups, I use Mailsteward (macOS)
... if it is of interest for someone: https://mailsteward.com
Then I put the database on multiple backup locations regularly.
Another thing, some people do not already know: If you don't need a throwaway-adress for some services, and you just want to make your mailbox more structured, you can use '+' before the '@' to add another word to your email adress.
The +randomName will be ignored and the emails are received at [email protected]. But most Servers (I use) will put a '[randomName]' before the subject of the received email. Which can be quite handy for handling your emails. Even more, if the company uses multiple different adresses to send you emails.
How does Google paid email service work with catch all email addresses? Can you send with an arbitrary alias without setting up a separate identity? Will it automatically respond to the correct alias?
There are online services where a bad actor can enter your email to automatically sign you up for hundreds, thousands of marketing emails. In the event that that happens, given that you have full control over the domain, you could just divert whatever <x>@yourdomain.com to a black hole. What will happen when email attacks become more advanced--to the point of signing up thousands of different <x'>@yourdomain.com? What strategy would one have then? You would most certainly have to part ways with that domain.
The author makes a good point, your email address is (arguably) more important than your home address. Perhaps there already are, but I hope for better safeguards against these kinds of attacks.
I already am in that situation. Like onions and Ogres, my email defense is in layers.
1. Specific known compromised TO addresses are sent to devnull.
2. Specific FROM senders are whitelisted.
3. Three or sometimes four heuristics engines evaluate. If any of them pass the mail, it goes to a separate new-senders inbox. I thus get maybe a dozen spam messages per week in that box - and five figures of messages rejected.
I used to tweak it a lot, now I just occasionally add another FROM address to the whitelist.
Someone did this with my main real world Gmail address. I am still fighting it by periodically dropping from the spam lists I was recently added to.
We need a law that just like you are required to let people drop from a mailing list, there's a law requiring one ack or click on a link to join a list. I always get on legit lists that will stop once I request. But in a month I get 100+ new lists often sending me 10-50 messages a day.
This happened to me! Can I go to these services and turn it off, like remove my name from these spam lists? Please point me to this.
About once a month I go and drop myself from the latest lists. There are many magazines and whatnot where you can sign someone up for 100+ mails a day. Only a very few of them send you a message you have to ack to start the flood. Most just start the firehose without checking.
I'd like to hear what other people do to address this.
For every crucial service (banking, etc), generate a unique, cryptographically-strong email address, save it to your password manager, and have its mail forwarded to your common inbox. If only phone numbers were so easy to mask.
But again there’s only so many of these you’ll memorize, so use sparingly. Compare it to the cost of just changing the email. Maybe with a bank it’s more work and risk, so it’s worth the added effort, but if it’s the email you use to order pizza, just change it.
There’s an attack where you get signed up for mass marketing emails and your mailbox gets flooded with emails from mostly legitimate companies.
Say someone gets into an account you use to purchase stuff (Amazon, etc), but they don’t have access to your email account. They sign you up for this mail flood, then start buying stuff with your Amazon account, and legitimate notifications of purchases are lost in the noise with many thousands of emails from everything from Apple to Chuck’s Boat Rentals.
Using a unique and unguessable email lowers the chances of a more important account being affected (obviously at some point we’re splitting hairs).
I'm missing what purpose the high entropy alias does; from your description the attacker knows the email address and can still sign you up for mail flood?
I think the idea is your mail server is set to only accept emails to account names you’ve generated instead of being a catch all. So if one of the ones you generated is used for spam, you could just deactivate that one and move the service that email was associated with to a new generated email. and because there’s no catch all, an attacker can’t just sign up [email protected] with dozens or hundreds of different emails.
I'm thinking about trying something similar to this on top of AWS SES. They make it fairly trivial to accept email and store it to S3. So email forwarding would be straight to S3 backup. But still would need a system to backup these emails to some local storage.
Not sure what's the best way to handle this, I had my gmail account since the early days and it's baked into so many important accounts. It definitely crosses my mind what it'd be really difficult if I were blocked out somehow.
I’ve considered running an email server on my personal domain for some time, but the effort of changing my email hasn’t felt worth it to me, given how many services I’ve signed up for with my current email (a Gmail address). Is anyone aware of any strategies to make this easier? It’d be nice if I could set up forwarding so services would automatically use my new email, but I’m not sure if something like that exists.
Many email service providers give you the option to fetch all emails from a different service not just as a one-time thing, but ongoing. I'm not sure how that could be set up when running your own email server, but I bet there's a way. Even if there isn't, you can set up automatic forwarding in Gmail.
There's a chance forwarding is better than fetching. I once had a Gmail account stolen, and account recovery was locked for some reason, but email forwarding had been set up and I was still able to get all emails the address received.
In case it's relevant, I happen to use Fastmail now and their "mail fetch" feature involves imap.
You can have the Gmail emails be forwarded to your own email server, or have your server fetch them from Gmail, and then migrate bit by bit, the most important accounts first.
Before SPF and the like, it used to be trivial to also send email with a different From address (like your existing Gmail address) from your own server, but that’s not the case anymore.
Creating aliases for the addresses you are actually using, e.g. a netflix@ signup is preferred over a general catch all, .. and all that spam senders can generate approach.
Yeah the idea is good but spam scores would definitely crater your deliverability - and quickly. It's hard enough keeping spam scores within a reasonable threshold while sending subscriber approved marketing emails.
That's fine for your own domain, but I usually download my emails via IMAP and don't leave anything on the remote server.
Finally, do you really keep your emails?
Emails are ephemeral, often just informative, and if there's anything important, I process it and delete the email.
I may archive 'sentimental' emails, but I rarely search the archive as I mainly delete emails.
Do you mean "on the server?" I don't -- and just the opposite here; the cost of keeping literally all of them is close enough to zero, I never delete any emails and use "read/unread." I just archive yearly.
I keep mail because there’s been things that only became important or useful long after the fact. You just never know.
They can also serve as a sort of snapshot of a certain point in time that’s very effective at jogging your memory. I’ve had occasions where old emails reminded me of things that happened that I’d nearly forgotten or conflated details about.
> With this solution, there's a high chance that if they ban you by mistake (AI bots are to blame), they will not disable the forwarding mechanism.
Why bet on that instead of doing it the other way around (i.e. making the self-operated mail server the primary that forwards to the service provider inbox), or at least practicing doing so by pointing the MX records accordingly?
Afaik sending emails is much harder than receiving, because of several layers of anti-spam measurements, which don't apply for receiving (besides local spam filters).
Yes, but send and receive paths don't have to be symmetric. It's perfectly fine to send via the third-party provider and receive to your own server and forward to the third-party provider.
The forwarding MX would need to support things like ARC and DKIM, though, or the forwarded emails themselves run a high risk of getting dropped as spam by the third-party provider.
Personal email domains makes you very identifiable just by lookung at your domain.
Using aliasing services (e.g. Mozilla Relay, Addy.io, etc.) with their default address generation ensures your email address itself does not disclose your domains when the eventual data breach occurs.
Plus catch-all addresses makes you an easy target for spam by sending to any email address on that domain vs need to know specific email address on typical email services.
Yeah kinda. Honestly when I signed up for it I had no idea it was a country TLD, let alone that it might disappear so easily one day. If it does go away I'll live, but it will be quite annoying to have to switch my entire digital life over to a new domain. I've had my domain for 10+ years so lots of stuff is pointed there.
Although I had not signed up for .io domain names, I did expect it to be a country TLD when I saw it, because it is two letters, so to me it seems obvious that it is.
Apparently .io is the TLD for the British Indian Ocean territory, which (as I understand it) is going to go away as the UK is going to release the land. From what I understand the TLD would normally go away when the political entity does, but there has been a lot of concern in the industry because this particular TLD was very popular with outsiders.
Yes, but, there are things one can do to help alleviate or avoid being classified as spammer...such as setting up SPF, DKIM, DMARc, etc. properly. Also, have folks send emails into your new inbox first, then reply, etc...Also, "warm up" the sending outbound by sending into legitimate services little by little, etc. Now, if you were to stand up your own self-hosted mail server, that makes things a little harder, but even then, there are things one can do...so its not dire.
I guess the real question here is: Who is more likely to ban you, Google and co or your domain registar?
For most people, who are not doing anything shady/controversial with their domain and are using a .com or .net domain (which are price regulated by ICANN), are not using a shady registrar and will always have the cash on hand to renew as needed, the answer will be Google and co.
Its a good idea to set up auto-renew on a credit card, so you can be sure it will go through and you won't forget to renew it.
I've self hosted my email forwarding service on my own domain for over a decade, but eventually gave up because of deliverability issues that were out of my control - primarily with Microsoft's email services.
I've switched 3 years ago to a hosted forwarding service forwardemail.net
Pros:
* Allows to switch email providers if needed
* Allows to forward email to multiple providers
* Allows to store backups of emails
* Allows to have emails on multiple domains for different contexts (personal/professional/projects/etc.)
* Allows to have different email addresses per service. If you get spam on that email address you can just stop forwarding emails for it.
* Allows to have reliable mail rules based on the email address
* Allows also to send emails from multiple addressses
* Most spam is filtered before it reaches the inbox
* Open source
* Would be easy to switch to a different email forwarding service if needed (or self host it).
* Excellent track record over 8+ years
Cons:
* They have the potential to snoop on your emails. Any service that's really important would have 2FA enabled, so I accept the risk.
* They have the potential to send emails on your behalf - again, they've earned my trust, so I accept the risk for that.
* Add another point possible failure. So far I haven't noticed any issues with it.
* There's greylisting that delays emails for 5 minutes if they are not on the whitelist, which affects some of less common sending services.
* In very rare cases, some services ban registering with a forwarding email addresses.
* You need to make sure you don't lose your domain. I renew it 5 years before expiry with a reputable domain registrar (NameCheap).
Another huge thing is that if you get banned from Google you (might) also lose "Sign in with <bigcorp>" - so you lose access to a lot more thing than just your email.
I never really understood why "owning" a domain is any more owning than you own your Gmail address: a company is letting you use it and that works until they don't. What an I missing?
The contractual requirements that ICANN imposes upon registrars. They can’t just take your domain for any old reason. The rules are fairly well defined and registrars can lose their accreditation if they do not follow them.
You probably won't get hacked and have your domain taken down for distributing malware. But you also probably won't be randomly banned by Google/Proton. Neither feels like "full, unbannable control of my email" to me. If anything, I'm more concerned about my little old domain getting hijacked than getting banned from a hosted email account.
You aren't missing much only that domains are a bit more portable between registrars and they've historically been a bit more resistant against random bannings.
I don’t think TFA is talking about hosting email for well-known piracy sites or terrorists. My guess is they are more concerned about arbitrary and capricious account bans for supposed TOS violations, which is more relevant to ordinary people. Your domain won’t be seized by someone because Google doesn’t like your YouTube upload or whatever.
As for political pressure, do we have any examples?
Consider the eBay stalking scandal [1] and ask if those doing the stalking would be willing to bribe or coerce someone to seize the blogger’s domain.
Has ICANN (or registry) ever been bribed or coerced? I understand a low quality registrar can, and can possibly take over a domain, but there is recourse (and punishment such as loss of registrar status) around these situations. I would of course avoid these micronation tlds and stick to well established tlds like com/net/org.
> Has ICANN (or registry) ever been bribed or coerced?
Not that I know of. But it would be quite remarkable for an organization with a global choke point to resist attempts at influence indefinitely.
The upstream comment correctly mentioned owning a domain name being insufficient to be unbannable. There’s no mechanism with owning a domain, or DNS, that’s able to be defended by an individual (nothing like encryption, for example). It’s just someone with more power that allows it, until they don’t.
So at least for .com and .net there's a responsive third party with procedures to work around failing registrars.
On the one hand, using national TLDs can be a problem if the area you live in is no longer considered part of your country (I imagine .ua owners may have that problem in the future with the way things are going). On the other hand, using TLDs like .com/.net/.ai/.io puts your domain under control of foreign law enforcement (US for .com/.net, UK for .ai/.io).
It looks like .io will change jurisdiction. Another thing to consider with regards to jurisdictions. There is a good argument for you own national TLD.
That said, a lot of ccTLDs are not that restrictive. Anyone can register a .uk for example (so, Scottish nationalists have one less thing to deal with in their plans).
In the case of Ukraine they will probably want to allow people in any territory they lost to retain .ua domains as a way of maintaining a claim (that is assuming their rules are restrictive in the first place).
Not to mention the risk that someone else takes possession of said email accounts and domains, in which case they essentially own every account you have that's bound to that email.
Mandatory reliance of services on other services (whether it is email, phone, or a more explicit identity provider) is generally unfortunate. I think it is best to not look for a perfectly reliable setup, as it is unachievable, but to keep in mind that they are not reliable, to have recovery plans and fallback options if possible, reduce dependence on online services, especially those depending on others. Though a personal domain name still seems more reliable to me than that of an email provider.
In fact the entire reason I stay on free email from a company I don't like is because I think it minimizes the chance I lose access to my email. My conclusion is essentially the exact opposite of the article.
was it a very distant location to head out to?
It also results in awkward conversations if you have to talk to staff. I had ordered some pet supplies online a while ago registered like this.
Then I go in store more recently and they ask "Do you have an account with us?", I give them that email when asked, which causes them to pause. We went around a few times of them asking what my email was, before getting a manager who thought I was doing something dodgy and decided to try looking up my account by phone number instead of email.
If you use a password manager you could obviously just put something random instead of the company name.
>Oh, and I highly recommend providers that offer a "catch-all" feature. This way, you can have one main email address and unlimited <put something here>@yourdomain.com email addresses. It's useful to have it separated, like [email protected], but still receive the emails inside the same inbox.
Even easier: I have a list of pre-generated fantasy addresses on my smartphone and can pass one to randoburgerspot on the fly.
If I could think of an unambiguous .com, .net, or .org that is a pronounceable word that wasn't registered already by 2001, I'd be maybe willing to try this again.
I keep expecting to have to explain, but the vast majority of the time people don’t ask.
(only half joking)
<yourname>+<arbitrary_str>@gmail.com
[email protected]
I use an underscore so my addresses look like evidlo_[placholder]@example.com
https://purelymail.com/docs/routing
the "validate email input regex" that mistakenly rejects plus sign have been copy pasted for so long it might live on forever.
My email address at my hosted domain is like [email protected], and I have a catchall so I can get mail for *@jsmith.com
Someone eventually bought jsmith.net for his business and now I get a lot of mail meant for [email protected] sent to my jsmith.com domain.
Fortunately he uses just the one address and now I set up an autoforwarding rule to forward his jacob@ emails to him.
I made a throwaway/spam account with a silly name back in ~2007, and then in ~2015 someone established a fairly successful company with that name. I now regularly get job applications, tax documents, and employee timesheets to my email. They even signed up for the service that controls their website with my email.
I keep waiting for them to contact me about taking over the address, but as far as I can tell they don't even realize they don't control it.
During the process I've been marking them in a spreadsheet with their 2FA status (no 2FA, TOTP, security key, etc.) and adding their passwords to a password manager.
This is all in case I ever need to go through the migration process again for whatever reason, or if I lose/break a Yubikey, I will know what I'm signed up for, and will know where to enrol my new Yubikey(s).
It really is a massive hinge for many people that isn't even really considered, most people's entire digital lives would be uprooted if they lost access to their email for whatever reason.
Thankfully that doesn't really ever happen to most "normal" people to my knowledge, since most just use Gmail, but I know it can and has happened through account bans or such.
Wouldn't it be great if Yubico let you back-up and restore a Yubikey?
It's maddening that they haven't come up with a reasonable way to allow a purchaser to register multiple Yubikeys to enable freely restoring backups between them. (Think of if analogously to buying multiple padlocks keyed the same from the factory.)
I'd prefer to be able to just set the same DKEK on the devices myself. Failing that I'd settle for Yubico being the arbiter. It would make the devices substantially more useful and less scary in loss / destruction scenarios.
My point is that there should be a mechanism to extract key material in an encrypted form. The backup could only be restored onto properly-prepared hardware (either by way of a device master key held under escrow by Yubico, or by an initial "seed" set by the user when commissioning the hardware).
Setting up multiple keys at the same time isn't just inconvenient, but actually defeats the purpose of backup. If both keys have to be present in the same place at the same time it's not a backup.
The workflow with tokens that can't be backed-up creates needless labor and risk. HSM vendors have solved this problem (albeit with tremendous vendor lock-in) but apparently that's too difficult for consumer token vendors to handle.
It is possible, using a cryptocurrency hardware wallet allowing to install tiny apps on the hardware wallets. These wallets are meant to initialized by a "seed" and there's a protocol to easily write down that seed (a list of words, all coming from a dictionary of 2048 words and the list of words contains a checksum in [part of] the last word).
Now from that seed, cryptocurrencies hardware wallet can derive any secret. And it's possible to derive a secret that's used like Yubikey.
So as long as you have your "seed" backed up somewhere, you can duplicate your 2FA key.
I did test the old U2F version, pre FIDO2/webauthn, using early Ledger Nano hardware wallets and it worked.
I think there's now a more recent version available but haven't checked that. A Ledger Nano S Plus, from their website, costs 70 EUR / 80 USD. I'd say it's not too pricey to try it and see if it could suit you. Check their available apps first and see if there's one that can simulate a Yubikey (or a similar 2FA security key).
I know HN loves to hate on cryptocurrencies but I'd say that at least the crypo-bros got the "you cannot trust your computer" part right. The attack surface of a cryptocurrency hardware wallet is not only minimal: it's minimal on purpose, built on the premises that computers were not devices to be trusted. They're literally built with the idea that they can be used on a compromised computer and you should still be safe, so there's that.
Yes. That's a thing with some HSMs, too. That's where I've had experience with this kind of protocol.
As it stands Yubico's tokens are unusable to me for personal purposes because they can't be backed-up and restored.
Step 1 : go with the one company that's known worldwide for abusive & permanent bans with no recourse.
This post is a bit too generic, but it's true that using your own domain for mailing is the best solution to avoid getting locked out. Although you need to pick a good registrar, too...
The saddest thing though is that in some ways Gmail is harder to hack into than some registrars. I remember a postmortem write-up from a guy who had his personal domain easily hijacked by social engineering someone at the domain registrar, which then served as the foothold of a larger identity theft attack against him. Google, by virtue of simply not even doing customer service, is much harder to social engineer, so the author of that piece pointed out that ironically if he'd put more of his eggs in the GOOG basket, he'd have been safer.
This seems like a potential rabbit hole.
Use a different domain with your registrar than the domain you’re registering. Same thing with DNS host. Do you have two domains with two registrars and two DNS hosts? Presumably if either one gets compromised, the control of one domain could be used to gain control of the other. And you’ve quadrupled your attack surface by having two domains with two registrars and two DNS providers.
I don’t disagree with you, but I also don’t know a robust solution for this (happy to hear one, if you have it).
1. Email providers need to be required to forward your email to your new address for a year if you ever lose your email for any reason.
2. Domain registrars need to save your domain name for a year and allow you ample time to reregister if you ever let it lapse for any reason.
As a bonus, if you install notmuch you get quick offline searches and can "mine" your email with shell scripts (or easily share it with sam altman if you're into that kind of thing).
(Alternatively, if you prefer being GUI, just install Thunderbird – this can also download your full imap and give you local search. You don't even have to use Thunderbird for it to be useful as a backup; it's probably the easiest way to quickly become more independent from google randomly deciding your account should be locked, which does happen.)
Downloading email via POP or IMAP? Ever since I started using email in the 90's. I never deviated from it. In the old days, even the free mail hosts gave you POP access.
My own domain? Doing it for over 20 years.
Gmail will no longer support checking emails from third-party accounts via POP (support.google.com) https://news.ycombinator.com/item?id=45439670 - 6 days ago, 372 comments
It certainly does not get around the ...if your account gets banned maybe the forwards will still work... concept but in general something like https://github.com/joeyates/imap-backup to backup your email and then add them to a typical backup process with your other files works well.
1. 1 custom domain (<simple-word-or-two>.com): this will be used for friends, family and any online accounts that know me IRL.
Use Fastmail masked addresses with my custom domain where it makes sense like an online account for amazon.
2. 1 custom domain (<online-nickname>.xyz): this will be used for a blog, professional IRL interviews, correspondence, github.
Use Fastmail masked addresses with my custom domain where it makes sense.
3. Masked emails using fastmail.com: for online accounts that are ephemeral, random newsletter signups etc. Don't want to associate any of my custom domains or IRL identity. Don't care if these are portable.
My main goals are:
- Separate my online identity/alias used for my blog (2) from gov entities, banks etc (1).
- for more anonymity/privacy use the fastmail.com domain with masked addresses to blend in with others on this domain.
I'd love feedback and to read what you do if you want to share :)
The only thing that I would add is that I prefer to "salt" my single-purpose email addresses with a bunch of random characters to prevent enumeration attacks, since it would be trivial to figure out the email address that I use for different services by just guessing. If I used [email protected], I might also use [email protected], etc. Adding a salt prevents this from happening.
I got banned by .xyz once. I did manage to get it cleared up, but being banned by the TLD itself is pretty unpleasant. It's hard to even figure out that's what happened. And then I had to "prove" I was no longer distributing malware, with a list of what things I'd done to clean up the site and prevent further malware distribution - which was difficult as I was never distributing malware to begin with. Just a static website for a wordle variant, no ads or other 3rd party content.
Then use mail client instead of webmail. I use thunderbird and have multiple boxes I just backup Thunderbird profiles folder to my NAS.
A light Google search tells me that it is possible with several different providers to pay for up to 10 years in advance. Still, the exact same issues can happen at the 10 years and 1 day mark! How do large corporations handle this problem? Do they have a special contract where the domain register will always keep the domain registered, then bill the corporation directly? That seems like a business venture with juicy margins.
In before:
* running your own mail is too much of a burden
* I used to host my own mail but I couldn’t figure out DNS or used a bad IP or something and Microsoft/Gmail won’t accept my mail
* if “they” want to ban you they will just seize your domain or kick down your door and shoot your dog
* it’s good that they can ban you from your email because I don’t like spam
Edit: lol, I was not in fact “in before” the comment about domain seizures. Unbelievable.
If I host my blog, assuming I actually start making posts, on GitHub with a custom domain, when I die then the domain will likely expire and the blog is no longer accessible. If I keep it with my GitHub .io url, it’ll be there for as long as the account is there.
(alternatives for other OS: https://alternativeto.net/software/mailsteward/)
Then I put the database on multiple backup locations regularly.
Another thing, some people do not already know: If you don't need a throwaway-adress for some services, and you just want to make your mailbox more structured, you can use '+' before the '@' to add another word to your email adress.
Like: [email protected]
The +randomName will be ignored and the emails are received at [email protected]. But most Servers (I use) will put a '[randomName]' before the subject of the received email. Which can be quite handy for handling your emails. Even more, if the company uses multiple different adresses to send you emails.
The author makes a good point, your email address is (arguably) more important than your home address. Perhaps there already are, but I hope for better safeguards against these kinds of attacks.
1. Specific known compromised TO addresses are sent to devnull.
2. Specific FROM senders are whitelisted.
3. Three or sometimes four heuristics engines evaluate. If any of them pass the mail, it goes to a separate new-senders inbox. I thus get maybe a dozen spam messages per week in that box - and five figures of messages rejected.
I used to tweak it a lot, now I just occasionally add another FROM address to the whitelist.
We need a law that just like you are required to let people drop from a mailing list, there's a law requiring one ack or click on a link to join a list. I always get on legit lists that will stop once I request. But in a month I get 100+ new lists often sending me 10-50 messages a day.
About once a month I go and drop myself from the latest lists. There are many magazines and whatnot where you can sign someone up for 100+ mails a day. Only a very few of them send you a message you have to ack to start the flood. Most just start the firehose without checking.
I'd like to hear what other people do to address this.
2) in case of hard to remember address, what do you do if asked to write it down with no access to your records? (It happened to me once before)
2) Yes, this is a problem.
Something someone couldn’t guess, like:
<uuid>@domain.com
[email protected]
> in case of hard to remember address, what do you do if asked to write it down with no access to your records?
It’s a tradeoff. You’d probably want to use the cryptographically secure addresses sparingly.
Another option would be to use your password manager to create a “memorable” password, which is usually multiple random words, like:
[email protected]
But again there’s only so many of these you’ll memorize, so use sparingly. Compare it to the cost of just changing the email. Maybe with a bank it’s more work and risk, so it’s worth the added effort, but if it’s the email you use to order pizza, just change it.
Say someone gets into an account you use to purchase stuff (Amazon, etc), but they don’t have access to your email account. They sign you up for this mail flood, then start buying stuff with your Amazon account, and legitimate notifications of purchases are lost in the noise with many thousands of emails from everything from Apple to Chuck’s Boat Rentals.
Using a unique and unguessable email lowers the chances of a more important account being affected (obviously at some point we’re splitting hairs).
Not sure what's the best way to handle this, I had my gmail account since the early days and it's baked into so many important accounts. It definitely crosses my mind what it'd be really difficult if I were blocked out somehow.
There's a chance forwarding is better than fetching. I once had a Gmail account stolen, and account recovery was locked for some reason, but email forwarding had been set up and I was still able to get all emails the address received.
In case it's relevant, I happen to use Fastmail now and their "mail fetch" feature involves imap.
Before SPF and the like, it used to be trivial to also send email with a different From address (like your existing Gmail address) from your own server, but that’s not the case anymore.
Also when you pick an email provider, pick one with a good privacy policy.
They can also serve as a sort of snapshot of a certain point in time that’s very effective at jogging your memory. I’ve had occasions where old emails reminded me of things that happened that I’d nearly forgotten or conflated details about.
Why bet on that instead of doing it the other way around (i.e. making the self-operated mail server the primary that forwards to the service provider inbox), or at least practicing doing so by pointing the MX records accordingly?
The forwarding MX would need to support things like ARC and DKIM, though, or the forwarded emails themselves run a high risk of getting dropped as spam by the third-party provider.
Personal email domains makes you very identifiable just by lookung at your domain.
Using aliasing services (e.g. Mozilla Relay, Addy.io, etc.) with their default address generation ensures your email address itself does not disclose your domains when the eventual data breach occurs.
Plus catch-all addresses makes you an easy target for spam by sending to any email address on that domain vs need to know specific email address on typical email services.
[1] https://www.mailgw.com
For most people, who are not doing anything shady/controversial with their domain and are using a .com or .net domain (which are price regulated by ICANN), are not using a shady registrar and will always have the cash on hand to renew as needed, the answer will be Google and co.
Its a good idea to set up auto-renew on a credit card, so you can be sure it will go through and you won't forget to renew it.
Most domain registrars will at least have some customer support.
But good luck getting support for a free gmail account.
I've switched 3 years ago to a hosted forwarding service forwardemail.net
Pros:
* Allows to switch email providers if needed
* Allows to forward email to multiple providers
* Allows to store backups of emails
* Allows to have emails on multiple domains for different contexts (personal/professional/projects/etc.)
* Allows to have different email addresses per service. If you get spam on that email address you can just stop forwarding emails for it.
* Allows to have reliable mail rules based on the email address
* Allows also to send emails from multiple addressses
* Most spam is filtered before it reaches the inbox
* Open source
* Would be easy to switch to a different email forwarding service if needed (or self host it).
* Excellent track record over 8+ years
Cons:
* They have the potential to snoop on your emails. Any service that's really important would have 2FA enabled, so I accept the risk.
* They have the potential to send emails on your behalf - again, they've earned my trust, so I accept the risk for that.
* Add another point possible failure. So far I haven't noticed any issues with it.
* There's greylisting that delays emails for 5 minutes if they are not on the whitelist, which affects some of less common sending services.
* In very rare cases, some services ban registering with a forwarding email addresses.
* You need to make sure you don't lose your domain. I renew it 5 years before expiry with a reputable domain registrar (NameCheap).
Overall, it's been working great for me.
What I’m slowly doing is staggering my addresses by importance - trying to separate personal from all the spam / registration / etc.
Saying that it’s probably been years since I used email to actually message someone.
The contractual requirements that ICANN imposes upon registrars. They can’t just take your domain for any old reason. The rules are fairly well defined and registrars can lose their accreditation if they do not follow them.
https://www.icann.org/en/contracted-parties/accredited-regis...
This is not sufficient. Even your domain can be seized. There is no way for any service dependent on the DNS System to be irrevocably owned.
All you need to do is get an ISO-3166-1 alpha-2 code issued for you, and then never change your name, and you're golden.
https://en.wikipedia.org/wiki/Top-level_domain#Historical_do...
Substitute “criminal activity” with “someone with power that doesn’t like what you’re doing”.
Consider the eBay stalking scandal [1] and ask if those doing the stalking would be willing to bribe or coerce someone to seize the blogger’s domain.
[1] https://en.wikipedia.org/wiki/EBay_stalking_scandal
Trademark makes sense, ICANN has a whole program around that: https://www.icann.org/resources/pages/trademark-infringement...
As for political pressure, do we have any examples?
Consider the eBay stalking scandal [1] and ask if those doing the stalking would be willing to bribe or coerce someone to seize the blogger’s domain.
Has ICANN (or registry) ever been bribed or coerced? I understand a low quality registrar can, and can possibly take over a domain, but there is recourse (and punishment such as loss of registrar status) around these situations. I would of course avoid these micronation tlds and stick to well established tlds like com/net/org.
Not that I know of. But it would be quite remarkable for an organization with a global choke point to resist attempts at influence indefinitely.
The upstream comment correctly mentioned owning a domain name being insufficient to be unbannable. There’s no mechanism with owning a domain, or DNS, that’s able to be defended by an individual (nothing like encryption, for example). It’s just someone with more power that allows it, until they don’t.