I’m pretty far into the degoogling process, and I’m thinking about purchasing a domain and using it for email. I realized I don’t want to be stuck with any one email service, so this is pretty much a necessity for me.

I wouldn’t self host though, because I understand that’s very hard to do.

For people who have already done this: are there any pitfalls or things I should take into consideration before I purchase a domain?

Also, does the tld matter? Are my emails more likely to be sent to spam with a custom domain vs an email provider’s?

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    1
    ·
    4 months ago

    Use a stable domain provider that has good security, like cloudflare, buy the domain for 10 years, and then every year have auto-renew setup; that gives you 9 years to fix any billing issues that pop up. Ensure you use domain privacy, so your information doesn’t get released to the public whois database. Setup 2factor with the domain registrar, this is your online identity now, lock it down.

    https://www.privacyguides.org/en/email/

    Decide how you want to use email, fast mail is good if you don’t care about encryption, tuta is good if you want all data to be encrypted at rest, and i hear good things about proton except they don’t encrypt metadata at rest (but they do have bridges so you can use standard imap email clients)

    You might want to setup some subdomains so you can categorize your email even more, setup catch-all addresses for each domain

    • j4k3@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 months ago

      Is there an easy foundational setup that is also quite reasonable for someone on a friends and family charity budget and an old Raspberry π 3? I am slow, a methodical intuitive learner type, with no mentor figure or mobility. I’ve been overwhelmed every time I’ve tried to read into self hosting, usually because I have a purpose I want to fill and not a dedicated interest in the subject directly. I don’t need the pay to play-ignorantly setup; I need the easiest grass roots path to email, next cloud, proxy, (other), - setup. The setup that experience teaches as the obvious easiest and cheapest way to get started with, or use sustainably and build upon over time.

      • MajorHavoc@programming.dev
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        4 months ago

        You can run a mail server on Raspberry Pi, but you’ll also likely need a Dynamic DNS solution, a paid DNS provider (costs about $15 per year), and to learn a lot a out DKIM, DMARC and SPF, which there are lots of good free guides for.

        I ran my own Dynamic DNS to my home for years even without the “dynamic” bit. I just updated it manually once every 18 months when my home IP actually changed. Your mileage may vary, but there’s tons of free and cheap solutions that are plenty good enough.

        • Flax@feddit.uk
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          A dynamic dns isn’t needed if you have a domain. There are automatic scripts that work with the Cloudflare API to update your domain’s IP address

          • MajorHavoc@programming.dev
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            4 months ago

            Those scripts are generally also just called “Dynamic DNS”.

            To clarify for others reading along - web services will try to sell you “Dynamic DNS”, which is something you can also automate for yourself, for free, via many cloud APIs.

            Edit: I also see Dynic DNS (as a cloud service that still typically requires running a local script) provided as a free add-on to other services pretty frequently.

    • ____@infosec.pub
      link
      fedilink
      arrow-up
      3
      ·
      3 months ago

      I’m not sure I fully agree with your suggestion of CloudFlare, though your point is well-taken - ten year renewals with nine to fix billing issues is a best practice. Last thing I want is to lose my primary email because I missed a billing email after replacing a card six months ago.

      Catch-alls are definitely a win, especially for people who sometimes forget to write down every single ephermeral email address they’ve ever used to sign up for anything with… I like subdomains for email, but only when planned/executed in an intentional way. Has the potential to get out of hand quickly.

      I’ve elsewhere mentioned my preferred provider, but it seems to be fairly common that most email providers also offer DNS as part of the package, which makes the whole process much simpler.

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        3
        ·
        3 months ago

        One bonus to using subdomains for different email categorization, is it makes alerting much easier.

        Important.domain.com, could always make a audio alarm, or get flagged in your inbox. And that could be for domain renewals, insurance, that sort of stuff

        Fluff.domain.com could be used for things that don’t really matter just nice to have, Netflix, GeForce now etc

        • ____@infosec.pub
          link
          fedilink
          arrow-up
          3
          ·
          3 months ago

          I like that a great deal, and now I wish I had set things up that way from the start - anything to ‘family.domain.com’ should always audio alert, 100% of the time, regardless of hour of day or silent mode.

          The idea of going back and updating 20+ years of accounts and communications and other folks’ address books feels insurmountable, but that’s neither here nor there. No real reason I couldn’t start fresh with a nice, short, simple domain and subdomains for the purpose.

  • shortwavesurfer@monero.town
    link
    fedilink
    English
    arrow-up
    12
    ·
    4 months ago

    I do this and I use Proton as my email provider. I think as long as you set the email security standards, which Proton, for example, teaches you how to do, you should be fine.

    • MajorHavoc@programming.dev
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      4 months ago

      I had a good experience with Proton, as well. At the time I was an absolute DNS newbie. But Proton’s guide was very good.

    • Scrubbles@poptalk.scrubbles.tech
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 months ago

      +1 for proton and your own domain name. At first I balked at the priced and went somewhere cheaper - and then they had a breach. Proton takes security seriously and I’ll be with them as long as they hold to that. Added bonus is that since I’m paying for it I’m the customer and not the product.

      Then if they get all terrible and shady I can just pack up my domain and go somewhere else.

  • MajorHavoc@programming.dev
    link
    fedilink
    arrow-up
    11
    ·
    edit-2
    4 months ago

    pitfalls or things I should take into consideration before I purchase a domain?

    Make sure your chosen email provider supports DMARC. Since I’m sure someone is wondering, yes, Proton mail does.

    Are my emails more likely to be sent to spam with a custom domain vs an email provider’s?

    Absolutely, but only if you choose not to setup DMARC and DKIM

    Every mail provider, that I have encountered, that supports custom domain names, provides a detailed step by step guide for which DNS records to add. Follow the guide, don’t skip any steps, and make sure to finish.

    • Blu@sopuli.xyzOP
      link
      fedilink
      arrow-up
      5
      ·
      4 months ago

      I see some providers support DANE. Is that different than either DMARC or DKIM? I looked it up, but the description was very technical and didn’t clear up the differences for me.

      • MajorHavoc@programming.dev
        link
        fedilink
        arrow-up
        5
        ·
        4 months ago

        DANE helps protect the contents of an email.

        DMARC and DKIM help prevent domain origin spoofing (which is what spammers love to do).

        So no, DANE does not, to my knowledge, provide any protection against being treated like a spam domain.

  • ikidd@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    1
    ·
    4 months ago

    Register a domain with one provider, like Namecheap or Porkbun, set the nameservers to Custom and use another provider like Cloudflare to manage the DNS. That way if the registrar goes belly up, you don’t lose DNS and can move registrars (nameservers should stay authoritative and cached for long enough to move providers). DNS control is usually enough to convince a new registrar that you control the domain.

    If the DNS provider goes belly up, you can change the DNS provider at the registrar. If you keep DNS with your registrar, you risk not being able to do anything if they go down or out of business.

  • themachine@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    4 months ago

    The domain doesnt really matter. The mail servers reputation is what really matters. If you aren’t going to run your own mail server then you have nothing to be concerned about.

    • umami_wasabi@lemmy.ml
      link
      fedilink
      arrow-up
      9
      ·
      4 months ago

      No. Domain does matter. Free TLDs are the worst. Some paid one like .xyz aren’t great either.

      Disclaimer: I’m a owner of a xyz domain and Google constantly place my mail under spam folder without I ever know it.

  • mub@lemmy.ml
    link
    fedilink
    arrow-up
    6
    ·
    4 months ago

    I did this years ago. I had read a bunch of scare stories about Google cutting people off from their Gmail accounts and having no path to appeal.

    I setup a domain name that is just my full name .com and used a mail service like proton or titan mail. I setup a few accounts (shopping@, work@, games@, myname@, me@) and gave them aliases, for example Shopping has paypal@ and Amazon@.

    It is extremely unlikely anyone will want my domain name, so if my mail provider closes down or kicks me out I can just find another and repoint my DNS records to the new one.

    I recently had issues with my DNS registrar primary servers going down, and titan mail was costing more than I liked when the renewal came up, so I’ve now moved to porkbun and mxroute and I’m very happy.

  • DarkSirrush@lemmy.ca
    link
    fedilink
    arrow-up
    4
    ·
    4 months ago

    I have started using PurelyMail, and own my domain through cloudflare. If I ever have problems with PurelyMail I would just need to adjust some settings in cloudflare to move to a different provider.

  • ____@infosec.pub
    link
    fedilink
    arrow-up
    2
    ·
    3 months ago

    Migadu is relatively private, dirt cheap, and dead easy to set up. Supports both web and desktop email clients of choice.

    IMHO, TLD matters and always will - the problem is that it matters to varying degrees depending on the destination host, the remainder of your setup, etc. If you’re fastidious about configuring all of the requisite DNS records, etc., it will be less of a problem.

    I mostly avoid the newer non-CC TLDs for that reason, and general personal preference. Deliverability is enough of a challenge without adding more work to it, which is why ‘actually’ hosting one’s own email is mostly a toy project, and not something generally done as a serious endeavor. Useful for learning and understanding, of course, but not particularly practical to literally host one’s own email server for ongoing usage in any critical use case.

    You’ll find certain providers easier to get your emails through to than others - Hotmail and variants are notoriously difficult, and tend to drop inbound mail at the gate without sending a bounce message, as if the inbound mail just disappeared.

  • Empathy [he/him]@beehaw.org
    link
    fedilink
    arrow-up
    2
    ·
    4 months ago

    I’ve been using Zoho mail with a namecheap domain and had no significant issues, besides being marked as spam maybe once or twice?