I’m pretty far into the degoogling process, and I’m thinking about purchasing a domain and using it for email. I realized I don’t want to be stuck with any one email service, so this is pretty much a necessity for me.
I wouldn’t self host though, because I understand that’s very hard to do.
For people who have already done this: are there any pitfalls or things I should take into consideration before I purchase a domain?
Also, does the tld matter? Are my emails more likely to be sent to spam with a custom domain vs an email provider’s?
pitfalls or things I should take into consideration before I purchase a domain?
Make sure your chosen email provider supports DMARC. Since I’m sure someone is wondering, yes, Proton mail does.
Are my emails more likely to be sent to spam with a custom domain vs an email provider’s?
Absolutely, but only if you choose not to setup DMARC and DKIM
Every mail provider, that I have encountered, that supports custom domain names, provides a detailed step by step guide for which DNS records to add. Follow the guide, don’t skip any steps, and make sure to finish.
I see some providers support DANE. Is that different than either DMARC or DKIM? I looked it up, but the description was very technical and didn’t clear up the differences for me.
DANE helps protect the contents of an email.
DMARC and DKIM help prevent domain origin spoofing (which is what spammers love to do).
So no, DANE does not, to my knowledge, provide any protection against being treated like a spam domain.
Register a domain with one provider, like Namecheap or Porkbun, set the nameservers to Custom and use another provider like Cloudflare to manage the DNS. That way if the registrar goes belly up, you don’t lose DNS and can move registrars (nameservers should stay authoritative and cached for long enough to move providers). DNS control is usually enough to convince a new registrar that you control the domain.
If the DNS provider goes belly up, you can change the DNS provider at the registrar. If you keep DNS with your registrar, you risk not being able to do anything if they go down or out of business.
I do this and I use Proton as my email provider. I think as long as you set the email security standards, which Proton, for example, teaches you how to do, you should be fine.
+1 for proton and your own domain name. At first I balked at the priced and went somewhere cheaper - and then they had a breach. Proton takes security seriously and I’ll be with them as long as they hold to that. Added bonus is that since I’m paying for it I’m the customer and not the product.
Then if they get all terrible and shady I can just pack up my domain and go somewhere else.
Then if they get all terrible and shady I can just pack up my domain and go somewhere else.
FWIW Proton is a nonprofit now, so there isn’t much incentive for them to get shady.
I didn’t know that! Very neat!
Very recent development - a month ago today, in fact! https://proton.me/blog/proton-non-profit-foundation
I had a good experience with Proton, as well. At the time I was an absolute DNS newbie. But Proton’s guide was very good.
Use a stable domain provider that has good security, like cloudflare, buy the domain for 10 years, and then every year have auto-renew setup; that gives you 9 years to fix any billing issues that pop up. Ensure you use domain privacy, so your information doesn’t get released to the public whois database. Setup 2factor with the domain registrar, this is your online identity now, lock it down.
https://www.privacyguides.org/en/email/
Decide how you want to use email, fast mail is good if you don’t care about encryption, tuta is good if you want all data to be encrypted at rest, and i hear good things about proton except they don’t encrypt metadata at rest (but they do have bridges so you can use standard imap email clients)
You might want to setup some subdomains so you can categorize your email even more, setup catch-all addresses for each domain
I’m not sure I fully agree with your suggestion of CloudFlare, though your point is well-taken - ten year renewals with nine to fix billing issues is a best practice. Last thing I want is to lose my primary email because I missed a billing email after replacing a card six months ago.
Catch-alls are definitely a win, especially for people who sometimes forget to write down every single ephermeral email address they’ve ever used to sign up for anything with… I like subdomains for email, but only when planned/executed in an intentional way. Has the potential to get out of hand quickly.
I’ve elsewhere mentioned my preferred provider, but it seems to be fairly common that most email providers also offer DNS as part of the package, which makes the whole process much simpler.
One bonus to using subdomains for different email categorization, is it makes alerting much easier.
Important.domain.com, could always make a audio alarm, or get flagged in your inbox. And that could be for domain renewals, insurance, that sort of stuff
Fluff.domain.com could be used for things that don’t really matter just nice to have, Netflix, GeForce now etc
I like that a great deal, and now I wish I had set things up that way from the start - anything to ‘family.domain.com’ should always audio alert, 100% of the time, regardless of hour of day or silent mode.
The idea of going back and updating 20+ years of accounts and communications and other folks’ address books feels insurmountable, but that’s neither here nor there. No real reason I couldn’t start fresh with a nice, short, simple domain and subdomains for the purpose.
The domain doesnt really matter. The mail servers reputation is what really matters. If you aren’t going to run your own mail server then you have nothing to be concerned about.
No. Domain does matter. Free TLDs are the worst. Some paid one like .xyz aren’t great either.
Disclaimer: I’m a owner of a xyz domain and Google constantly place my mail under spam folder without I ever know it.