this post was submitted on 16 Jul 2024

50 points (96.3% liked)

DeGoogle Yourself

8753 readers

3 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

Be respectful even in disagreement
No advertising unless it is very relevent and justified. Do not do this excessively.
No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 4 years ago

MODERATORS

CrypticCoffee@lemm.ee

CrypticCoffee@lemmy.ml

Byereddithellolemmy@lemmy.world

chevy9294@monero.town

Using your own domain for email? (sopuli.xyz)

submitted 3 months ago* (last edited 3 months ago) by Blu@sopuli.xyz to c/degoogle@lemmy.ml

25 comments fedilink hide all child comments

I'm pretty far into the degoogling process, and I'm thinking about purchasing a domain and using it for email. I realized I don't want to be stuck with any one email service, so this is pretty much a necessity for me.

I wouldn't self host though, because I understand that's very hard to do.

For people who have already done this: are there any pitfalls or things I should take into consideration before I purchase a domain?

Also, does the tld matter? Are my emails more likely to be sent to spam with a custom domain vs an email provider's?

all 27 comments

sorted by: hot top controversial new old

[–] jet@hackertalks.com 23 points 3 months ago (2 children)

Use a stable domain provider that has good security, like cloudflare, buy the domain for 10 years, and then every year have auto-renew setup; that gives you 9 years to fix any billing issues that pop up. Ensure you use domain privacy, so your information doesn't get released to the public whois database. Setup 2factor with the domain registrar, this is your online identity now, lock it down.

https://www.privacyguides.org/en/email/

Decide how you want to use email, fast mail is good if you don't care about encryption, tuta is good if you want all data to be encrypted at rest, and i hear good things about proton except they don't encrypt metadata at rest (but they do have bridges so you can use standard imap email clients)

You might want to setup some subdomains so you can categorize your email even more, setup catch-all addresses for each domain

[–] j4k3@lemmy.world 3 points 3 months ago (1 children)

Is there an easy foundational setup that is also quite reasonable for someone on a friends and family charity budget and an old Raspberry π 3? I am slow, a methodical intuitive learner type, with no mentor figure or mobility. I've been overwhelmed every time I've tried to read into self hosting, usually because I have a purpose I want to fill and not a dedicated interest in the subject directly. I don't need the pay to play-ignorantly setup; I need the easiest grass roots path to email, next cloud, proxy, (other), - setup. The setup that experience teaches as the obvious easiest and cheapest way to get started with, or use sustainably and build upon over time.

[–] MajorHavoc@programming.dev 3 points 3 months ago (2 children)

You can run a mail server on Raspberry Pi, but you'll also likely need a Dynamic DNS solution, a paid DNS provider (costs about $15 per year), and to learn a lot a out DKIM, DMARC and SPF, which there are lots of good free guides for.

I ran my own Dynamic DNS to my home for years even without the "dynamic" bit. I just updated it manually once every 18 months when my home IP actually changed. Your mileage may vary, but there's tons of free and cheap solutions that are plenty good enough.

[–] Flax_vert@feddit.uk 2 points 3 months ago (1 children)

A dynamic dns isn't needed if you have a domain. There are automatic scripts that work with the Cloudflare API to update your domain's IP address

[–] MajorHavoc@programming.dev 2 points 3 months ago* (last edited 3 months ago)

Those scripts are generally also just called "Dynamic DNS".

To clarify for others reading along - web services will try to sell you "Dynamic DNS", which is something you can also automate for yourself, for free, via many cloud APIs.

Edit: I also see Dynic DNS (as a cloud service that still typically requires running a local script) provided as a free add-on to other services pretty frequently.

[–] ____@infosec.pub 3 points 3 months ago (1 children)

I'm not sure I fully agree with your suggestion of CloudFlare, though your point is well-taken - ten year renewals with nine to fix billing issues is a best practice. Last thing I want is to lose my primary email because I missed a billing email after replacing a card six months ago.

Catch-alls are definitely a win, especially for people who sometimes forget to write down every single ephermeral email address they've ever used to sign up for anything with... I like subdomains for email, but only when planned/executed in an intentional way. Has the potential to get out of hand quickly.

I've elsewhere mentioned my preferred provider, but it seems to be fairly common that most email providers also offer DNS as part of the package, which makes the whole process much simpler.

[–] jet@hackertalks.com 3 points 3 months ago (1 children)

One bonus to using subdomains for different email categorization, is it makes alerting much easier.

Important.domain.com, could always make a audio alarm, or get flagged in your inbox. And that could be for domain renewals, insurance, that sort of stuff

Fluff.domain.com could be used for things that don't really matter just nice to have, Netflix, GeForce now etc

[–] ____@infosec.pub 3 points 3 months ago

I like that a great deal, and now I wish I had set things up that way from the start - anything to 'family.domain.com' should always audio alert, 100% of the time, regardless of hour of day or silent mode.

The idea of going back and updating 20+ years of accounts and communications and other folks' address books feels insurmountable, but that's neither here nor there. No real reason I couldn't start fresh with a nice, short, simple domain and subdomains for the purpose.

[–] shortwavesurfer@monero.town 12 points 3 months ago (2 children)

I do this and I use Proton as my email provider. I think as long as you set the email security standards, which Proton, for example, teaches you how to do, you should be fine.

[–] MajorHavoc@programming.dev 5 points 3 months ago* (last edited 3 months ago)

I had a good experience with Proton, as well. At the time I was an absolute DNS newbie. But Proton's guide was very good.

[–] scrubbles@poptalk.scrubbles.tech 3 points 3 months ago (1 children)

+1 for proton and your own domain name. At first I balked at the priced and went somewhere cheaper - and then they had a breach. Proton takes security seriously and I'll be with them as long as they hold to that. Added bonus is that since I'm paying for it I'm the customer and not the product.

Then if they get all terrible and shady I can just pack up my domain and go somewhere else.

[–] cygnus@lemmy.ca 3 points 3 months ago (1 children)

Then if they get all terrible and shady I can just pack up my domain and go somewhere else.

FWIW Proton is a nonprofit now, so there isn't much incentive for them to get shady.

[–] scrubbles@poptalk.scrubbles.tech 1 points 3 months ago (1 children)

I didn't know that! Very neat!

[–] cygnus@lemmy.ca 3 points 3 months ago

Very recent development - a month ago today, in fact! https://proton.me/blog/proton-non-profit-foundation

[–] MajorHavoc@programming.dev 11 points 3 months ago* (last edited 3 months ago) (1 children)

pitfalls or things I should take into consideration before I purchase a domain?

Make sure your chosen email provider supports DMARC. Since I'm sure someone is wondering, yes, Proton mail does.

Are my emails more likely to be sent to spam with a custom domain vs an email provider's?

Absolutely, but only if you choose not to setup DMARC and DKIM

Every mail provider, that I have encountered, that supports custom domain names, provides a detailed step by step guide for which DNS records to add. Follow the guide, don't skip any steps, and make sure to finish.

[–] Blu@sopuli.xyz 5 points 3 months ago (2 children)

I see some providers support DANE. Is that different than either DMARC or DKIM? I looked it up, but the description was very technical and didn't clear up the differences for me.

[–] MajorHavoc@programming.dev 5 points 3 months ago

DANE helps protect the contents of an email.

DMARC and DKIM help prevent domain origin spoofing (which is what spammers love to do).

So no, DANE does not, to my knowledge, provide any protection against being treated like a spam domain.

[–] ikidd@lemmy.world 9 points 3 months ago

Register a domain with one provider, like Namecheap or Porkbun, set the nameservers to Custom and use another provider like Cloudflare to manage the DNS. That way if the registrar goes belly up, you don't lose DNS and can move registrars (nameservers should stay authoritative and cached for long enough to move providers). DNS control is usually enough to convince a new registrar that you control the domain.

If the DNS provider goes belly up, you can change the DNS provider at the registrar. If you keep DNS with your registrar, you risk not being able to do anything if they go down or out of business.

[–] themachine@lemmy.world 7 points 3 months ago (1 children)

The domain doesnt really matter. The mail servers reputation is what really matters. If you aren't going to run your own mail server then you have nothing to be concerned about.

[–] umami_wasbi@lemmy.ml 9 points 3 months ago

No. Domain does matter. Free TLDs are the worst. Some paid one like .xyz aren't great either.

Disclaimer: I'm a owner of a xyz domain and Google constantly place my mail under spam folder without I ever know it.

[–] mub@lemmy.ml 6 points 3 months ago

I did this years ago. I had read a bunch of scare stories about Google cutting people off from their Gmail accounts and having no path to appeal.

I setup a domain name that is just my full name .com and used a mail service like proton or titan mail. I setup a few accounts (shopping@, work@, games@, myname@, me@) and gave them aliases, for example Shopping has paypal@ and Amazon@.

It is extremely unlikely anyone will want my domain name, so if my mail provider closes down or kicks me out I can just find another and repoint my DNS records to the new one.

I recently had issues with my DNS registrar primary servers going down, and titan mail was costing more than I liked when the renewal came up, so I've now moved to porkbun and mxroute and I'm very happy.

[–] DarkSirrush@lemmy.ca 4 points 3 months ago

I have started using PurelyMail, and own my domain through cloudflare. If I ever have problems with PurelyMail I would just need to adjust some settings in cloudflare to move to a different provider.

[–] Empathy@beehaw.org 2 points 3 months ago

I've been using Zoho mail with a namecheap domain and had no significant issues, besides being marked as spam maybe once or twice?

[–] ____@infosec.pub 2 points 3 months ago

Migadu is relatively private, dirt cheap, and dead easy to set up. Supports both web and desktop email clients of choice.

IMHO, TLD matters and always will - the problem is that it matters to varying degrees depending on the destination host, the remainder of your setup, etc. If you're fastidious about configuring all of the requisite DNS records, etc., it will be less of a problem.

I mostly avoid the newer non-CC TLDs for that reason, and general personal preference. Deliverability is enough of a challenge without adding more work to it, which is why 'actually' hosting one's own email is mostly a toy project, and not something generally done as a serious endeavor. Useful for learning and understanding, of course, but not particularly practical to literally host one's own email server for ongoing usage in any critical use case.

You'll find certain providers easier to get your emails through to than others - Hotmail and variants are notoriously difficult, and tend to drop inbound mail at the gate without sending a bounce message, as if the inbound mail just disappeared.