Hi there!
Context: After the recent debacle with Proton I was finally pushed to look for other alternatives. I had already wanted to change services for a while so it was nice to get the final push. It’s still a good service, open-source and all. I personally just wanted to look for something else. However, I had not realised how deeply I was integrated into the email+alias feature they had, and how much work it is to change out of this, I have a fair amount of accounts.
I have now found a new email provider and bought a new domain. However I’ve got a few questions for those to who rock custom domains:
- Do you use random strings before the @ sign? Or do you use it like lemmy@example.com?
- Because I’m considering using this as a catch-all address, doesn’t this mean that anyone who wants (and knows the domain) and send spam on any random string before the @? Are you worried about this, and are there any counters to this?
- As far as I’ve understood the main benefit of using my own domain for email, is that it will make it a lot easier to change providers in the future, as I can just change the nameservers so traffic is directed elsewhere - correct?
Thanks for any input, experiences or thoughts about this.
Ps. My threatmodel isn’t that complex, I mainly want to stop spam from any potential services selling my email.
I often use “[name-of-service]@mydomain.com”. When I start getting spam to one of those addresses, it’s immediately obvious who is selling email addresses.
That was one of my concerns, but I haven’t really seen it happen. I rarely get mail to random addresses I’ve never used.
You will get spam for every address you widely publish, though, which can mean you get multiple copies of the same spam.
Ditto that, with the exception that I’ve had two addresses leaked from Scentbird of all places.
I guess their backend/database security is just trashed because they’ve shown up multiple times on haveibeenp3wned.