Hacker News new | ask | show | jobs
by tahdig 2411 days ago
There are too many people here advocating to host your own email in your own domain. Please be warned that it has its own risks:

By hosting your main email on a custom domain(not a provider) you open a new attack vector for identity theft. There was an article on HN just a couple weeks ago about someone getting hacked by exactly this attack form. IIRC it was godaddy having stupid verification process.

Someone can hijack your godaddy/namecheap/gandi account and point the MX DNS records of the domain to their own server and receive all your "Forgot your password? here is the link to reset!" emails

This a very bad advice unless you actually know what are the risks.

Maybe suggesting a paid email provider would be better, does anyone know of any reliable email providers that you pay for what you are getting and they are not selling your account data or block you for some reason?
1 comments
Recursing 2410 days ago
Also, you randomly won't be able to send mails, as google will randomly mark them as spam (for no reason, with no explanation and with no chance to appeal)

So you'll never know if any mail you send to a gmail user (which is pretty much everybody) will ever actually reach an inbox

https://www.mail-archive.com/mailop@mailop.org/msg08806.html

https://mailman.nanog.org/pipermail/nanog/2019-October/10381...

link
stevenicr 2410 days ago
This. I recently found that even though several emails from my custom domain accounts had gotten through to gmail users - some of them did not get to the main box instead ended up in promotions.. and some of them did not get delivered at all.

These cases were to the same person, from the same computer and account - some would go through and some would not, some could be found in spam box, others just vanished -

then I started calculating the time I spent writing some emails that I never got a reply to - like hours of writing - and I though I was just ghosted for a competitor - turns out it's likely they never saw the work I sent.

I have witnessed this with 3 different receivers the past year.

The last back and forth I just resorted to using my personal gmail account to communicate with new business associate as the receiving was so erratic. At first they wondered why google was putting stuff in spam folder that did not belong there - then it just turned to non-stop frustration and delayed thumbs up on work orders.

the algo should know if you sent one email and they opened and read and replied - and you sent another, it should not matter if you put in the second email, 'your desire to do Z with your web site is understood, and can be done, but you may run into a bad SEO issue that could affect where your site displays in search results, so instead we reccomend not doing X and instead doing Y.."

something like that - so many times is seems that the anti-spam seo hating google teams trump and destroy all the things, regardless of false positives - and no transparency which hurts people - but saves the secret sauce of the anti-spam team I guess.

This is a tough place to be in when so many use gmail.

link