[user234683]

What is the best approach to dealing with this problem as an individual?

Gmail? You might randomly get locked by some AI algorithm (or you might get banned!), or something else goes wrong, and there's no recourse.

Yahoo? I recently lost access to mine because they decided to start demanding verification with a deactivated email I haven't had access to for 15 years in order to login. Luckily, I had access in an email client, so I was able to migrate all the important accounts off of it.

Yahoo/AOL/Tutanota/Protonmail/Many others? These ones will auto-delete your account if you don't login frequently enough (not protonmail yet, but they allow it in their TOS)

Self-host? All self-hosting infrastructure requires an email in the first place. Lose access to that email, lose access to payment reminders, potentially your hosting account. I nearly lost my domain since the payment reminders went to an email that I rarely check because it doesn't support IMAP. And there is a greater increase of hacking unless you're a professional sysadmin and have plenty of time for maintenance.

Duo push? Your phone breaks.

SMS verification? Phone breaks, lose access to your plan, compromised employee gives your codes away, etc.

I've settled on using my university gmail address since (1) they promise alumni can keep it and (2) if something goes wrong with it (likely losing 2-factor by losing my phone), there is a good alumni support center. There really needs to be a human I can talk to somewhere. Still not sure if this is the best approach; am I still at risk from Google here?

[Horffupolde]

You are missing the best solution which is your own domain and hosted email like Gmail. If you get locked out like you said, “just” change providers and you lose at most a couple of hours of emails.

[arp242]

You can lose a domain though, so that's not perfect or guaranteed either. That said, it probably is the best option right now.

[layer8]

With domains on auto-renewal, unless you are with an incompetent registrar or there is some legal issue, you won’t lose your domain.

I agree that there should be some non-forfeitable right to a permanent personal domain though.

[arp242]

Credit cards expire so manual action will be needed at some point, contact details change, people can be in financial troubles and even the ~€10 can be a lot, people can be temporarily indisposed due to illness (ranging from cancer to serious accidents to mental illness), etc. etc.

There's tons of exceptional circumstances where people can lose access to their domain. Some TLDs have no grace period at all and it can be fairly easy to lose access. For others it's larger, but even there, it's not that hard to see how people can lose access for one reason or the other.

[layer8]

There are registrars that let you pay ten years in advance. And of course, you should choose a reputable TLD. Seriously, this is not a problem in practice if you apply a minimum of diligence.

[arp242]

Some reputable ccTLDs don't have grace periods, and there may be good reasons for choosing such a TLD. Ten years is not the rest of your life (I hope, anyway) and you certainly won't be able to use the auto-renewal from your previous comment after 10 years. Sucks to be you if you happen to be in a hospital at that time I guess.

Are the chances small? Sure. But some are also outside your control and apply "small chance of [..]" to a large enough population and before you know it you're excluding millions of people.

[Horffupolde]

You can open a trust to manage your domain and email service in perpetuity.

[bgro]

No developer working on account authentication for sites has ever used the correct regex to parse and validate a legitimate email. I wouldn’t be surprised to see things like if you’re at anything other than @Gmail.com the email gets flagged as invalid. Maybe there’s a manual approval step here but better just flag your session as suspicious activity or failed bot check for the time being.

Or in the spaghetti parsing, obviously nobody is going to have swear words in their email. Go ahead and blanket ban all of that. And then @JohnsonAssociates.com gets banned.

I’ve also seen email parsing rules get applied to login screens too. So the valid email rules get updated and suddenly you fail validation trying to log into your already existing account. Ran into this today actually.

So having your own domain might solve some problems but you may still end up needing multiple accounts with devs refusing to use correct parsing rules.

[direwolf20]

You are underestimating the potential for legal issues.

[layer8]

I don’t think I am. The statistical probability is very low.

[diggan]

Unless you're actively committing something that can be considered a crime in the jurisdiction of your registrar, you're unlikely to just loose it though. Unless you're hosting stuff at CloudFlare and they decide you're a "bad person", then anything goes.

[layer8]

This is the simple and best solution. As a side benefit, you can use an unlimited number of email addresses.

[user234683]

Here's an additional problem with using your own domain: some websites (Discord for example) require you to contact support using the email tied to your account. Many corporate systems will reject emails from "untrusted" domains, so you won't be able to contact them.

[Spivak]

> Many corporate systems will reject emails from "untrusted" domains

And by untrusted you mean everyone's work email that uses a bespoke domain?

[pseudalopex]

Probably they meant everyone not sending through a company too big to ignore. See any discussion of self hosting email.

[phendrenad2]

> Many corporate systems will reject emails from "untrusted" domains

Source? In my experience as long as you follow basic email authentication protocols (DMARC...) you'll get through anything just fine.

[bobbylarrybobby]

What about iCloud? I guess in theory they can ban your account, but at least with apple I feel like you generally have some recourse and can talk to a human.

[layer8]

There are two issues I ran into after setting up iCloud mail for someone else:

1. Apple’s spam filtering can be very proactive, and the only way to (allegedly) influence it is to move false positives back to the inbox. There are no settings to whitelist addresses (having them in Contacts doesn’t work reliably) or to turn off spam filtering altogether. As often with Apple, you have to accept their design choices of how they think stuff should work, and can’t do much about it.

2. If you’re transferring or forwarding emails from another account, Apple has a 20 MB email size limit while it’s 25 MB for GMail, which means there may be emails that can’t be transferred.

In any case, I would recommend having your own domain and choosing email providers that support custom domains. That way, you can switch email providers at will while retaining your existing email address(es).

[Aerbil313]

Afaik iCloud supports adding custom domains for your mail account, and I am currently looking at something called iCloud Mail Rules in the Settings with which you can apparently define custom handling rules for each sender.

[CharlesW]

Yes, this is what I do for precisely that reason.

Apple is a long-time, reliable email provider, and the transition from Google Workspace to iCloud+ custom domains was straightforward with `imapsync`: https://blah.cloud/miscellaneous/migrating-google-workspaces...