Hacker News new | ask | show | jobs
by pgt 702 days ago
This is why I have my own domain and control the MX records on the DNS on it, so that I can reroute email to a new email provider, if needed (I pay for Fastmail).

Another nice thing about having a catch-all on own domain is that you can sign up to each service with a unique email address, e.g. <microsoft>@<your-domain.com>, which makes it easy to see if any services ever sold your address.
7 comments
psychoslave 702 days ago
You can even put <hn-2024-07-11>@<some-domain.tld>.

Let’s note however that even "owning a domain" is an illusion of control, as IANA is ultimately a retainer of uncle Sam. I don’t know if there is any functional distributed alternative that promote more autonomy to end users that can works out of the box (or even just a few basic install steps away) in most digital terminal out there.

link
tamimio 701 days ago
> Let’s note however that even "owning a domain" is an illusion of control

That’s not true. It’s definitely not complete control, but it’s far more “sovereign” and independent than having a user account with some corporation that can change its ToS overnight. To seize a domain, a lengthy legal process is needed. Not to mention, you can choose a domain that doesn’t fall under a specific country’s jurisdiction or choose a registrar company located in another country. For example, you can register a domain like .ch or .no, and a legal US order won’t be effective, especially if you didn’t use a US-based registrar. Furthermore, you can host your own domain name (1). It isn’t entirely safe, but the process and efforts to seize it are far more complicated than a click in an MS dashboard. Unless that person is doing something extremely illegal, no one will bother.

(1) https://blog.technitium.com/2022/06/how-to-self-host-your-ow...

link
dartos 702 days ago
Didn’t the US give up direct control of IANA years ago?
link
psychoslave 702 days ago
This is technically correct, indeed. Now it’s ICANN, a non-profit organization to which the responsibility was transferred to. ICANN is based in California and if I’m not mistaking, operates under usual law regime of this state — unlike embassies or consulates for example.

https://www.zdnet.com/home-and-office/networking/icann-still...

link
SSLy 701 days ago
IANA/ICANN will not act on customers of others gTLDs, would they?
link
flutas 702 days ago
> you can sign up to each service with a unique email address, e.g. <microsoft>@<your-domain.com>, which makes it easy to see if any services ever sold your address.

Pro tip on this, use gibberish if you want a true canary. I know it's tempting to use microsoft@ or ms@ or msft@ etc, but companies are getting smarter about selling emails and filter those out.

link
LinuxBender 702 days ago
Anecdotally backing this up, I did the less obfuscated address with Tractor Supply and they flagged my account as fraud and nullified a gift card that a company gave me. I tried working with their customer support but they were openly joking with one another on the calls treating me as a scammer.
link
Toutouxc 701 days ago
That’s exactly why I’m doing it. Most people don’t need a canary, they just want to be left the fk alone.
link
9991 702 days ago
Problem solved!
link
remram 702 days ago
What if your domain registrar kicks you out because you once logged in from <embargoed country>? You can't win here if corps want to hurt you.
link
Zak 702 days ago
ICANN has rules that limit how much power a registrar has when they choose to stop doing business with someone. As a rule, registrars can't just cancel your domains.
link
zerkten 702 days ago
>> Another nice thing about having a catch-all on own domain is that you can sign up to each service with a unique email address

This is true when services support sign-up with a password and you are an advanced user. I'm not sure that this is easy for many vulnerable people that need this. The advice you may need to add is that you should use these unique email addresses to create burner accounts on login providers (Microsoft accounts, Google accounts, etc.) because that's how you have to access some services.

link
rodnim 702 days ago
> you can sign up to each service with a unique email address, e.g. <microsoft>@<your-domain.com>, which makes it easy to see if any services ever sold your address

You don't need your own domain for that. Gmail (and probably the other big ones) support it as well, just add a plus sign and whatever after your username: username+microsoft@gmail.com will end up in the inbox of username@gmail.com.

link
technothrasher 702 days ago
Fastmail handles this "unique email address" scenario really well, even tying into Bitwarden so you can insert a unique address into a web form with just a couple clicks, and then efficiently block/remove the email address later, as desired.
link
liendolucas 701 days ago
Where can I read more about this "catch-all" domain setup? Interested to implement this solution. Any resources you recommend?
link
Toutouxc 701 days ago
Literally just register a domain, choose a popular mail provider and read their docs on how to use your own domain with them. It’s widely supported.
link
liendolucas 701 days ago
Thanks! For some reason my brain interpreted that I needed to setup my own mail server but it doesn't seem to be the case.
link