from Hacker News

Ask HN: Does any use a separate email just for account registration?

by mangoman on 9/1/22, 4:11 PM with 10 comments

The horror stories about getting kicked off of Google for arbitrary reasons and the kafka-esque process of attempting to get an account reinstated have me thinking about how I'd want to move off of google at some point. However, I'm hesitant about moving to another service, mostly because I generally do find gmail convenient. I like that it auto uploads attachments that are too large to GDrive. I like being able to verify the receiver by the preview of their google profile picture if they're also a gmail user. There's also the question of, if I move all my stuff to another hosted email address, that service getting shut down. And there's plenty of reasons listed on the internet for not hosting your own email server (though it seems like it may not be as bad nowadays with some of the open source projects out there)

So then I had a thought - What if I host my own email server, only for inbound email, and use that for account registration? That way, if I ever do get arbitarily kicked off google, I won't be in _total_ registration hell. I could even generate an email address per service, so that I'll have more traceability for people who sell my email information. And I can keep my gmail for personal use.

Some open questions I have: * Will services that I register for fail to deliver emails to my server somehow? Or do I need to concern myself with IP reputations still? * Do I care about spam? for example, if I know that the email I registered for example.com is hello.example@myemailserver.com and correlate it with the domain it's for, I can basically ignore all emails that don't come from those domains. I don't know enough about email protocols to know what the threat vector here is. * How hackable are email servers? Ideally it would be nice to be able to provision email addresses per server, forward them to a single place, and filter them / categorize them based on how actionable they are. * What are the gotchas for managing your own email server? Inbound deliverability? Up time? spam / bots? updates and monitoring? disk space?

I'm curious if anyone else has thought about this and set it up for themselves, or any other self-hosters that do something interesting with their setup.

by pwg on 9/1/22, 4:35 PM
> Or do I need to concern myself with IP reputations still?
IP reputation relates to the receiver (usually the big web mail providers) deciding an email is spam based on the IP.
For your own receiving of emails, it should make no difference.
> Do I care about spam?
This is not a question we can answer for you.
> How hackable are email servers
A modern Postfix install, provided you don't miss-configure it, is pretty secure overall. The defaults start out on the "secure" side, so you do have to undo the wrong default to have a problem.
> What are the gotchas for managing your own email server? Inbound deliverability? Up time? spam / bots? updates and monitoring? disk space?
For a 'deliver only' server, you should have no issues.
Email is based on a store-and-forward architecture, and was designed to work in the days of UUCP data transfers, so if you are down for a day or two, inbound emails just wait until you are back up and then arrive.
Spammers will spam, it is what they do. Eventually one of the emails you allocate will find its way into a spam list and you'll get some requests for accepting DHL shippments or be asked to help the crown prince transfer $100MM out of country.
Being able to do easy updates makes the eventual management easier.
With 500G disks selling for 25.98 (https://www.newegg.com/seagate-barracuda-st500dm009-500gb/p/...) disk space is not likely to be a big concern unless you plan to receive a lot of giant email attachments.
> I'm curious if anyone else has thought about this and set it up for themselves,
I've self hosted my own email since circa 1998-1999. Doing so is not the "big scary monster" many of the "don't do that" blog posts make it out to be, but then again I've been a Linux user since somewhere circa the 0.99 kernel revision and am a heavy CLI user, so what I consider "relatively trivial" others might consider "impossibly hard".
by prirun on 9/1/22, 6:10 PM
I switched from gmail (15 years) to fastmail, and it was painless. There were maybe 15-20 services I used frequently where I had to change my email address. Then I forwarded my gmail address to 2 fastmail addresses, one personal, one business. I occasionally still get a gmail-forwarded email and deal with it as they occur or delete the message and ignore them.
> What if I host my own email server, only for inbound email, and use that for account registration? That way, if I ever do get arbitarily kicked off google, I won't be in _total_ registration hell. I could even generate an email address per service, so that I'll have more traceability for people who sell my email information. And I can keep my gmail for personal use.
This could all also be done with a cheap Fastmail account. I have run a qmail server for a previous business, and while it's doable and necessary if you need tight integration of email with your web site, ticketing system, etc., it wouldn't be worth it to me vs spending $30/year. JMHO.
by boboralice on 9/2/22, 11:59 AM
I have several different setups. I bought a domain and pointed it to Zoho to have 'easy' email and apps. I also have a fully self-hosted mailinabox setup, and I've done things "by hand" too, just because it's fun.
These days it's hard to mess up even by hand, you'd have to go out of your way to have your server turned into a zombie spam farm or whatever.
The only "problem" I've had recently was buying a server and finding the IP was already spam blacklisted. Getting removed from the blacklist was just a matter of submitting a request on the relevant maintainer's site.
The only major gotcha I had was the time I linked my domain registration account to an email address that was linked to a domain held on that account. I went on holiday and missed the renewal bill, then couldn't log in to pay because email was one of the 2FA steps. I felt like an absolute moron contacting support about that one!
by PaulHoule on 9/1/22, 4:15 PM
I've never had trouble receiving mail at email on my own domain so user registration is not a problem here. (I did work at a place long ago that, in fact, would only let you register if you had an email at an institution we trusted and specifically blocked webmail which was generally perceived as low-status until gmail came along and had invites and time delays early on to increase its status perception.)
If you sent mail from a private domain you will sometimes have deliverability problems for outbound mail. I've never felt it was a big problem for individual mails I send but I've usually used a deliverability service for bulk mail, transactional mails and verification mails I send.
by mtmail on 9/1/22, 4:18 PM
related "Ask HN: Why can't I host my own email?" https://news.ycombinator.com/item?id=31180379
and "Ask HN: The middle ground for email self-hosting?" https://news.ycombinator.com/item?id=31245625
by JohnFen on 9/1/22, 10:32 PM
I avoid registering for any accounts to the greatest extent possible. But when I have to, each account gets its own distinct email address, not used for any other purpose.
I do this by running my own mailserver, but it's also pretty easy to do with most email hosts that I've seen.
by an_aparallel on 9/2/22, 12:28 AM
dont use gmail - fastmail convertee about a year ago.
i create aliases for job applications, sign ups, discount codes, nearly everything. Internet use is almost adversarial at this point. The only things that get my real email are core gov services, insurance, rent and so on. So yes, and often :)