Your email address is too important to leave in the hands of a third-party provider. This isn’t to say that using a third-party provider to run your email is a bad idea. You should own the domain, though.
True, but an added complication is that you have to be really, really careful about your domain. You have to trust your registrar, set up 2FA, and make sure it never expires, etc. So in the end, owning your domain isn't foolproof either, it's also another point of failure (similar to Google deleting your account, although one you may have more control over).
For what it's worth, I use Fastmail + a custom domain and couldn't be happier. But I'd hardly recommend it to everyone for personal email.
For making sure it never expires, I recommend (1) initially buy it for multiple years, (2) every year on your birthday (or on Christmas, or on some other date that is significant to you) add another year, and (3) put a recurring entry on your calendar a week or two after the date from #2 to check to make sure you remembered #2.
I'd recommend for #2 picking a date that you do other annual preventative stuff on, such as changing your smoke detector batteries. That way you build an association in your mind between that other stuff and extending the domain, making it further unlikely that you will forget.
Generally, you can start out with 10 years. Some registrars offer even more, but the underlying registries generally only support 10 years. The registrars that offer more do so by doing 10 years with the underlying registry and then automatically extending that every year transparently to you. If they go out of business more than 10 years before the end of the term they purported to sell you, those remaining years will go poof.
Also have on your calendar reminder for #3 a reminder to check to make sure your contact information still works, particularly email. If you own domain X and use it for email, you probably don't want to use an @X email address as your contact address for the registrar you registered X from. If something goes wrong with your account or domain at the registry and they try to contact you, you don't want their email to you to get eaten by whatever problem they are trying to contact you about.
Owning a domain with a registrar like Hover (or if only for email, through your mail provider) is really not that complicated or difficult. You get an email once a year that it will be renewed, they charge your card, and it’s done.
And 2FA? Yeah, if you’re not already doing that for PayPal, Venmo, eBay, and others, you’re not gonna add it for your domain. If you are already doing that, it’s no extra burden.
You have real customer support (a person) who gets back to you in a timely fashion and is always helpful. The android app and web app are intuitive and easy to use. I switched from Gmail to Fastmail a few years ago and couldnt be happier and it's cheap.
My stack is:
Custom domain (current registrar: namecheap)
Fastmail for email, Calendar & Contacts hosting with DAVx5 & Fastmail App on Android,
Netlify for DNS & static website hosting
Switched everything over from Dreamhost after 14 years or so in 2020, and the only thing that would make me happier with Fastmail would be for them to have global holiday calendar syncing (This is the only reason my Fastmail account is linked to a dummy google account - to sync holidays!)
I get to use email aliases, catchalls and a mail system which can automatically file mails before I have manually written a single rule. Off the top of my head, the aliases, the sensible (vim-like) keyboard shortcuts (g for search folders, j-k for navigation, etc.), built-in caldav and carddav support are the things that make life easy on a day by day basis. Notes are about the only thing I don't use, but my encrypted Joplin notes are actually synced to the Files section on Fastmail via WebDAV since Fastmail also offers you decent (At least 10GB if you have a standard plan, which you need for a custom domain) of WebDAV accessible storage along with email...
15 year Fastmail user here. Fastmail has been great, no downtime, and I don't really think about it at all. Good web client and you can do filtering if you need to.
They've just been super reliable and mature for me. No huge updates that force me to adjust. Interface is nice and clean, uptime and service super reliable. Everything just seems to work for me (aliases, forwarding, filters, good Android app), and the pricing is within reason.
I actually use their web interface and official Android app. I'm surely no power user, but have used various providers over the years until I settled with Fastmail (seemingly for good). It's difficult to decide whom to trust with e-mail but to me they seem trustworthy. I still like to have my own domain, so I could in theory take it with me, if I ever started being displeased.
In general: Paying for a service (especially e-mail) is invaluable (my data not being mined), also for potential account recovery (didn't use their customer service often, but when it happened, it was decent).
I can't comment on ProtonMail but especially with e-mail, a proven (long term) track record is gold, and Fastmail has it.
addendum: upon rereading it almost sounds like a Fastmail commercial. I'm only a satisfied user without any further connection towards the company.
I'm not sure if email can ever be secure, or put better if I could ever set it up and keep it secure. So the jurisdiction issue wasn't a big factor for me (although I'd prefer Switzerland over Oz's warrants with gag orders).
At the time when I evaluated, FastMail just worked, and their standard support remains excellent. IMAP works great. The ProtonMail bridge thing put me off to be honest. There's not too much else to it.
Either way though, both were preferable to Gmail, which I wanted to drop along with all Google stuff if I could. And being lazy/just wanting it to work, I chose Fastmail.
I think I’m trying to decide on the tradeoff between ProtonMail for privacy reasons and FastMail for good support. It’s not clear to me what implications there are for the bridge thing or their location.
The privacy stuff has been discussed to death elsewhere. All I can say is compare the setup instructions for either service on desktop and mobile (especially if you're on iOS). Maybe calendar and contacts sync too, if you care about that. If you can live with the ProtonMail way of doing things, go with them, else FastMail.
I switched to fastmail from migadu last year. My killer feature is being able to use a custom email address per company without having to provision one (ie, a catch all that you can do send as x from).
I left migadu because they repeatedly demonstrated they were neither professional nor reliable enough to host my email (that is bargain basement pricing for you). I looked around and trialled several services on my other domains; I settled on fastmail as they had a proven track record with recommendations from people I trust who know email, every feature I wanted, and decent pricing.
I recently did a big survey of the mail hosting market. I settled on migadu. Have used them for two months now and am very happy with them. Consider checking them out.
Between those two, proper IMAP support (including IMAP push) is the big thing. Webmail generally drives me nuts for anything beyond stopgap usage, and while ProtonMail has a local IMAP adapter thing it’s a step too involved for me.
IMAP support is incidentally also why I don’t use Gmail. Their IMAP implementation is spotty and notoriously bad with Apple Mail, whereas the experience with FastMail is flawless.
Perhaps it’s time for the development of a standard where your email address isn’t tied to a domain; instead, email is addressed to an identity and the underlying plumbing automatically handles routing and delivery. Very similar to how your mobile phone number is portable between providers.
We can’t expect everyone to own a domain to control their messaging sovereignty.
DNS is for service discovery, not identity discovery and routing. I leave the rest of your questions for the standard to be developed. I don’t have all the answers, but am willing to pay people smarter than me to figure it out. Accept this sub thread as the official Request For Comments :)
You own private key. Public key is your identity. Public key could be linked to facebook, twitter, github accounts, etc, so you can easily discover or verify people.
Yes. I also made the choice to pay for my email hosting from a reliable provider, it's cheap (1.5$ month) and I'm considered as a customer, I can have a support with real humans.
Yes, but if one goes out of business you can buy your domain from someone else! Or even transfer it, if you are warned a nonzero amount of time in advance.
Being able to keep your address across service providers being the important part here, that way your online life doesn't get in a huge jumble when your provider goes away.
I've hosted email for myself and some other users for decades now. We all own our domains and aren't getting any younger. I'm a little terrified of the responsibility I've taken on and have no idea what I'll do when we start dropping like flies. Renewals will lapse, allowing squatters to snatch up our domains, read new incoming email and impersonate us. I'm not thrilled with depending on third parties, either, but now I wish it was someone else's problem who might outlive us and exercise a small degree of ethical oversight. Maybe there's a business idea here...
That's fair enough, as long as you would trust that business to not misuse your address space for other things. Same level of trust one would put in a regular email provider, I guess.
Running your own mail server, having problems due to shared IP is only one of the problems. Some more:
Spam filtering for one. Uptime and updating without downtime. You would absolutely need redundancy (complexity of the solution required starts building up quickly). Keeping tabs on mail server security and the vulnerabilities discovered in your particular software stack. A 15 second down time means an important mail might not reach you. If your mail server crashes due to unknown reason at 4 am, do you really want it to be your problem to fix? And it will of course happen when it least fits your schedule for the day. On most days I could live with my website being offline for a few hours because I've screwed up, but with E-Mail?
The solution?
The more you think it through, own the domain, yes, but use a mature and reliable (and paid for) provider you trust to do the hosting for you. For someone technical enough to securely own a domain and not let it expire that seems like the best solution really, unless maybe you own your own hosting service? :P (but then, technically, I guess it's not your own private mail server either)
> A 15 second down time means an important mail might not reach you
Email servers will retry sending messages and won't expire them unless the retries fail for several days. So even a day of downtime shouldn't result in losing email.
In addition to size of the data transmission being a poor measure of privacy implications (XML versus JSON anyone?), this paragraph is nonsense: "The University of Dublin professor says that this expansive data collection raises at least two major concerns. First, that the telemetry can be used to link physical devices to personal details, data that both companies are most likely exploiting for advertising purposes."
Apple doesn't have an advertising business, nor does it share that information with advertisers.
Take a look at _Robustify Your Links_.[1] It is an API and a snippet of JavaScript that saves your target HREF in one of the web archiving services and adds a decorator to the link display that offers the option to the user to view the web archive.
