It is a bit overkill, but the closest you can get to owning your online identity is to "own" your own domain. sarcastiquotes used because you don't really own a domain you only rent it.
I run my own mail server because I am a sys-admin and running a mail-server is something I do for fun. but the amount of agency you gain once you have a domain is staggering. people without a domain are pretty much second class net citizens.
I wish municipality offered domains, for example: you move to St Louis you would get name.stlouis.mo.us this would give you the same agency online that a mail address gets you offline.
I run my own mail server as well, on my own domain, own server, physically present in my home.
It's increasingly becoming a hassle.. Especially sending mail from a "consumer" line is tricky, they block outgoing port 25 and no longer really provide a relay host for you to go through either..
I basically had to infiltrate my current ISP to get access to people in netops and gaslight them into configuring reverse-dns and leak enough info to me to get access to use their relay..
Back when I got my first ADSL, the ISP apologized for blocking port 25 and explained how to use their relay.. Things sure have turned sour in that regard.
To this end, I've become convinced that the only fair thing to do is make email a human right. Nation states absolutely should provide and host, e-mail accounts for their citizens. (it can be up to the citizens how they want to use these accounts, if they want to use them only for receiving mail from the state, or if they want to use them for everything else too).
While less private if you have a domain instead of hosting youself you can delegate the handling to a mail provider.
This way you retain the ability to seamlessly change mail provider. And you gain other benefits like infinit number of alias while requiring a low level of technical knowledge and maintenance.
A domain is an address. If you have a home address you are a citizen, if not you are homeless. That's is.
However there are few issues we have anyway even being Netizens:
- some DNS hierarchies are NOT domestic to our country so in case of political issues between countries or in case of legal issues we do not have much domestic legal protection, witch in Democracy is the protection of our people between us;
- there are too many intermediaries who only resell, they are a danger. Registars MUST BE national and international public bodies ONLY, not private companies and domains must be NOT allowed for sale, people can register them, de-register them but no commerce on them;
- a minor, but no so minor, email issue, is that with modern anti-spam or to be more precise modern bully-sheriff companies hosting their own mailserver is hard. It works of course, but some giants often simply drop your mails.
Personally while I'm a fierce against PRIVATELY controlled digital IDs I favor public ones, not mandatory of course, BUT if you are a Citizen than choose a domain name, it will be on your ID card who happen to be a smart-card PCSC/Java/something OPEN in both middlewire and hw design itself. That's yours and you can use from your homeserver as you wish. Then you are perfectly free to use anything else not much tied to your identity.
I run my own email server too, many will not because of fear of missconfiguring it- and in some respect they are correct, first thing I have done wrong 11-ish years ago was to make my server an open relay which was cought in 5 minutes from setting up and luckily I figured it out 5 minutes later. No big deal, I love postfix and dovecot :)
[email protected]? How hard is to trace a person from one location to another?
To fix this email problem abandon the email as an account identifier. Use a 'username', or as I do a random set of characters and digits. There is no reason my account (login) has to be indexed as "[email protected]". It can be "SDf23wfwef". And, at an other site, it can be "hdf3gf0s", and so on.
I believe this would also reduce spam.
An alternative is to use what freenet used with your idea. Just issue sequentially lettered & numbered emails with aaaaaaaa.stlouis.mo.us. a through z and 0 through 9 would give 2.8 billion addresses just for stlouis.mo.us. Moved away? forward the email for a period, bounce (?) for a period with new address, then re-issue.
> I wish municipality offered domains, for example: you move to St Louis you would get name.stlouis.mo.us this would give you the same agency online that a mail address gets you offline.
Australia kinda does this with their `.id.au` second level domains for 'Individuals (by real name or common alias)'
Having the gov't control you email isn't a good solution for various reasons. We've all seen the privacy abuses as well as abusive enforcement/gov't seizures from police and prosecutors. This is better in some countries and dystopianly worse in others.
What we need is a system where we can efficiently route messages to/from public keys like the tor url system.
This way you always own your address and no one can ever take it away without the private key.
I own my domain name, however I opted to go through google apps for hosting my email. Most of the time it's fine, however the part that breaks down (and many have already commented about this) is that I can't make use of any of the google services via that email (nest, voice, etc). So I ended up creating another gmail account that is only used for those services.
All that said: can someone point me in the direction of a hosted email service that is reliable (this is a must, I don't want emails to bounce and I don't want spam), has native mobile apps w/push notifications, has a good web ui, and generally just works? And can anyone confirm that once I pull my email from google apps that I could then use it for those google services?
I wish more people did this. Self-hosting email is quite advanced, but most domain registrars offer a very reasonable mail package that is very. Since so few people do this, it's becoming increasingly harder to use such email adresses with important services - eg I set up something like this for a relative, and I remember it wasn't straightforward to set up an Apple ID with this custom email for them (I think I might even have had to call their support).
> I wish municipality offered domains, for example: you move to St Louis you would get name.stlouis.mo.us this would give you the same agency online that a mail address gets you offline.
While a US municipality may or may not operate their locality-based domain (here, the university does), ordinary persons are able to get subdomains under them. The only reason I haven't is because the university here doesn't bother to respond when I follow the process. But you may have better luck where you are.
You have to trust a third party company either way, so I don't think you're closer by having the domain, from a trust / vulnerability standpoint. In fact I think that email is best hosted by specialists with experience - and I'm saying this after hosting email for quite some time.
but if you stop renting from the registrar then whoever rents the domain next gets access to your email. seems like a horrible solution to this problem. at least i can be reasonably confident that google will never recycle my email address and send all incoming mail to a rando.
what is the safest registrar? If for instance you own a domain with a TLD managed by a shady jurisdiction, it may not be so secure, right? What's the safest TLD? Other than .com
Gandi.net gives you two mailboxes with unlimited aliases in France for every domain you rent. This is a very easy alternative for most people who cannot run a mail server.
Another solution that the article doesn't mention: separate the email address from the email provider. It really is the domain name that is your legal identity. Make it as easy for people to register a personal domain name as it is for them to sign up for free email so they can switch from Gmail to Hotmail to Protonmail without changing their email address.
Edit: We then need a standard for discoverable DNS settings that providers can publish, together with an endpoint that the domain name provider calls to inform the email provider that it should accept email from [email protected] and forward it to [email protected]. Then your domain name provider can discover these, and switching email provider can be done with a click of a button without you having to have any knowledge of DNS. Of course email providers will have little interest in supporting something like this, so this is where regulation would be needed.
And this is why, back in 2007, I registered my own domain, and signed up for then-free Google Apps for Your Domain (then GSuite, Google Workspaces, whatever they're calling it now). Earlier this year I moved my email to Fastmail, and I can move it elsewhere if I want to, with zero disruption or downtime.
I really wish email providers would make custom domains either the default, or a very obvious option when signing up. Google is already a domain registrar, and other providers could partner with one. Granted, this option would not be free (though Google could probably swing making it free; they just wouldn't let you use the domain for anything else unless you start paying for the registration), so that would reduce its desirability for most people, unfortunately.
(On the downside, I wish I could convert my GSuite account to a regular Google Account, because GSuite accounts are occasionally crippled in random ways, and now I'm not even using the email part of it anymore. But that's a separate complaint.)
State-funded email with E2EE. Every citizen gets an email address. You don't have to use it (and it will probably suck compared to competitors), but you'll have it as a permanent fallback address. And presumably it will come with some legal protections and due process.
India has come close to this. At one point they proposed one IPv6 /64 per citizen as an absolute right. It doesn't fit current address allocation models, or even routing models, but I can see what took them there. As an overlay network? It might be interesting.
Alternatively, give everyone an assymmetric encryption key associated with you identity. To prove your identity, you sign a challenge with your private key, and the other party verifies it using your public key (which could itself be signed your government).
Although, for that to fully work,you would need international cooperation on a standard for that protocol.
Given that many countries already use national id systems for age verification if you say want to buy booze online i always wanted a vault for every citizen, with healthcare, education, banking services, an email, maybe even a personal domain thrown in. Have one api for it that every company can hook into for verification.
The amount of physical disparate papwerwork you have to still do for these things is incredibly annoying.
Wer have something similar for companies in Portugal. The state pays the former state-owned mail service to host a "inbox" of sorts (not a full fledged email) that every company has to have. I am not sure if it covers individuals, though.
It is mostly used to notify the companies of tax dates and such.
Also would be cool to have a distinguished (via UI) inbox for government only communications that can't be phished. This way people can access more government services online. And if there are any security problems they can be resolved by the DMV.
For me it's Fastmail with a side of Namecheap (or maybe vice versa). Thankfully I pay both companies, thus there's an incentive to keep me happy so I keep paying... In particular, Fastmail has real support staff, which provides at least a modicum of peace of mind.
> The only real solution is to rethink online identity and stop depending on email addresses.
I think that is true, but it would have to be a better solution. Some groups heavily push for this reformation of online identity but most of them have in common that they want to strongly bind online identity to your offline one. That simply isn't desirable in many cases.
"You can take some control over your own identity in the current email-based online ecosystem by renting a domain name"
Originally, the idea was that you owned a domain name. Gradually, domain registrars have moved this to the concept that you're just renting it from them. Although you can still transfer domains to another registrar.
I'd like to find a domain registrar whose contractual terms stated that you own your domain name, and they are contractually prohibited from cancelling it or revoking it without a court order. Basically, a contract that forbids what lawyers call "self-help".
This is largely true for myself as well. 1Password helps me and my family from going full in, but if I lost my gmail i would have a lot of problems.
The recent discussion of CP flagging wreaking havoc[0] has caused us to start evaluating because we do have young children and we do take pictures for healthcare providers. Feels like a ticking time bomb for us.
I too run my own mail server, using a mixed approach of a dumb cloud server as a point of presence on the public internet and a private server at home as the actual email store. That gets the benefit on being a non-consumer presence as far as the internet is concerned, but with all personal data stored locally.
With a little practice and experience, it's not difficult for those with technical skills to host their own email on a cheap rented server (along with a personal website etc). Buy a suitable domain, host at a reputable supplier on a dedicated host (i.e. IP) and there should be few problems (test with free accounts from the bit tech outfits).
Even nicer is to use Dovecot for IMAP either locally or remote. I run it locally with fetchmail to periodically (or on demand) grab email from the public server, with a little utility that lists the remote headers first so I can decide which/whether any are worth even downloading and reading - quite often it's a single click to delete everything unread.
The problem with several of these email subscriptions is that they will reissue your email address to another if you leave them, with all the risks that entails. The answer is to buy and use your own domain or get someone else to do it.
Before writing about your bulletproof technical solution to this problem, think about all of your older relatives on facebook. Is the solution something they'll be able to handle?
This the reason I use my own domain and a paid email service.
I used Gmail before but got super worried about all the stories of accounts getting blocked with no way of contacting a human.
Sure domain registrars and email providers are not infallible, but it's a huge step up from trusting Googles customer service to do the right thing
It's a technical board so everyone propose technical solutions. But I really hope that the solution will be a legal one. That the law will change to make it as hard to kick someone from an email service as to cut running water. And to forbid the companies to define anti litigation, private courts etc. in their TOS.
After the NYT article [0] I purchased (rented) my own domain, created a cloudflare account and started using their email routing to forward all the email to my gmail address. I also configured gmail to allow me to send emails from the new email address.
As I have a small child and use a lot the telemedicine services I do have a fear that I will be blocked soon.
A drawback to this is that cloudflare does not allow you to forward to multiple email addresses.
Somewhat tangential, but I wonder where do people using their own domain draw the line.
I personally use a "stable" [email protected] for supposedly trusted, long-term services (e.g. bank, utilities, etc.) and for services that require my identity for obvious reasons (e.g. shipping/billing address).
For sites where I prefer not to reveal my identity (not even to the site operator), I use Fastmail’s Masked Email (akin to iCloud Hide My Email). This, however, means I don't own those addresses, and if I need to change email provider for whatever reason, it's a PITA to update the email address field on possibly hundreds of sites (assuming you can).
I could buy a domain like randomstring.com to use with catch-all, but then I would be more likely to be tracked across sites, especially in the case of data leaks (which do happen eventually).
Then there are those awkward in-person situations when somebody asks my email and I have to say [email protected].
Shameless plug here, but that is the purpose of [ImprovMX](https://improvmx.com).
We forward emails from a custom domain to a destination email that can be updated.
My personal email is contact@{custom domain} and currently points to Gmail because I never took the hassle to change it, but if someday I decide to move elsewhere (I'm contemplating Fastmail and Protonmail), all I will have to do is update my destination email at ImprovMX and that's all.
This is a liberty that only us, tech people, can grasp.
My parents, even my wife, doesn't see the importance of being locked to mail provider.
> people should stop and think carefully when choosing the @example.com part of their email address. It’s a decision you’re probably set to live with for life
Really? I’ve had dozens of email addresses over decades. I have a few favorites but even those have changed over time. I think your is hyperbole.
I have the feeling that we are gradually shifting from email-centric to phone-centric systems. With 2FA and recovery, ultimately, your unique phone number becomes more and more THE foundation of everything online, and switching phone number is harder than switching email.
Is there email counterpart of HTTP 301? This could be the solution. But it would have to be much more secure and would require human confirmations to make the "301" to take the effect.
[+] [-] somat|3 years ago|reply
I run my own mail server because I am a sys-admin and running a mail-server is something I do for fun. but the amount of agency you gain once you have a domain is staggering. people without a domain are pretty much second class net citizens.
I wish municipality offered domains, for example: you move to St Louis you would get name.stlouis.mo.us this would give you the same agency online that a mail address gets you offline.
[+] [-] dusted|3 years ago|reply
It's increasingly becoming a hassle.. Especially sending mail from a "consumer" line is tricky, they block outgoing port 25 and no longer really provide a relay host for you to go through either.. I basically had to infiltrate my current ISP to get access to people in netops and gaslight them into configuring reverse-dns and leak enough info to me to get access to use their relay..
Back when I got my first ADSL, the ISP apologized for blocking port 25 and explained how to use their relay.. Things sure have turned sour in that regard.
To this end, I've become convinced that the only fair thing to do is make email a human right. Nation states absolutely should provide and host, e-mail accounts for their citizens. (it can be up to the citizens how they want to use these accounts, if they want to use them only for receiving mail from the state, or if they want to use them for everything else too).
[+] [-] Timshel|3 years ago|reply
This way you retain the ability to seamlessly change mail provider. And you gain other benefits like infinit number of alias while requiring a low level of technical knowledge and maintenance.
[+] [-] kkfx|3 years ago|reply
However there are few issues we have anyway even being Netizens:
- some DNS hierarchies are NOT domestic to our country so in case of political issues between countries or in case of legal issues we do not have much domestic legal protection, witch in Democracy is the protection of our people between us;
- there are too many intermediaries who only resell, they are a danger. Registars MUST BE national and international public bodies ONLY, not private companies and domains must be NOT allowed for sale, people can register them, de-register them but no commerce on them;
- a minor, but no so minor, email issue, is that with modern anti-spam or to be more precise modern bully-sheriff companies hosting their own mailserver is hard. It works of course, but some giants often simply drop your mails.
Personally while I'm a fierce against PRIVATELY controlled digital IDs I favor public ones, not mandatory of course, BUT if you are a Citizen than choose a domain name, it will be on your ID card who happen to be a smart-card PCSC/Java/something OPEN in both middlewire and hw design itself. That's yours and you can use from your homeserver as you wish. Then you are perfectly free to use anything else not much tied to your identity.
[+] [-] gwnywg|3 years ago|reply
[+] [-] WaitWaitWha|3 years ago|reply
[email protected]? Who gets that first?
[email protected]? How hard is to trace a person from one location to another?
To fix this email problem abandon the email as an account identifier. Use a 'username', or as I do a random set of characters and digits. There is no reason my account (login) has to be indexed as "[email protected]". It can be "SDf23wfwef". And, at an other site, it can be "hdf3gf0s", and so on.
I believe this would also reduce spam.
An alternative is to use what freenet used with your idea. Just issue sequentially lettered & numbered emails with aaaaaaaa.stlouis.mo.us. a through z and 0 through 9 would give 2.8 billion addresses just for stlouis.mo.us. Moved away? forward the email for a period, bounce (?) for a period with new address, then re-issue.
[+] [-] greazy|3 years ago|reply
Australia kinda does this with their `.id.au` second level domains for 'Individuals (by real name or common alias)'
Not many folks use it or know about it.
[+] [-] ezoe|3 years ago|reply
Real overkill method is own a TLD. It's unrealistic for an individual though.
[+] [-] nytesky|3 years ago|reply
[+] [-] koheripbal|3 years ago|reply
What we need is a system where we can efficiently route messages to/from public keys like the tor url system.
This way you always own your address and no one can ever take it away without the private key.
[+] [-] zachrip|3 years ago|reply
All that said: can someone point me in the direction of a hosted email service that is reliable (this is a must, I don't want emails to bounce and I don't want spam), has native mobile apps w/push notifications, has a good web ui, and generally just works? And can anyone confirm that once I pull my email from google apps that I could then use it for those google services?
[+] [-] t_mann|3 years ago|reply
[+] [-] nulbyte|3 years ago|reply
While a US municipality may or may not operate their locality-based domain (here, the university does), ordinary persons are able to get subdomains under them. The only reason I haven't is because the university here doesn't bother to respond when I follow the process. But you may have better luck where you are.
[+] [-] kumarvvr|3 years ago|reply
Do you know of any resources that I can read to help me do it on my own?
[+] [-] npteljes|3 years ago|reply
[+] [-] klabb3|3 years ago|reply
1972
> you move to St Louis you would get name.stlouis.mo.us
2022
[+] [-] kingds|3 years ago|reply
[+] [-] tommica|3 years ago|reply
[+] [-] ubermonkey|3 years ago|reply
My sister and mother also now have their own domains, administered by me. :)
[+] [-] colordrops|3 years ago|reply
[+] [-] kornhole|3 years ago|reply
[+] [-] deepdriver|3 years ago|reply
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] 6510|3 years ago|reply
[+] [-] ulrikrasmussen|3 years ago|reply
Edit: We then need a standard for discoverable DNS settings that providers can publish, together with an endpoint that the domain name provider calls to inform the email provider that it should accept email from [email protected] and forward it to [email protected]. Then your domain name provider can discover these, and switching email provider can be done with a click of a button without you having to have any knowledge of DNS. Of course email providers will have little interest in supporting something like this, so this is where regulation would be needed.
[+] [-] kelnos|3 years ago|reply
I really wish email providers would make custom domains either the default, or a very obvious option when signing up. Google is already a domain registrar, and other providers could partner with one. Granted, this option would not be free (though Google could probably swing making it free; they just wouldn't let you use the domain for anything else unless you start paying for the registration), so that would reduce its desirability for most people, unfortunately.
(On the downside, I wish I could convert my GSuite account to a regular Google Account, because GSuite accounts are occasionally crippled in random ways, and now I'm not even using the email part of it anymore. But that's a separate complaint.)
[+] [-] daenz|3 years ago|reply
[+] [-] ggm|3 years ago|reply
[+] [-] thayne|3 years ago|reply
Although, for that to fully work,you would need international cooperation on a standard for that protocol.
[+] [-] Barrin92|3 years ago|reply
The amount of physical disparate papwerwork you have to still do for these things is incredibly annoying.
[+] [-] cfn|3 years ago|reply
[+] [-] httpz|3 years ago|reply
[+] [-] drudoo|3 years ago|reply
[+] [-] pa7ch|3 years ago|reply
[+] [-] exolymph|3 years ago|reply
[+] [-] raxxorraxor|3 years ago|reply
I think that is true, but it would have to be a better solution. Some groups heavily push for this reformation of online identity but most of them have in common that they want to strongly bind online identity to your offline one. That simply isn't desirable in many cases.
[+] [-] Animats|3 years ago|reply
Originally, the idea was that you owned a domain name. Gradually, domain registrars have moved this to the concept that you're just renting it from them. Although you can still transfer domains to another registrar.
I'd like to find a domain registrar whose contractual terms stated that you own your domain name, and they are contractually prohibited from cancelling it or revoking it without a court order. Basically, a contract that forbids what lawyers call "self-help".
[+] [-] irjustin|3 years ago|reply
The recent discussion of CP flagging wreaking havoc[0] has caused us to start evaluating because we do have young children and we do take pictures for healthcare providers. Feels like a ticking time bomb for us.
[0] https://www.nytimes.com/2022/08/21/technology/google-surveil...
[+] [-] zh3|3 years ago|reply
With a little practice and experience, it's not difficult for those with technical skills to host their own email on a cheap rented server (along with a personal website etc). Buy a suitable domain, host at a reputable supplier on a dedicated host (i.e. IP) and there should be few problems (test with free accounts from the bit tech outfits).
Even nicer is to use Dovecot for IMAP either locally or remote. I run it locally with fetchmail to periodically (or on demand) grab email from the public server, with a little utility that lists the remote headers first so I can decide which/whether any are worth even downloading and reading - quite often it's a single click to delete everything unread.
[+] [-] vaagen|3 years ago|reply
[+] [-] alangibson|3 years ago|reply
Just like a company can't yank your ability to send snail mail, they shouldn't be able to yank your ability to send electronic mail.
[+] [-] httpz|3 years ago|reply
[+] [-] synthc|3 years ago|reply
Sure domain registrars and email providers are not infallible, but it's a huge step up from trusting Googles customer service to do the right thing
[+] [-] satellite2|3 years ago|reply
[+] [-] poseva|3 years ago|reply
As I have a small child and use a lot the telemedicine services I do have a fear that I will be blocked soon.
A drawback to this is that cloudflare does not allow you to forward to multiple email addresses.
[0] https://www.nytimes.com/2022/08/21/technology/google-surveil...
[+] [-] juniperplant|3 years ago|reply
I personally use a "stable" [email protected] for supposedly trusted, long-term services (e.g. bank, utilities, etc.) and for services that require my identity for obvious reasons (e.g. shipping/billing address).
For sites where I prefer not to reveal my identity (not even to the site operator), I use Fastmail’s Masked Email (akin to iCloud Hide My Email). This, however, means I don't own those addresses, and if I need to change email provider for whatever reason, it's a PITA to update the email address field on possibly hundreds of sites (assuming you can).
I could buy a domain like randomstring.com to use with catch-all, but then I would be more likely to be tracked across sites, especially in the case of data leaks (which do happen eventually).
Then there are those awkward in-person situations when somebody asks my email and I have to say [email protected].
What's a good tradeoff?
[+] [-] cx42net|3 years ago|reply
My personal email is contact@{custom domain} and currently points to Gmail because I never took the hassle to change it, but if someday I decide to move elsewhere (I'm contemplating Fastmail and Protonmail), all I will have to do is update my destination email at ImprovMX and that's all.
This is a liberty that only us, tech people, can grasp. My parents, even my wife, doesn't see the importance of being locked to mail provider.
[+] [-] TedDoesntTalk|3 years ago|reply
Really? I’ve had dozens of email addresses over decades. I have a few favorites but even those have changed over time. I think your is hyperbole.
[+] [-] icare_1er|3 years ago|reply
[+] [-] bartq|3 years ago|reply