One alternative is to have your own domain, but run email on a service like CloudFlare, Mailgun, or even Google. If you get cut off, you can change provider and redirect the DNS records.
I would think it would be worse to renew for ten years as an individual. I'm not sure how I would even set a reminder for myself that I am confident would alert me appropriately in ten years
Renew it for 10 years, then set an annual reminder to renew it for 1 year to the reach maximum 10 years again. This way you have a 9 year grace period if you miss any given year.
You could set up auto-renewal. Good registrars also remind you when the domain is about to expire. In any case, using a custom domain is safer than relying on a single email provider.
Do registrars send you warnings when their algorithms detect that you've broken their terms of service? If not, it's equally as at risk as the article suggests Gmail is.
I like to use email aliases for privacy and security which works better with domain provided by common operators such as duckduckgo, mozilla relay, apple icloud, etc. If you use a custom domain, then it is easy to link all your accounts through data brokers and spam you because all addresses get redirected to your inbox.
You can whitelist only specific localpart patterns, which solves the spam problem. And while it’s in theory possible to link all addresses to your identity, doing so would require knowing that only one person is using the email domain.
If we're regulating, why not demand "closed" accounts must redirect to another email for 12 months?
That would guarantee users could move their identity over a reasonable period while removing storage and support requirements from the original provider.
That "cancellation guarantee" would surely give people more confidence to choose a particular email provider?
In my view, a better regulation would be something like this:
- If an email provider decides to close an account, they must offer free forwarding to an email address of the account holder's choice for as long as the email provider operates (or perhaps for X years, etc.).
- Email providers must not reject valid messages. They can put them in a spam folder if they like, but they can't reject them. This mitigates the oligarchical situation which has arisen where a few large email providers try to impose their will on the rest of the email ecosystem and make it increasingly hard to email their users.
It would be reasonable to restrict these regulations to providers with over a certain number of users.
most cases where an email must be sent from a specific address are probably something where a company emails a consumer to assure the consumer that the email is genuine.
there are mailing lists that i can only write to from a specific address, and maybe a bank has a process where i can initiate certain actions by emailing them, or doctors, etc. but those all should have ways to change that email address which should hopefully be possible by verifying the address by receiving a verification token.
in any case the number of situations where one must send email from a specific address should be a fraction of those where one must be able to receive email at that address.
> Email providers must not reject valid messages. They can put them in a spam folder if they like, but they can't reject them.
This is not feasible. Imagine that a single IP is sending a continuous flood of messages which are clearly spam, as fast as possible, to a large mail provider. Requiring that mail provider to store every single one of those messages, and to not take any steps to mitigate an instance of obvious abuse, would be
completely unreasonable.
Organizations are comfortable treating your email as your identity because email is freely, instantly available to anyone in the world with internet access.
Email is free and massively available because it is cheap for providers to operate and ads make it profitable. Because organizations treat email as identity, email is very important to people’s lives, and losing access to your email account can be devastating. Thus there are calls for regulation requiring human intervention (such as customer support), the cost of which scales linearly.
This kind of regulation seems incompatible with free, universally available, instant sign-up email. Ad revenue is probably not enough to hire support staff for millions of customers across dozens of languages. One half-hour support call probably costs more money than a customer generates in years through ad revenue.
Correct me if I’m missing something, but it seems that providers would have to charge a fee for email to adequately support their customers. If this happens, then email access can no longer be assumed.
So here’s the core of the question: if we are dissatisfied with how fragile our identities are online, who pays to fix this?
I've been of the opinion that emails really needs to have a form of "Local Number Portability" (LNP) akin to phone numbers. Sadly, the traditional way of handling this is via forwarding, which isn't really how LNP works. It should really be a form of redirect at the SMTP stage where the sending mail server is redirected to another email address for delivery.
As I run an ISP / non-dominant carrier, this is a barrier to competition in the real world. Potential customers that made the decision of using an email address provided by the incumbent in my area often refuse to change providers for fear of losing contact with people or customers that have only known the one email address for decades.
23 comments
[ 3.3 ms ] story [ 70.8 ms ] threadUnfortunately, should that domain ever expire, it'll likely be picked up by a squatter and that's your identity gone.
Example from 3 months ago: https://news.ycombinator.com/item?id=31573854
Another one: https://news.ycombinator.com/item?id=30506581
That would guarantee users could move their identity over a reasonable period while removing storage and support requirements from the original provider.
That "cancellation guarantee" would surely give people more confidence to choose a particular email provider?
- If an email provider decides to close an account, they must offer free forwarding to an email address of the account holder's choice for as long as the email provider operates (or perhaps for X years, etc.).
- Email providers must not reject valid messages. They can put them in a spam folder if they like, but they can't reject them. This mitigates the oligarchical situation which has arisen where a few large email providers try to impose their will on the rest of the email ecosystem and make it increasingly hard to email their users.
It would be reasonable to restrict these regulations to providers with over a certain number of users.
there are mailing lists that i can only write to from a specific address, and maybe a bank has a process where i can initiate certain actions by emailing them, or doctors, etc. but those all should have ways to change that email address which should hopefully be possible by verifying the address by receiving a verification token.
in any case the number of situations where one must send email from a specific address should be a fraction of those where one must be able to receive email at that address.
This is not feasible. Imagine that a single IP is sending a continuous flood of messages which are clearly spam, as fast as possible, to a large mail provider. Requiring that mail provider to store every single one of those messages, and to not take any steps to mitigate an instance of obvious abuse, would be completely unreasonable.
https://twitter.com/balajis/status/1397773092169031693
https://thenetworkstate.com/god-state-network#negative-synth...
Organizations are comfortable treating your email as your identity because email is freely, instantly available to anyone in the world with internet access.
Email is free and massively available because it is cheap for providers to operate and ads make it profitable. Because organizations treat email as identity, email is very important to people’s lives, and losing access to your email account can be devastating. Thus there are calls for regulation requiring human intervention (such as customer support), the cost of which scales linearly.
This kind of regulation seems incompatible with free, universally available, instant sign-up email. Ad revenue is probably not enough to hire support staff for millions of customers across dozens of languages. One half-hour support call probably costs more money than a customer generates in years through ad revenue.
Correct me if I’m missing something, but it seems that providers would have to charge a fee for email to adequately support their customers. If this happens, then email access can no longer be assumed.
So here’s the core of the question: if we are dissatisfied with how fragile our identities are online, who pays to fix this?
As I run an ISP / non-dominant carrier, this is a barrier to competition in the real world. Potential customers that made the decision of using an email address provided by the incumbent in my area often refuse to change providers for fear of losing contact with people or customers that have only known the one email address for decades.