345 comments

[ 2.8 ms ] story [ 298 ms ] thread
Can someone add context to the “gets bought out” part?
I don't have a mastodont account, if that makes a difference, but I cannot see anything.
I keep seeing unsourced claims on Mastodon that Gandi has been acquired by an unscrupulous entity, but I can't find any official verification.

Is it true?

Crunchbase says leveraged buyout by private equity firm Montefiore Investment in 2019

https://www.crunchbase.com/acquisition/montefiore-investment...

If that's the case I'm surprised it took 4 years for me to hear anything about it turning shitty

Because Montefoire sold them to a scummy company:

https://your.online/press-release/

Good find. I've never heard of "Total Webhosting Solutions," anybody had experience with them?

It's a bummer if Gandi goes downhill. I've never used them personally but I heard a lot of recommendations that they were a good registrar.

They used to be, got greedier and here we are.
They were awesome. I have been with them over 15 years. But I fear it's time to move on. Still looking for an EU registrar that has modern 2FA (FIDO2) and is large enough to not be a target for takeover anytime soon.
Is OVH large enough?

They've supported FIDO for a while IIRC.

Link's 404, Toot removed apparently. What happened? I use Gandi. They were acquired by a holdings company years ago but that's all I know.
The original post was someone having registered their domain for many years in advance and Gandi planning to yoink the included email service and replace it with one that they would have to pay extra for
They merged with Total Webhosting Solutions B.V., which is a Dutch company that buys up web hosts and then increases prices:

https://your.online/press-release/

The story on Mastodon is that they are axing free mail boxes that you'd get with every domain registered at Gandi, even if you had paid several years up front.

(comment deleted)
There's a little toast/growl message thing that says that toot has been rate limited. As of now it says try again after 30 minutes past the hour.

EDIT: It works briefly every 5 or 10 minutes, until it gets rate limited again.

Full message for others not seeing the page:

So, further to recent changes at Gandi, I've just got some more info from support which I've included below. I've purchased domains from Gandi, pre-paying for multiple years of service such that some domains I have don't need renewing until 2027. When I purchased that service the offer was inclusive of 2 mailboxes for the duration of the contract, and now they're planning to remove those inclusive mailboxes and start charging me extra for them from next month.

To me, this sounds like a planned and fully intentional breach of contract.

"We'll start charging for mailboxes from next month. Our current mail offer will end and will be replaced by our new offer: [...]

What’s going to happen going forward ?

Starting from April 6th, you will have the choice to either : - Keep your mailbox and pay accordingly on a monthly basis. - Refuse the offer and you can have the choice to delete the mailbox or migrate your mailbox to another provider. In that case you will have a two months window to migrate before the deletion of your mailbox - Forwarding address remains free

How ? - You will receive ln the 6th of April a mail with a link to make your choice.

How much it will cost for me ? - It will depend on how many active mailboxes you own. A mailbox costs £2,99 so if you have 2 mailboxes, you will be billed £5,98 monthly."

For those curious about what's going on (the post was removed) they merged with TWS: https://your.online/press-release/
We're getting bitten by this in the Netherlands as well. Two domain registrars, PCExtreme and Neostrada, merged with Versio, and Versio is now owned by TWS.

My company has domains registered with Versio (and PCExtreme and Neostrada), but the control panel was showing multiple domains wrongly flagged as 'processing', and actually getting through to customer service takes the better part of day by now. I'm not looking forward to our domains getting migrated due to these mergers.

Start looking for alternative registrars if your domains are hosted by Versio, Neostrada, or PCExtreme! The competent staff of PCExtreme and Neostrada seem to have evaporated in these mergers.

Any suggestion of a good serious independent European registrar?
I wish I had something useful to recommend now, but we've only just started looking.
I am happy with OVH. Only bit that’s missing is IPv6 for dynamic IPs.
doesn't OVH require ID verification after you pay? and then run off with your money if they don't get it

at least, that is my experience

I had to identify by ID iirc because I wanted a .eu domain which is restricted to EU citizens. But I had to give the ID upfront.
I wanted to purchase a VPS and they took my money before asking for ID. I refused to give them an ID that I didn't have (because I don't have one) and they kept my money and refused to provide service.

So at least don't get a VPS unless you're ready to give ID, heh.

I had a dedicated server for.. 4 months? or something before they suddenly required a scan of my ID before they would let me renew. Really weird and annoying. No abuse complaints or anything awry I was doing with it either :/
Sounds like a wonderful reason for a chargeback.
I tried to chargeback but the card company was like "nah chargebacks are inconvenient, just have some credit". Was pleasantly surprised.
I'm using Infomaniak. I especially like their renewal warranty [0]. It's a few bucks more a year but they renew the Domain even if you are not paying and try to contact you by phone, snail mail etc. They also support IPv6 and DNSSEC.

[0] https://www.infomaniak.com/en/renewal-warranty

Not sure if it meets the European criteria but I use a combination of DNSimple and Porkbun and am very happy with them both.

For less common ccTLDs, Gandi is still hard to beat since they support virtually everything. Apart from that, I have no regrets moving... I saw the writing on the wall about 2 years ago and moved virtually all my domains away from them.

> Not sure if it meets the European criteria but I use a combination of DNSimple and Porkbun

Neither of these meets the European criterion.

Shame because they're good registrars. I wonder why the European requirement though (since the TLDs themselves are ultimately governed by the registries and you can always use your own - or third party, EU based - name servers).
Because of GDPR, it’s so much simpler so have a host within the EU than elsewhere and especially simpler than having one in the US
Not sure I understand why GDPR has anything to do with domain _registration_ (not hosting).
I used to be on Versio, but moved to TransIP after the acquisition of Versio by TWS.

TransIP is not exactly the cheapest, but they work fine. Vimexx (which is under the same company as TransIP) is cheaper (closer to pre-TWS Versio pricing), but I'm a bit hesitant to trust a 'budget' registrar again.

I use INWX for some years for 2 domains and can't complain about anything.
Is it printed so much money that they just buy up everything and jack up the prices?
(comment deleted)
So who's the trustworthy, low-bullshit registrar now?

I've been using Gandi for over a decade.

I personally use Namecheap and Name.com for a few other domains. My rule of thumb is domain registrars only get to manage my domains. Registrars love to upsell you on email and hosting but in my experience that's where all the bullshit starts. If you just buy a domain, you could go to place like GoDaddy and probably have a decent experience.

EDIT: Just like I said, in the original thread they are talking about Ghandi screwing customers on email inboxes. Follows my rule of "anything outside of domains and the bs starts".

> My rule of thumb is domain registrars only get to manage my domains. Registrars love to upsell you on email and hosting but in my experience that's where all the bullshit starts.

That’s the Unix philosophy applied to service providers.

The same logic applies to why you should have a separate cable modem and WiFi router.

> If you just buy a domain, you could go to place like GoDaddy and probably have a decent experience.

No GoDaddy sucks even as just a registrar because even configuring NS records to host your DNS elsewhere is a terrible UX.

Yeah, but I just wanted a few accounts I could "send as" in Gmail . No backups or whatever is fine.
If you search on hacker news there are some people including me who have bad experiences with namecheap, as they threaten to cut off domain itself easily when they get complaints. I am not talking about hosting, but the domain itself. For any large enterprise client, I recommend against using them. Right now, I am on Gandi and only use them for domain, even reading this I'd still pick them over namecheap.
I use cloudflare, and their prices are unbeatable.
"Cloudflare Registrar is only available for customers that use Cloudflare as their authoritative DNS provider (also known as a full setup)."

Wow. Just wow. What happens if I register a domain via Cloudflare but decide later I don't want to use their DNS offerings?

You transfer it, hoping that they don't refuse and decide they own you forever.
You can transfer the domain to some other registrar.
porkbun is nice has been nice for registrations, migadu for email
I've used iwantmyname since 2013 and in 2021 started using Porkbun for some.
I am not sure if cloudflare is liked by HN this week, but so far, I’ve not had a bad experience with their registrar.

Fast and cheap.

Their lack of support, or rather their "support fails" and their VP and C-suite level hacker news readers consistently offering personal assistance to high profile incidents on HN kind of made them a negative running gag here.
I like CF and I like the fact that I can probably tweet at the CEO and get a response for my issues.
I'd say Google. They have incentive not to play games like this as that could jeoparadize their control of .dev and they don't need to juice profits on a minor service.
(comment deleted)
But if something does happen, it's impossible to get a CS agent that can actually help
What? With Gandi and others you get screwed by paying more. With Google you get screwed by losing your account completely not matter if you are willing to pay a million to recover it. Google is the worst by far.
Dynadot

They are just as cheap as the often-mentioned NameCheap, but a much better UI.

Dynadot also lets you "domain taste" that is get a refund in credit if you change your mind after buying a domain within I think 72 hours.

They also are one of the largest domain registrars.

Also been at Gandi over a decade, this really sucks.
There is none. Any registrar has their own shitty stories. Sad times.
What registrars has HN been using lately?

I've been super lazy and use Route53 for everything right now.

Route53 is Gandi under the covers
That's surprising. It seems like it's only partially true:

> AWS provides the Domain Name Registration Services through ICANN-accredited registrars. AWS currently provides Domain Name Registration Services through Gandi SAS , Mesh Digital Limited, Amazon Registrar, Inc., and other ICANN-accredited registrars (the “Registrar”), and your use of the Domain Name Registration Services is subject to their terms. You can identify the Registrar of record for any Registered Name by performing a WHOIS query here . AWS reserves the right to use any ICANN-accredited registrar as the Registrar.

https://aws.amazon.com/route53/domain-registration-agreement...

Yes, only for domain registration. AWS handles DNS.
This is like saying my car is Venezuelan because it can accept gas from a Valero gas station.
Route53 registration doesn't seem to get a lot of resources at AWS.

They can take years to add new TLDs (I've been waiting for 5+ years for them to do .nz properly). Checkout the support forum. Lots of:

   * Someone asks for a new TLD
   * Quick reply saying request forwarded to team
   * a year passes
   * Another person asks when that TLD will become available. 
Probably okay for the basic stuff though.
I use infomaniak.com. Prices are reasonable and their API is somewhat ok
I like name.com, I also often hear namecheap recommended
> What registrars has HN been using lately?

ycombinator.com itself is on 81 "Gandi SAS", although they use AWS DNS, so chances are it's through Route53 (since AWS isn't an ICANN registrar, they have other registrars actually handle the registry ops)

Cloudflare Registrar, no markup and a reliable company.
Recently switched from Namecheap to Cloudflare. Cloudflare was significantly cheaper for my sole .io domain.
The catch is that you must use Cloudflare's nameservers [0]:

  6.1 Nameservers. Registrant agrees to use Cloudflare’s nameservers. REGISTRANT ACKNOWLEDGES AND AGREES THAT IT MAY NOT CHANGE THE NAMESERVERS ON THE REGISTRAR SERVICES, AND THAT IT MUST TRANSFER TO A THIRD PARTY REGISTRAR IF IT WISHES TO CHANGE NAMESERVERS.

[0] https://www.cloudflare.com/domain-registration-agreement/
This usually isn't a problem, you can point the DNS to any hosting service you want. Its a pain to setup every single record of-course.
That's extremely weird. Is there a publicly stated reason for it?
People generally use 3rd party Nameservers when their Registrar is unreliable or "old school".

Most dot-com era web companies used Network Solutions back in the day - and many still use them. However, DNS updates sometimes take hours, their interface is cumbersome, etc.

It's become quite common to use someone like Cloudflare for Nameserver/DNS duties (among other things) and keep your registrar where you like.

Hetzner. Their functionality for this is clunky as heck, but I have more trust in the company than other registrars.
Gandi actually. So far so good. Need to check if what OP says is true, though.
I've been using namecheap.com for 10 or so years quite happily and haven't felt the urge to move that whole time.
Recently went with Porkbun. Their interface is simple and functional, and they have good support for most 2FA interfaces (including passkeys).
Over time, I've been migrating from Gandi to Porkbun. I've been happy so far.
Might have to do the same. Been ok with paying slightly higher prices for reliability but I wouln't bet on the latter if they start pulling shit like this even if it doesn't affect me directly.
Pair. More or less forever. Nothing particularly special, but never so busted there’s been a reason to bother changing.
Also pair for ~20 years. Not one single service issue in this time. Very quick response from queries raised, technical or otherwise.
That's pairdomains.com, correct?
DNSimple is excellent. I don't recommend using Route53, while their GUI and features are good they charge per DNS query. I had someone trying exploit that and ended up with a 100x higher bill than normal in one month. It is impossible to do anything about it except purchase AWS Shield Advanced which costs $3000 per month.
Dynadot

They are just as cheap as the often-mentioned NameCheap, but a much better UI.

Dynadot also lets you "domain taste" that is get a refund in credit if you change your mind after buying a domain within I think 72 hours.

They also are one of the largest domain registrars.

Do they have better invoices? Namecheap (~20 domains there) is a pain when it comes to invoices (they don't send them to you, it's not clear where to find them in the UI, they mix it with transaction receipts, the name of the PDF is off etc.)
I don't know, I only have a few personal domains and don't use invoices.
I love EasyDNS - not the cheapest, but the service is EXCELLENT. Over 10 years or so, I've had to call support a couple of times to setup new features, and not only do they answer the phone - but you get a real engineer!

It costs me about $40/year for domain (.org), dns, backup MX/mail spool, and a couple of other bits and pieces. It's been well worth it for the piece of mind.

I generally open up https://tld-list.com/ (which lists most registrars for any given TLD, along with the prices). I then choose the cheapest non-shady looking one. Porkbun, NameSilo, and Epik are fine options usually.
https://tldes.com/ is an alternative site for those look for pricing comparison for the different TLDs/gTLDs.

Personally I'm currently using Sav and Porkbun, with good experiences with Namesilo in the recent past.

porkbun is awesome and pretty much the cheapest for all tlds, and name.com has a nice simple interface. happy with both of them.
I use hover, they are a tucows reseller, sort of.
Oh hell no. Hover used to be good, but have turned into a shit show over the last 12+ months.

Definitely avoid them, and if your domains are important then migrate them elsewhere.

Several reports of problems, including from me:

* https://twitter.com/densone/status/1625378937047027719

* https://news.ycombinator.com/item?id=34786465

* https://news.ycombinator.com/item?id=34788210 <-- mine

Sorry for your luck, but based on your posts and your twitter, you already had other security issues. That's not hovers fault.
Sure mate. Care to explain?

(Btw, I don't have a Twitter, so good luck with that. :))

Let me guess, you work for Hover or used to?

Or maybe you just needed more coffee/sleep/something before replying? ;)

I've been with joker.com for more than 20 years. Not a single problem ever.
I’ve been using https://hover.com (domains only) for over a decade and have had zero issues. They never bother me and only email for things I’d want to be notified (e.g. domain expiring).
Personally been a happy hover.com customer. Definitely not the cheapest but I like that they don't try to upsell me crap.
I have a few domains on gandi (they support .ie unlike a lot of big registrars), but my primary registrar is still namecheap.
I've only got just one, but I'm pretty happy with Google. I mean, I know it's Google so there's always the worry they'll get bored with the product, but it works fine and has integration with my Asus router so I can dynDNS my home for my kids' minecraft server.
Isn't the biggest issue with Google that your account could get banned for whatever reason, and then your chances of recover it are under 0.001%? That's the biggest fear imho.
This seems short sighted. For just one mailbox per domain, 2.99 per month is 35.88 per year. This will wipe goodwill from an existing loyal customer base very quickly#.

I have 4 domains, each with 2 email addresses. I do not want a 287.04 per year bill, and nor do I want my domains being held hostage for this. I will look to migrate away immediately.

But, I have emailed Gandi to ask them to confirm, since the website doesn't yet reflect this news, and it's not the first time they may be victim of disinformation (action perhaps indicitative of trust built using Gandi).

#small, non wholesale customers.

It sound like they’re hosting at the same place (gandi) where they registered the domain. This is absolutely never recommended, for security purposes. If someone gains access to your hosting account you’ll likely lose all your domain names.

Transfer the domains over to a better more secure registrar. Then set up a server or vps and set up as many mailboxes or emails that you need.

Is there any indication that Gandi is insecure?
Not that I know of, it’s just good practice to separate services like this (even if it can be more expensive and logistically difficult).
I'm asking because the GGP wrote "better more secure registrar". Since I'm using Gandi right now (and I don't care about their mailbox offer), I wanted to know if it was really insecure.
GGP said hosting, but I think they mean email hosting. Even if you keep your actual registrar account @gmail or anther third-party, it's not recommended to handle your registrar, DNS, and email in the same place, since a compromise of any of them is likely to lead to compromise of the other systems (eg. an attacker gains admin permissions on the website / backend and uses it to reset your email password and download your email inbox)
I'm sorry but I don't understand what you're saying. The sentence was literally "Transfer the domains over to a better more secure registrar." This is about domain names and registrars and it's implying that Gandi is insecure. Your point about putting your eggs in the same basket is a different point.
Aren't these orthogonal concerns?

registrar or DNS gets hacked -> attacker can receive mail as you (by transferring your domain or changing your MX record)

e-mail host gets hacked -> attacker can download your inbox

both -> both

Is there not some way to undue that? I'm sure it would be a hassle, but hacking someone's account and transferring their domain name is a crime, it also leaves a very obvious paper trail. Seems like the registrars involved would be willing to reverse transfers under such circumstances.
Seems like the definition of a pyrrhic victory.
And until that reversal is done, you've exposed all the users of your domains (including yourself) to security issues, potential data theft, and destroyed your own website's reputation.
I've been running a stolen domain name recovery service for a few years now. Even though hacking into someone's account and transferring the domain name to themselves or transferring it to another domain registrar is a crime, it's never prosecuted (when they come to us the first thing we have them do is file a police report).

The problem is that most domain registrars won't help get your domain name back. Many domains are stolen because they hacked the email address and not the domain registrar account (even though that's how they got access). Most domain registrars don't care at all, and won't help. And there are no current ICANN policies for dealing with stolen domain names. Even UDRP is not set up for dealing with stolen domains. Although we were successful getting one back via UDRP since the business was using the domain previously and we ended up claiming 'commonlaw trademark'.

This is one reason why we've been so successful getting stolen domain names back for clients: we use some alternative methods, such as actually talking to people at the registrars involved and talking with the domain thief, to get domains back.

>Most domain registrars don't care at all, and won't help.

Don't leave us hanging like that! Which are the registrars that do care, and will help then? Even if they cost more.

I personally prefer keeping domain registrar separate from dns host separate from server host, and probably email host separate from the others, too, but on the other hand, you now have several different vendors that can ruin your day.

Using bundled services from your domain registrar is especially problematic though, because when you switch registrars, you usually lose those bundled services, even though you already paid for them. Often, there's similar services available at the new registrar, but there's a cost to switch, and it's much more difficult to switch because the service provisioning is often tied to the domain process; service at registrar B won't be online until the domain is moved, and service at registrar A may be turned off immediately after the domain is moved, so you have no way to make an orderly transition.

> you now have several different vendors that can ruin your day.

The point is that a single vendor for everything can ruin your life.

Infrastructure best practices have gone out the window, haven't you heard? Most people who use AWS/$cloud_service use it for everything, best practices be damned. Many new projects start their working thinking about how to scale, before making it simple and before having paying users.
> thinking about how to scale

Having a good plan for scaling is absolutely a great move. Changing fundamental architecture later isn't easy. Implementing it all immediately however ..

Sure, I agree, some sort of plan is a good idea. What I've seen many times though is engineers building systems for supporting 100k daily users while the product hasn't even found market fit yet, wasting lots of time on building complicated distributed systems way too early.
Gandi email has been useless from the start. They say right in the contract that they don't back up their email servers. Isn't the host handling chores like backup part of the point of a hosted product? Of course you can and should distrust the host's backups and have your own in addition, but that's way different than the host not doing them in the first place.

Maybe they have fixed that (I don't see it on their site any more) but I have a screen shot of the old contract provision and I complained to them about it in 2017, and they ignored the complaint.

For email it is sometimes useful to only have a host handling things like reputation and crypto/protocols (DKIM, SPF, DMARC, DANE, MTA-STS, etc.) while doing the actual handling of data yourself.

I'm not sure that gandi's email fits that purpose, but specifically for email it can be a bit more tricky to roll your own than things like HTTPS, so having a hosted solution to handle that can help.

Pretty sure gandi doesn't do much of the above either. Gandi email hosting is generally not worth paying for.
As a bundled service it was fine, I have a complete copy of my emails on my client(s) anyway so what it really did was give an IMAP interface to use for sending and receiving emails under my domain that dealt with the entire "Google et el are pretty evil about personal email boxes".

Its not worth £3 a month per box when previously the Gandi markup was £4 a year or so for the extra services on top of the raw domain price.

I've been using Gandi's free mailboxes since 2019 when I de-Googled, they provide easy setup for SPF/DKIM/DMARC. Not sure about the other two. No significant deliverability issues to report. They offer IMAP and a choice between two web UIs which is all I need.

I'd be more than happy to pay for their service in general, just not under duress. If they'd have given me 6 months to onboard I'd have been perfectly fine with $3/mo for email. If I'm going to be abused with a false sense of urgency and pushed to make a quick decision, I'll just leave.

ah ok, it must have changed since last I looked into it.
Well it's a nice way to have a no-reply@ for my side projects and a smtp to send emails from those webapps.

Probably not worth paying the asking price for this usage though.

Not sure that anyone need a backup if you know how to configure your email clients. Mines gets and keep all the emails so between my smartphone and my 2 laptops + their own backups, I have enough copies.
I used Gandi's SMTP servers to relay outbound mail only (through postfix). For inbound mail, I pointed the MX record to my home IP address, where I received it directly on my postfix server.

This avoided my ISP's block on outbound TCP port 25, and it also gave me a reputable sending IP address economically.

This is why I only use service A for domains. And service B for emails.
I use service A for domains, service B for DNS and service C for emails.
How do you prove to service B that you own the domain?
You usually need to update the name servers with service A to point to service B.
You don’t need to. Your registrar tells the registry which nameservers you’ve chosen. You specify the nameservers that belong to your DNS provider, which causes DNS clients to query that DNS provider.

There’s nothing stopping you from paying for service with a DNS provider for a domain you don’t own, but nobody will actually query those nameservers for your domain, so it doesn’t matter.

I reached that by accident. Service B for DNS was just a more pleasant product to use than service A, and service A didn't offer certain features I needed for emails.

To bring it back on topic, this made it easy when I switched service A from Gandi to something else a year or two ago because a few things I was seeing from them "smelled funny." I don't remember the details, just that I wanted to switch.

Same, swapped over to PorkBun. Much more pleasant experience.
DNSControl[1] or another similar tool also helps a lot when moving. My DNS records are configured by a small JavaScript file in a git repository, and I can very easily point it at another DNS provider.

[1]: https://dnscontrol.org/

Could you disclose what B is? Pretty much please?
DNS Made Easy - perhaps too costly now, and not the best, but I use them since 10 years and had no issue with them. But might be oversized, I've started to use them for a startup b/c they had failover to point to another load balancer if one balancer/data center is down.
I've been using ZoneEdit for years, and they have a limited free tier. It's been great for my admittedly tiny use cases.
Which services do you use specifically?
Namecheap (I want to get off) and DNS Made Easy (I've started to use them with our startup for reliability)
Huh, I've been happy with Namecheap for a few years now. But I never looked that hard.
Suggestions for service B? Every single service I can find always seems such a pain to go in and add a subdomain and change something.
If you just care about user interface, Cloudflare is pretty stellar.
Honestly I think it depends where you are deploying to. I was previously using Netlify DNS for instance since most of my domains had static websites hosted on Netlify, this meant that they could manage quite a lot of records for me, I was also a fan of having CNAME-flattening which isn't available at domains.google (for reference I'm using the .dev TLD which is owned by the Google Registrar), but I've recently switched to using Google's name servers and even though I have to use a hard coded IP for the Netlify load balancer and I lost CNAME flattening I'm pretty the DNS requests are going MUCH faster (as in a few tens of milliseconds faster LOL). The reason I'm using Google's name server is because Netlify DNS doesn't support DNSSEC which for me is simply absurd in 2023.

Anyways, if you don't have a specific reason to pick any specific nameserver go with the easiest one or if you want to have the most features and portability go with Cloudflare.

Almost none of the most popular/important zones on the Internet aren't signed, so there is little impetus for providers to support DNSSEC. IPv6 is a more annoying lapse.
Digitalocean.
Same.. API access is pretty nice too... I run a simple script for dyndns at home.
I've been relatively happy using digital ocean for DNS.

Even run a dyndns script to have a subdomain for my wireguard connections to home.

I use service A for domains, service B for DNS, service C for emails, and service D for WHOIS privacy protections.
I have this, but it's not quite as fully seperated out, as server B is also my server host.
Always separate vendors for separate services.

Choices of convenience will always be waiting in the future.

Choosing a path that is not the most convenient (just slightly less) can go a long way.

Additionally, DevOps is actually scarier than self-hosting, or self-managing the hosting yourself.

Wherever you register a domain, make sure you practice transferring a domain in, and then out well in advance of ever needing it.

This is why I live in a society that enforces contracts through a court system.

In a functioning society you can’t sell someone a year worth of prepaid car washes and then decide they need to start paying you again 3 months into your contract.

Will be interesting to see if this touches the courts and, if so, how it plays out.

Contracts are only as good as the wealth, power, and ability you have to fight in court and ensure they get enforced. Which is why they 1. usually have lopsided boilerplate terms that protect only the powerful party, 2. are usually largely written by the wealthy, powerful corporation, and 3. usually only enforced against the relatively powerless consumer.

In the ideal fantasy world, contracts are supposed to be "meeting of the minds" between parties of equal power and benefitting parties equally. But when I think of "contract" today, I immediately think "weapon used by a company to beat up a consumer".

Depending on how many domains he's registered and how much the value of that service for the remaining years is, this may be eligible for small claims.
Seeing how Nintendo and the courts screwed around with the stick drift class action lawsuit (the parents can’t be in the class since their kids use it, yet the parents were the ones bound by the forced arbitration), and how clickwrap EULAs have become largely accepted as fully binding in courts…

100% this

> when I think of "contract" today, I immediately think "weapon used by a company to beat up a consumer"

This view is unsupported by the facts in all competent jurisdictions. It’s a convenient one, however, for certain people to spread.

One of the first things you learn about in contract law after the elements of contract formation is the idea of unconscionability, but it's often construed by courts in such narrow terms that consumers who are pressured or tricked into handing over their money have little recourse.

https://californialawreview.org/print/unconscionability-as-a...

"We can change these terms at any time, and your agreement is indicated by your continuing to exist. Also if we violate these terms you can't actually take us to court but we'll pay our buddy Arby to decide if you have a valid point"

From a non-professional prospective, one of the problems with unconscionability is that even terms that are blatantly opposite to prevailing law are highly misleading. This further disenfranchises individuals from the legal system, obscuring our rights even further. I'd personally like to see blatant examples of such start getting policed as something akin to giving improper legal advice.

Not a lawyer, but Gandi is based in France, and I don’t think they recognize mandatory arbitration (or choice of law) clauses in consumer contracts there.
Yeah, I was making a general point. I used to use Gandi some time ago. I forget why I drifted away from them. I think I only had one domain there, which I then let lapse rather than renewing. Given what I remember of their rep I'm surprised about this news, but I guess that's the constant churn of "creative" destruction. Enjoy the reasonable vendors you've figured out this year, because next year your own reliance will be an asset to be sold and arbitraged away.
In California at least, a small claim is pretty efficient as long as the claim is more than the modest filing fee. They can't hire an outside lawyer to handle it, either. If they have an inside one they can use that, but anyway.

I've had great success this way against United Airlines, Toyota, and other bigs.

The sweet spot for companies is the low tens of thousands. At that level, you're disqualified from small claims and it's not really worth an actual lawsuit. It's a very narrow band, though.
Here in Indiana, in many jurisdictions companies have to hire outside counsel to go to small claims. This means that it can be quite expensive to litigate for businesses against legitimate small claims.
Here in California we have several levels. There are different classes of small claims, there are limited civil claims and then unlimited civil for over $25,000 though some counties have special programs for unlimited claims under $50,000. If you stay in small claims, usually you get an in-house paralegal that just wants it to go away. Over $50,000 you get outside counsel that wants to bill the file.
OP: Have you enforced a contract through a court system? Would love to hear more about that.
This is really frustrating. I'm only a small customer but it doesn't seem right that they could take away part of the deal if I have multiple years pre-bought prior to the change.

The email I received is slightly different and doesn't include set dates, it just says "after the first year" which could be tomorrow.

I've emailed them asking for clarification.

I pay for Fastmail, but use several of the gandi basic mailboxes for other reasons. I could live with those disappearing. I hope this doesn't also remove the 'forwarded addresses' though.

(comment deleted)
(comment deleted)
Are there any reputable registrars with APIs with Terraform providers, outside of Gandi and AWS?

Just not sure I can give that up!

What are some recommended alternatives?

I specifically need support for .li domains and acme.sh to renew certificates.

inwx supports basically every TLD I've looked at and the acme.sh support will be based on where you have your DNS which can be separate from your registrar (I've used acme.sh on cloudflare, rage4, and many others. I've also used it with a local bind9 DNS server)
Not that this isn't a travesty. But it's worth pointing out that my first thought was: I need to bookmark this page to cite every time we end up in another giant front-page argument about "I don't use GMail because I don't trust Google; I have my own domain with some tiny provider with human support where this can never happen."

Meh. The specifics here seem pretty damning, though. Most likely the new owners just didn't understand the older contracts and started rolling out the new business model without review. The end result will probably be just a refund for the affected accounts.

> I need to bookmark this page to cite every time we end up in another giant front-page argument about "I don't use GMail because I don't trust Google; I have my own domain with some tiny provider with human support where this can never happen."

This is about them changing the pricing of their service. The part about doing it to customers who have paid in advance may be fraud, but it's still miles better then google randomly locking you out of your account without recourse. You don't have to use Gandi for your email (why would you even except for it being "free" which you now have learned it is not) and you can transfer your domain to another registrar.

Are you calling Gandi “some tiny provider”?
I haven't seen anything from them yet - do they say anything about forwarding addresses?
Neither do I.

Would be really upset if they start charging for the two included mailboxes.

Even last week they were saying nothing would change, that Gandi remained independent inside Your.online.

That may be a new record.

Often, and even more so in corporate PR, things are said precisely because they aren't true.
If you believe every acquisition PR saying “but nothing will change at all, we’re committed to run $bought_company as an independent entity” then I have a bridge to sell you!

Company A never buys company B to let it do its thing.

Right.

Or a ship in Arizona to sell you.

GP and others who believe that should google "our incredible journey" - and look at multiple hits, not just the first few. It has become a meme by now.

>Even last week they were saying nothing would change

If you want to be dishonest but not explicitly lie, there are almost always ways to do it. For example, "I believe access to healthcare is a human right" to a normal person sounds like the person is saying that healthcare is a human right, but "access" can mean anything at all and in reality they are saying nothing.

I would not be surprised at all to find that similar inconspicuous weasel words were used.

I honestly cannot believe the hubris. A 20% price hike and removal of features mid-term. If I don't pay for the email accounts I apparently didn't pay for, I will lose my business email accounts. I get the impression I should just have stuck with : <official sounding>_<country> @ gmail.com and moved on with my life. Maddening.
That comes with its own set of issues when google decides to block your account for reasons only known to their algorithms and there are no humans to talk to. You end up locked out of your business email with no recourse.
What is an SME supposed to do? I need static web-hosting and an email server that will not get blocked by Google!
(comment deleted)
Gmail, Fastmail... with custom domain
Having your own domain you control the MX record. If google locks you out, you can still move to another host for your email on the same day. You don't get your historical email (unless you backed it up with offlineimap or something like that) but at least you still have access and control over the address. Using @gmail.com for your business (or even personal email) is asking for trouble given how notorious google is at locking people out with no recourse and for mysterious reasons.
Smaller commercial email providers are probably a good balance of competence and reliability (their email service is their revenue source) and better customer service (they have few enough customers that they care more about each of them). Fastmail is often brought up in this category. I think Zoho is pretty good too if you're looking for more of a complete G-suite like offering with other applications. Both of these companies also increasingly feel like more competent or at least better-run software engineering organizations than Google.
You still own the domain and are free to setup another hosting with the same address. With Gmail if you're banned it's over you lose access to everything and have to manually reach to all your contacts.
The problem with Google is that if your account gets blocked/banned for whatever reason, you can just say goodbye to it. Minor companies like Gandi do have human customer service, so there's always the chance to recover the account (and move on to another service one you make a dump of your data and all).
what's amazing to me is that the only reason you would pay up to double what other registrars charge is because of the free services they throw in.

I have a feeling Gandi is going to go down the tubes very fast.

For a small business expense and the annoyance of having to extend effort to change something that just works, it was a pretty sensible decision. Now I've got to go down the rabbit hole of playing the free market game for what should just be a damn simple thing. Why is web hosting & email so difficult in 2023!?!
(comment deleted)
Is migrating domains from Gandi to somewhere else easy/possible? I've had the same domain for years, I used to pay like $20 for five years, but then I forgot to renew, and because I let it expire for a few days, now they are charging me $100/year! Sour taste in my mouth about them even before this...
Moving from any registars is possible [1] the process is fairly easy and takes a couple of days . You would need access to admin emails you provided for verification.

The process is free as in gandi won’t charge you to migrate but newer registar might , and also if you DNS or other services the new service provider will likely charge for those.

[1] for .come .net .org and many other popular ones it is, however for some of newer Top level domains (TLD) they may have only one domain registrar and you cannot move. .dev is owned and operated by google alone.

Gandi afaik does not have exclusive access to any significant TLD so it shouldn’t be a problem

> The process is free as in gandi won’t charge you to migrate but newer registar might

The new registrar will charge a fee and the expiration date of your domain will increase by one year. The transfer fee should be roughly the same as the registration and renewal fees. If anything looks fishy, compare with another registrar (starting with common registrar recommendations you see at HN)

One can migrate any of their domains from any registrar to another registrar. I do not have a Gandi account so I don't know where in the UI to find this, but you would need to go into the properties for each domain and first unlock the domain and then get the unlock/transfer code. Use that code in your new registrar to move the domain(s). It is best to do this over the phone with the new registrar to ensure a smoother migration.
Yes, I did it for one domain years ago, it was easy, and it can be done can be done completely online.

Contrary to the other reply, I do NOT recommend calling and doing it over the phone, as in my opinion that will just be slower and prone to accidents by adding a human into an otherwise automated process.

You can’t migrate an expired domain. If you’re still within the redemption period to renew the domain by paying a higher fee, you should choose that (unless you believe nobody else will be interested in that domain name once it becomes available for anyone to purchase).

Once you renew the domain, there is an immediate 60-day (?) period when you cannot transfer the domain elsewhere. So you’d have to wait for that duration and then transfer. You won’t lose out on the expiration date though.

When you transfer the domain to another registrar, you’d have to pay a one year renewal fee, which will extend the ownership of your domain by one more year than what it was before.

> I let it expire for a few days, now they are charging me $100/year!

It sounds like your domain name entered the redemption period. The high fee to restore a domain in the redemption period is mandated by the registry, not the registrar. So Gandi is not price gouging; they are required to collect that fee for restoring the domain.