Better-than-barebones not-quite-"pro" level email hosting with custom domain

technophile · Apr 23, 2022

Hi all, hopefully this is the right forum, it's kind of in a weird liminal space as topics go.

My wife and I have had our own family domain name for like...20+ years now. It's been hosted on a couple of different providers, the most recent one being Hostgator (which sucks, but at least is cheap). Unfortunately, lately we've run into some issues like our mail server being blacklisted because it is, of course, on a shared host, and if anyone else on that host happens to (intentionally or otherwise) send spam and get blacklisted, we catch the collateral damage.

I've been looking at options, but haven't found anything that really suits my needs perfectly. Does anyone have a suggestion on running email on a custom domain that a) doesn't cost a fortune and b) doesn't suck? I'm a DevOps Architect by day, so pretty technically savvy, but I am not an email admin or other IT wizard.

Couple of other thoughts:

* I would really love some level of good spam- and malware-filtering.

* Reputable host who isn't going to get caught in blacklists, etc.

* We already have a family M365 subscription for Office and OneDrive space. I considered using M365's custom domain email hosted on outlook.com (there's apparently a way to do it by setting up DNS records correctly, without having to use GoDaddy), but we currently have a couple of extra mailboxes that are for friends-of-the-family or alternate addresses, and M365 Family wouldn't support those use cases.

* I don't really feel like giving Google access to all of my private email, so Google Workspaces make me uncomfortable.

Are there any other good prosumer-level options out there? Or at least a host who will not get me randomly blacklisted?

molo · Apr 23, 2022

You won't like this...

There's a reason that Microsoft and Google rule the e-mail world. Their stuff works, it's cheap, and it's easy to manage - in the sense that you *don't* manage it, really. Google and Microsoft manage it.

No one else really offers comparable e-mail services. Even most corporations that traditionally ran their own mail servers (often Microsoft Exchange), have given up and just let Microsoft handle the whole thing via Exchange Online. Or Gmail, if they weren't an Exchange shop.

E-mail is just too messy and too complex and too expensive to manage well these days, and their is nearly *zero* benefit to managing it yourself. If you need *maximum mail security*, then it might be worth it, but you're not in that situation.

I say bite-the-bullet and move to Outlook.com or Google Workspace. Or, even better, abandon the custom domain and just use Gmail or Outlook.com mail straight-up. Nobody cares about custom domains anymore, because nobody really cares about *e-mail* anymore.

koala · Apr 24, 2022

How much effort you want to spend? Actually you could use something like SES to deliver email, which is very cheap, get the most difficult part out of the way, and run the rest yourself. There's Mailcow and a few other software packages that people like, but I have no idea about those.

There's also Fastmail/pobox. But if you want a lot of different mailboxes, you're facing the same issues as with Google/O365.

I'd probably just use O365 in your situation, and research how to set *forwards*, not mailboxes for your friends-of-the-family.

technophile · Apr 25, 2022

Bump for the workday crowd.

molo said:
You won't like this...

There's a reason that Microsoft and Google rule the e-mail world. Their stuff works, it's cheap, and it's easy to manage - in the sense that you *don't* manage it, really. Google and Microsoft manage it.

I mean, that's really my expectation. I'm largely fine with that, I just wanted to know if there's some intermediate/easier solution I don't know about, because I don't really pay attention to this stuff full time.

Nobody cares about custom domains anymore, because nobody really cares about *e-mail* anymore.

I care about my domain, for nostalgic reasons if nothing else. It doesn't really signify whether anyone else does.

Jehos · May 2, 2022

technophile said:
I mean, that's really my expectation. I'm largely fine with that, I just wanted to know if there's some intermediate/easier solution I don't know about, because I don't really pay attention to this stuff full time.

Nobody else even comes close to what you get for your money. You might be able to save a few bucks, but you'll notice you're using an also-ran.

I also have a custom domain that I'm not getting rid of (I have no derplegangers, and I've had the same address for decades). I got free e-mail from legacy Google offerings (the one that is shutting down this year). Switching to a paid account was no big deal, although I'm probably moving from Google to Microsoft at some point just to get some real-world experience with the Azure/M365 offerings.

Ardax · May 13, 2022

Are there any other good prosumer-level options out there? Or at least a host who will not get me randomly blacklisted?

There's Zoho, ProtonMail, and Fastmail.

Zoho looks cheap for just email hosting, but most likely I'll just bite the bullet and switch to M365 since I've already got a family account. My mom doesn't do email anymore. The only possible catch is that I've got one alias/distro list set up with Google that mails both my wife and I that we make relatively heavy use of. While Exchange itself obviously supports that, I'm not 100% confident that the M365 custom domain will.

technophile said:
molo said:

Nobody cares about custom domains anymore, because nobody really cares about *e-mail* anymore.

Click to expand...

I care about my domain, for nostalgic reasons if nothing else. It doesn't really signify whether anyone else does.

Click to expand...

Like you, I've owned my domain name for >20 years. I bought it after graduating college for the express purpose of never having to change my email address ever again. Even if nobody else cared, it'd be a major pain in the ass to change. Much like my phone number. I can think of better ways to spend my time than updating all my logins, friends, family, and associates with updated contact info... Like bashing my head against a brick wall.

I've done email server management before. I'd rather not do it ever again.

technophile · May 13, 2022

Ardax said:
technophile said:

molo said:

Nobody cares about custom domains anymore, because nobody really cares about *e-mail* anymore.

Click to expand...

I care about my domain, for nostalgic reasons if nothing else. It doesn't really signify whether anyone else does.

Click to expand...

Like you, I've owned my domain name for >20 years. I bought it after graduating college for the express purpose of never having to change my email address ever again. Even if nobody else cared, it'd be a major pain in the ass to change. Much like my phone number. I can think of better ways to spend my time than updating all my logins, friends, family, and associates with updated contact info... Like bashing my head against a brick wall.

I've done email server management before. I'd rather not do it ever again.

I am with you 100% on both points.

Ardax · May 17, 2022

Well, at least we're getting a bit of extra time to do the migration.

technophile · May 17, 2022

Ardax said:
Well, at least we're getting a bit of extra time to do the migration.

Oh, the legacy GSuite account news? Took me a second to figure out what you meant.

Doesn't affect me, but I'm sure some people are breathing a bit easier.

I did find Got Your Back for backing up google accounts and restoring them to a new one, dunno if that would be helpful for you. It was pretty easy to set up (we aren't using gmail or gsuite right now, but she has an institutional email address where they've disabled the integrated backup and she needs to copy some emails to a personal account).

Ardax · May 17, 2022

Derp. Forgot that not everyone posting about personal email hosting right now is trying to get away from Google. LOL

sryan2k1 · May 27, 2022

You can keep your grandfathered GSuite account now, as long as it's for non-commercial use. Direct link to opt into the non-commercial offering: https://admin.google.com/?action_id=SE_ ... helpcenter

first_caveman · Aug 23, 2023

I just completed the switch to Fastmail, also on my own domain. They've got good documentation, and support multiple different DNS configurations. I moved there from Hey mail + Gmail. So far its been good, and the masked email integration with my password manager is a great convenience.

technophile · Aug 24, 2023

I ended up switching to Exchange Online (plan 1) about 3 months ago. Having to pay per-account (my previous host allowed unlimited email addresses) is a little bit of a downer, but the junk mail handling (both detection/reporting of incoming and our outgoing stuff not getting marked as junk by other systems) is really nice, and integrating it with our personal domain was pretty painless (just a couple of DNS updates). The ability to see each other's calendars could also be a really nice feature, except my wife tends to use her work calendar for everything.

The only real things we've run into so far:

The default Azure AD setup enforces MFA, which to me is a bonus, but it was a little aggravating for my wife and son. I was able to update the config to still require MFA for my account but not theirs pretty easily.
It is a "work" account, meaning if you have a personal Microsoft account for e.g. Office, OneDrive, outlook.com, your Windows 10/11 machine etc, they will be separate accounts. In practice this isn't really a big deal, Microsoft is pretty good at handling a mix of accounts in the browser/on the local machine.

Everything else has been very smooth, adding licenses/users is very straightforward, the email "just works", and there are good tools for handling incoming suspicious email and tracking down any issues.

Migrating all of our previous email was also really easy; just put together an Excel spreadsheet with the email addresses and passwords for our old accounts, supply it to Exchange Online, and run a migration batch. It runs regularly until you stop it, so you can get everything migrated before switching over the DNS. I never saw any errors or issues and all of our emails in all of our folders came across perfectly (no surprise, as it basically just uses IMAP to pull them in).

Andrewcw · Aug 24, 2023

MFA in addition to phone. I'd personally would add a semi-secure backdoor for yourself. Where you add an additional Time based authenticators. You can use Google, Microsoft whatever. I personally use Authy. I have multiple accounts I handle where i'm not really the primary user of the account. But i need to be able to get in when a Phone breaks etc.

sryan2k1 · Aug 24, 2023

I would very strongly recommend not turning MFA off, ever. You can allow devices to remember a MFA cookie and it can be valid for up to a year.

Having to pay per-account (my previous host allowed unlimited email addresses) is a little bit of a downer

Just to clarify, an account in M365 can have as many aliases (additional addresses) as you want, but yes, it is per user licensed, so every unique user gets to pay.

technophile · Aug 24, 2023

Andrewcw said:
MFA in addition to phone. I'd personally would add a semi-secure backdoor for yourself. Where you add an additional Time based authenticators. You can use Google, Microsoft whatever. I personally use Authy. I have multiple accounts I handle where i'm not really the primary user of the account. But i need to be able to get in when a Phone breaks etc.

Yeah the second account I set up is a (no license) break-glass admin account with a separately generated username and password and MFA.

oikjn · Sep 4, 2023

technophile said:
Yeah the second account I set up is a (no license) break-glass admin account with a separately generated username and password and MFA.

I could be wrong, but I believe they recommend against MFA on that break-glass admin account and just have notify on login alerting setup.

technophile · Sep 4, 2023

oikjn said:
I could be wrong, but I believe they recommend against MFA on that break-glass admin account and just have notify on login alerting setup.

No, you're right - it's supposed to be excepted from all MFA, conditional access, etc. because if you do something dumb and lock your normal admin account(s) out via a bad CA policy or something you need a way to recover. In my case, if my phone got lost/stolen/broken or whatever and I couldn't get MFA codes.

Unfortunately, IIRC alerting on login requires a Log Analytics Workspace and AAD P1 or P2, which is... a lot for a personal email domain.

oikjn · Sep 5, 2023

@technophile
true. If one of you needs the office software suite or windows license, then the $22/month for Business Premium is a pretty good value which includes all sorts of great features like the licenses, Defender for business, Anti-spam and more, but at that point you are way outside of the "bare-bones" email setup.

technophile · Sep 5, 2023

The LAW actually isn't too bad - it's priced on data ingestion, and for the amount of traffic I would expect and the resulting sign in logs it's probably like $0.50 a month. It's the Premium AAD license (which I think is required to send logs to the LAW) that isn't worth doing for this IMO.

Better-than-barebones not-quite-"pro" level email hosting with custom domain

Ars Legatus Legionis

Ars Legatus Legionis

Ars Tribunus Angusticlavius

Ars Legatus Legionis

Ars Legatus Legionis

Ars Legatus Legionis

Ars Legatus Legionis

Ars Legatus Legionis

Ars Legatus Legionis

Ars Legatus Legionis

Ars Legatus Legionis

Smack-Fu Master, in training

Ars Legatus Legionis

Ars Legatus Legionis

Ars Legatus Legionis

Ars Legatus Legionis

Ars Scholae Palatinae

Ars Legatus Legionis

Ars Scholae Palatinae

Ars Legatus Legionis