Hacker News new | past | comments | ask | show | jobs | submit login
I lost my domain and everything that goes with it (uber.space)
14 points by kevingrahl 3 months ago | hide | past | web | favorite | 53 comments



Happened the same exact thing to me, with Namecheap too. They didn't send me any reminders about my .li domain. I couldn't renew from 2 weeks before expiry. I wouldn't pay $200 to recover it in grace period, now they are selling it for $5k.

Switched to Cloudflare, never touching Namecheap again.


Cloudflare is a registrar? I had no idea.

https://www.cloudflare.com/products/registrar/


It should be pointed out and understood that when a domain enters Redemption period, in every TLD, the inflated cost to redeem it is imposed by the registry itself, not the registrar.

So the point where the normal cost is $6.95 but it cost over $100 or $200 is not because the registrar is gouging you, but because the registry is charging the registrar minimum $100 or so, and then the registrar would also apply their own markup, which is pretty standard.

Also - all registrars are contractually obligated to send out multiple notifications to the admin contact email, and even though this wouldn't necessarily apply to .DE (because it's overseen by DENIC, not ICANN) - most registrars use the same notifcation workflow across all TLDs. Usually something like 90, 60, 30, 10 days and -5 days.

I will say that the rule in .DE that you can't renew past T-5 is pretty weird though.


Thanks for pointing that out, it wasn't clear to me who's responsible for that price. I added your comment as a footnote to the relevant sentence. [1]

But no matter who's responsible I think it's not right to ask someone to pay more than 19 times the price of the normal renewal just because they might have forgotton to renew. I'd have paid maybe €50 but €185 is borderline extortion in my opinion.

I can assure you, I have not gotten any kind of notification from Namecheap. I don't know why some people here are so insistent that I must have gotten them. I triple checked my email address at Namecheap and don't do spam filtering. If some mail isn't in my inbox it hasn't been sent.

[1] - https://tenebris.uber.space/article/i-fucked-up#price


I am told that the registry's logic around the exorbitant cost to pull a domain out of redemption is to teach the registrant to be more mindful of expiries ...and not to be predatory because they have you over a barrel.

I can't speak to whether the registrar sent you renewals or not. I did mention in another comment below that for some unfathomable reason my company (easyDNS) is the only one I know of that offers the functionality to setup an iCal feed with your domain expires.


A similar thing happened to me, and I was lucky enough to get help from Namecheap's support (they actually escalated it fairly high in the command chain).

After that incident, I decided to move my critical email communication with just the barebones provider's domain to either Apple's iCloud (you get a free account when using iCloud) or Fastmail (paid but worth every $).

This way I don't need to worry about my own domain for critical stuff.


I don’t like when someone else has access to my emails. In my case only my hoster, whom I trust, has access to my server and thus mails.


You might also check other articles about registrars sending to 3rd party companies who pay a lot money to get information about domains that recently expired and being bought by them. I think there was an article about it here on HN not a long time ago.

Every domain that I had expired was immediately bought by a company and this makes it hard


Same for me, both companies I trust with my data.


First: kudos for having the guts to share a mistake.

Second: kinda cool that you didn’t completely bash Namecheap, though the negative stuff you’ve described about them is well-deserved I think this may be (unfortunate) typical behavior for most registrars.

So a couple of follow up questions:

1. What was the motivation for self-hosting your email? I’m genuinely curious. Proton sounds good. A year ago I switched from Google Apps to Fastmail (with a custom domain) & still feel like this was a great decision. Especially, because I have aliases for email addresses that use the same username but a fallback domain. If I ever forget about my domain renewal email will still get through to the 2nd domain. (That doesn’t help with logins though.)

2. Your name seems pretty unique, if .de isn’t available have you considered other TLDs? I’m kinda dumb in that regard and have gone overboard with my domain name + almost every TLD … although slightly proud not to have gotten sucked in to the .dev phenomenon.

Good luck!


Mistakes are what we learn from!

1) I like to have things in my own hand. On one hand It’s about having control over who could possibly have access to my mails. If I were using Gmail for example I’d have to put up with data mining and the entirety of Google and their advertising partners possibly reading my mail. In my case only my Hoster, whom I trust, has access to my server. On the other hand it’s about flexibility. It’s my mail server and I can adjust whatever settings I like. I haven’t been using any spam filtering for example but It’d be trivial to set it up and tune it to my exact needs. I can also use other domains without much setting up. I’d just have to register the domain and point it to my server and all my addresses would work with that domain. I’ve unlimited addresses, some just forwarding via .qmail some running a full virtual IMAP/SMTP account with separate credentials. Those .qmail forwarding addresses are super useful btw! I’m using a unique address for every service I use which makes it trivial to find out who’s selling my data/where spam comes from. Delete the virtual address and voila, no more spam from them. Running my own mail server also makes backups easier I’d like to think. I just backup the right directory with cron from time to time.

2) Sure, there are hundreds of TLD’s to choose from. I’m sure I’d find one that’d be alright but I’ve used kevingrahl.de for as long as I can remember and all my friends and customers are accustomed to it. Using a .de address has the added benefit that in theory my government should drop all captured packages intended for surveillance (Germany can’t legally spy on its own citizens, it is known that they filter by TLD as a first step).

Thanks!


It's hard to have a lot of sympathy here.

1) Namecheap sends out renewal notices, if he wasn't getting them it's likely he didn't keep is email with them up to date.

2) Auto-Renew


3) Renew for as long as a time period as possible. If a domain is 12 bucks a year, 240 bucks is a small price to pay for knowing your domain is set for the next 20 years.


This seems like great advice, thanks for suggesting. I'll be doing this for my critical domains.


Namecheap is not reliable in sending out renewal notices. Source: it happened to me, too. I wrote off the loss.

Lesson here: Don't trust Namecheap but set your own reminders.


I’m not asking for sympathy!

I just checked to be sure and my email address on Namecheap is correct. I did not receive a notification email however.


This just boggles my mind. I have been getting emails for 60 days before a domain expiry.

Are you sure somehow a weird account isn't your namecheap contact email?


Conspiracy alert: Perhaps a NameCheap employee has been bribed to covertly suppress notification emails?


It’s strange because thet are extremely good with bugging you about that: sometimes changes to every week and then to every day.


could it have gone into spam?


No, I have my own mail server and don't do automatic spam filtering (not enough volume that I could be bothered to set it up yet).


Not sure why nobody else does this, but with easyDNS you can setup an iCal feed with your domain expirations.


After reading this, I'm rethinking using my own domain email as an ID on websites.

I trust that Gmail will be around a lot longer than me paying my own domain. I've been paying for my own domain for years but at some time I'll stop and someone else will own it; this gives them ownership of my email address.


It's certainly something to keep in mind.

But there are problems with a similar outcome that could arise by using a third party provider like Gmail. They could suspend your account for example which is far more unlikely to happen with a domain.

As long as you pay for both it and your server/email provider you should be good. I personally would rather risk what happened here than dealing with Google in case my account got suspended.


Are you sure that price is not set by DENIC or any other organization responsible for .de TLD? Never had issues with Namecheap and their support has always been very helpful.


No I’m not, as I said in the article:

> Please note that I do not know if Namecheap or DENIC is responsible for setting this price.


Well, in the beginning you were pretty clear about blaming Namecheap for this.


Now I'm starting to doubt your reading comprehension..

I explicitly said I don't blame Namecheap except for not sending me some notification and for that one service agent who told me he wasn't authorized to answer my question. That's were they fucked up. But as I said in that article "clearly it was my fault not renewing the domain in time".


Are you sure it is a good idea to publish this before you got your domain back? A malicious reader could try to battle you and get the domain before you.


I thought about that before posting but I see no reason why anyone would want to even try. I didn’t want to pay Namecheap’s fee so it’s quite clear I wouldn’t buy it from someone else either. Worst case I have to get a new domain..


You would probably buy it from a squatter for a less outrageous price, such as 20-30 EUR for the next year.


> But from €9.6 to €185 is an increase of 1827% or 19.27 times more. To me that's usury.

I don't think that word means what you think it means.


Inconceivable!

Not a native speaker so it could be wrong.

In German we have the word ‘Wucher’ which dict.cc translated to usury.

It’s generally used when someone makes an excessive profit by exploiting someone else’s weaker position. The German term fits this situation perfectly.


Not literally, but the intended meaning seems clear to me here?

Though ripoff would also have worked.


I mean, it's a minor quibble, but ripoff would make sense. Usury does not, in any way. It's simply a misuse of usury.


If someone has a suggestion for some reliable registrar that isn’t Namecheap I’d be happy to hear about them!


EasyDNS. Neither the cheapest nor apparently as well known these days, they seem to be sustained by a devoted customer base. I've used them for nearly 20 years.

The product lineup and administration interface is somewhat complex and confusing, IMO; perhaps an artifact of trying to appease long-term customers. I could never be bothered to figure it all out, but whenever I've looked for a feature I've never failed to discover something new to appreciate.

I'm interested what others have to say about them.


Most of the registrars have been acquired by other companies and are only the previous name for marketing purposes. I am not happy with any of the US or EU registrars beyond Mark Monitor, and MM are not meant for hobby domains/users.

Do you prefer US or EU? For US, you might try out Cloudflare or Amazon route53. I don't care for either of them, but others I know have been happy using them.

When you get your domains back and if you can afford it, you can pay for up to 10 years. Most registrars will give a discount. If they offer more than 10 years, don't do it. 10 years is the hard limit, which means you would have to trust that registrar stays in business more than 10 years and most will not.


Thanks for the input! I heard good things about MM and would love to use them but I’m not exactly their target audience.

I’d prefer an EU based registrar, any suggestions there?

As soon as I have my domain back (or a new one) I’ll definitely pay some years in advance from now on.


Gandi. Fairly low pricing, very FOSS friendly, often actually knowledgeable support that you don't have to hit with a baseball bat before they get a clue (unlike OVH).


For EU, I've heard many good things about OVH, but I have never used them. Also quite a few folks here on HN have said good things about OVH in EU.


I’ve had my domains on transip.eu (or .nl for me) for years and have never had any issues.


The predatory pricing of some registrars reminds me of the market for SSL certificates before Let's Encrypt.

I used OVH to register my domain names, and recently migrated them to Cloudflare. OVH is a totally fair choice, but their web panel is pretty papercutty and the whole experience is more OK than amazing.

I moved so I wouldn't feel like I'm at the mercy of my registrar. I want predictable pricing, not the half-expectation that somehow someday my domain will be mysteriously lost or held hostage.


At $dayjob we moved hundreds of domains to Hover.com a few years ago. No bullshit cross-selling, great service and documentation, well-designed site without “blinkenlights”.

Hover is definitely not the cheapest, but then again they’re not monetizing you to third parties or constantly up-selling. Privacy/locking/DNS are built in to reg cost so no surprises.

I moved my personal domains there too after it won our corporate evaluation process. Couldn’t be happier.



Gandi or GTFO, they're one of the few registrars that are fighting for the "good guys"


I have heard good things about https://www.inwx.com/


Thanks! You’re the second person to recommend INWX, already have it open in a tab to read up on them!


I use Hexonet for my .de. It’s made for big portfolios but it works and they’re German.


gandi.net has a good track record, a promise to not engage in any ethical "grey" areas, and is based in France.


Try Gandi, CloudFlare, or Hover.


Cloudflare!


I am using Gandi. You pay full price, but you get privacy inclunded




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: