Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Best hosted alternative to Google Workspace for email?
270 points by CharlesW on Feb 5, 2022 | hide | past | favorite | 260 comments
So with Google starting to charge previously-free users, I've decided that I'd rather give my money to someone else. I'd like a provider who is likely to be around in a decade or two. Tips on moving many years of Google email to a new provider are appreciated as well!



Google Takeout will export all your mail in mbox format which is easily handled by mail programs like Apple Mail and Thunderbird and should let you sync everything to a new service (if that service won't let you transfer it themselves).

I'm using iCloud+ from Apple. It's cheap at $1/mo for 50GB of space and lets me have my custom domains. $3/mo will get you family sharing and 200GB of space (if you want multiple accounts - I just have one account with multiple domains/email addresses). Apple's email hosting is 22 years old (pre-dating Gmail by 4 years) and seems like it won't be going anywhere anytime soon. They've recently expanded their email offerings with things like "Sign In with Apple" and "Hide my Email."

Zoho Mail will give you free hosting without IMAP or $1 for 5GB, $1.25 for 10GB, $3 for 30GB, $4 for 50GB, $6 for 100GB (billed annually).

Microsoft 365 will cost $5.83/mo for 1 person or $8.33 for a family of 6. Each account gets 1TB of storage (6TB for the family in total) and you get all the Microsoft Office apps. One issue is that the domain needs to be with Go Daddy which ups the price a little given their premium pricing on domains which is around an extra dollar per month.

FastMail is $5/mo for 30GB, $9 for 100GB.

There's no magic email provider that no one ever complains about - including Google where we've heard horror stories of getting locked out with no one to even contact. It also seems like no one wants to be hosting your mail for free with IMAP support anymore (and almost no one wants to host your domain email for free generally).

For me, migrating to iCloud+ was cheap and easy. I'm already on a Mac and iPhone. I set up some simple rules to filter my mail on my Mac and I'm enjoying the instant response of a native app. At $1/mo, there's no lock-in to annual billing and it basically costs nothing.

Microsoft 365 seems like a good deal if you're looking for a lot of storage and Microsoft Office apps. 1TB for $5.83/mo is basically the same price per GB as Dropbox, but you're also getting mail and the Office apps.


If you want to try Apple’s:

I have tried the iCloud+.

It’s unstable, incomplete. Barely not shitty.

Deliberately sparsely and vaguely documented. Their support employees don’t know the features around custom domain, HideMyEmail etc and refuse to accept anything about it on email and then being typical Apple they simply say no to saying anything on email - hell, there is no email you can contact them.

They tell you “yes, this is the behaviour” on phone. They tell you “there is not documentation for it yet”, they refuse to say this on email. There is no email address you can write to. “No there is no other escalation or contact”. Trust me it’s a nightmare.

You hate Gmail not having human support? You’ll start appreciating Gmail’s no support when you will actually be talking to Apple’s support human being bots who will make you feel like hitting your head against the wall at least 7 times per 10 minutes while maintaining complete corporate composure and plastic professionalism.

If you want to use HideMyEmail it’ll be not on your domain. It’ll be locked to the subdomain (@privaterelay.appleid.com) of a company that’s the biggest walled garden this planet has ever seen and so powerful that it can just delete your account and you can do jackshit about it - yes, they have done it. The typical “find a connected employee at Google” also doesn’t work.

There’s not even catch-all. Max three emails.

Do yourself a favour and a get a real and dedicated mail provider like Mailbox, Fastmail etc because even after being few years older than Gmail iCloud mail is much much much worse.

Besides unless you’re also sunk in the walled garden up until your ears or maybe forehead you won’t be able to use 99.12% of iCloud+ anyway (Or maybe nothing if you stop using fruit company devices. I am not even sure and couldn’t figure out from their documentation and support)

Edit: Wow! Fruit company fans already at their downvoting game! Amazing! Ffs, if possible try to pull the fan part of that brain out of the place where sun never shines? I am also a “user” of Apple device(s), just not a “fan”. But it explains how yesterday there was a sub thread (on payment cut thread) how Apple fans give a pass to Apple for everything shitty and evil like feckless apologist drones.


So I made the switch from G Suite Legacy to iCloud+ (99 cents seemed like a bargain to try out) and it has a few kinks to work out.

Their documentation put double-quotes around the SPF records, and when I added them they didn't work -- had to remove the quotes completely.

And yeah, 3 email address limit and a weak icloud.com interface (compared to gmail) is also annoying.

But honestly I'll probably use it for a while, their IMAP support is good so I could always transfer emails out and point the domain records somewhere else. 99 cents a month is a bargain, the only other provider in that price range is Zoho Mail (which I also like and probably would have used if my contacts/calendar wasn't already on iCloud).

> @privaterelay.appleid.com

The @privaterelay.appleid.com is for email addresses that were created by using "Sign in with Apple", you don't have to pay for iCloud+ for that. If you create disposable emails with iCloud+ they come in the form: Coconut-Apple.0b@icloud.com (the words, numbers, and separators are random)


I'm using iCloud a as well right now as a stopgap until I find something more adequate.

Their IMAP is very slow (in true iCloud spirit). People will find it difficult to migrate larger mailboxes. I don't get why they can't just fetch my mail directly from Google.

3 email addresses without at least a catch-all option is not enough.

Their spam filter is rubbish. Even emails sent between members of the same family sharing group go to spam in spite of never leaving Apple's own infrastructure.

Many of my messages show up with an incorrect date, because they were moved between other email providers at some point, adding a more recent "Received" header. I don't blame Apple for this but it's definitely inconvenient having to preprocess the mbox file before uploading.

Apple Mail is highly unreliable and buggy. It deleted all my emails before. There doesn't appear to be any way to cancel a copy/move operation, which is particularly annoying when migrating a lot of email. But fine, there are other email clients (none that I like though).

Unfortunately, the rest of iCloud is really second rate as well. iCloud Drive has no versioning or ransomware protection whatsoever. You can't upload or download a folder from iCloud drive via the web interface. Sharing is crippled, insecure or impossible unless everyone involved uses Apple devices for absolutely everything.

So this is just not an adequate solution for any sort of professional use.

I'm trying Microsoft 365 right now. My experience started with an outage of the main admin site lasting for hours. But it can do a lot of things and it's fast. The downside is that you have to use their unbelievably sprawling, inconsistent, redundant set of admin interfaces that only make sense if you have been a Windows sysadmin since the (previous) .com bubble.


Why not just use simplelogin? Buy your own email domain and you can create random emails on the fly. Like if you're prompted to input your email you can use the name of the prompter companyxyz@yourdomain.com and it'll forward it to your regular mailbox. It's fantastic.


Actually if you just need that you can just add something random on your domain and mail will be delivered on that email just using catch-all feature that even some basic providers like mailbox.org provide, you don’t need any additional service layer for that. Sending emails from those addresses become tricky and cumbersome.


An alternative to Microsoft 365 if you don't need anything other than email hosting is their Exchange Online plan, which is $4/month: https://www.microsoft.com/en-us/microsoft-365/exchange/excha...

This is what I ended up switching to and it's been working fine so far. I learned from this debacle that tight-coupling email to any other service is a liability, so email-only is actually a feature for me. No GoDaddy requirement either.


I would spent a little more and the the Business Basic plan. I think it is quite a good deal.

https://www.microsoft.com/en-ww/microsoft-365/business/micro...


I will use that I think. It is a bonus to get some web Office apps in addition.


I thought Outlook.com email was free ? Or is that something completely different or a different class tier that isn’t included in these discussions for whatever reason?


I think this discussion is just about email using your own domain.


I just did the Gmail —> iCloud transition and was frustrated that the MBOX format failed to maintain labels / folders. Everything went into a single place. On researching it seemed like the best process was to set up two IMAP accounts in Apple Mail and simply drag and drop the directories. I’ve done this, but it is still a pain and took 100x longer than I expected.


I really don't recommend doing that with Apple Mail. I did, many years ago, and ended up losing quite a few emails due to Apple Mail bugs; I did it again a few years later and ended up with weird corruption of email headers (wrong "received" dates).

That was way before the Catalina Apple Mail data loss bugs. https://mjtsai.com/blog/2019/10/11/mail-data-loss-in-macos-1...

Any sysadmin will tell you Apple Mail has had occasional weird dogshit bugs for a decade.

Use Thunderbird, it's more likely to be robust and not corrupt your emails, then feel free to switch back to Apple Mail once you've moved everything.


Huh it’ll start showing empty mails that’s full of text in other mail clients and web mail.

It’s been happening since 2016 (first time I noticed) and last reporter to them in January 2021. Then I gave up. It still happens.

Anyway that’s just one immortal Mail.app bug.

I am just in the process of finding another mail client (preferably native, paid, and open source that doesn’t read my mails)


Mailstores free home version works pretty well for this. You can backup your IMAP account in it, and then it has the option to export that archive to another IMAP account. It does retain folder/label structure (although it places them under a parent "Mailstore" label, but that's easy to fix after).

It will also read EML, MSG, PST, and MBOX formats, and connect to Outlook and Thunderbird.

https://www.mailstore.com/en/products/mailstore-home/


that's because Google has "labels" as their own extension to IMAP. It's non-standard and they don't care. They know it's a lock-in feature.

If you have a linux box around, the "imapsync" tool works well.


Is that statement being downvoted because it's incorrect? (I have no idea, just asking because that statement appears relevant.)


Labels are representable via IMAP, but there's pretty much no relation between IMAP, Labels, and the MBOX format here - They're all ways of representing e-mails, yes, but they're basically orthogonal.

MBOX is a very simple format - It's a list of e-mails, separated by newlines. That's it, all there is to it. All metadata is in the form of e-mail headers. Those e-mail headers can be added by a variety of systems - Your MTA, the Sender's MTA, and MTA's in between (such as anti-spam appliances).

Gmail stores metadata about mail messages, and one of those metadata items is the labels that are applied to it. These are used to make searching easier, and are shown in the UI so you can select them and filter by them. Gmail Exports (via Takeout) add a "X-Gmail-Labels" Header that represents this metadata[1].

Gmail's IMAP interface shows you labels. IMAP as a protocol allows you to descend into folders, and to ask about the contents of folders. Gmail doesn't have folders, but it creates folder-like-views of your e-mail by selecting and showing messages that have those labels. It's a convenient interface, but it's a shim layer on top of Gmail, not in any way representative of how your email is stored.

The parent message is uncharitable and technically incorrect. It's not wrong that the gmail export experience sucks, but it's not right enough in the details to be a valuable contribution to the discussion in my opinion. Disclaimer: I maintained the Gmail Import API at one point in my life, and care deeply about portability.

[1] Interestingly, the header is different if you're accessing over IMAP vs from a Takeout export: https://developers.google.com/gmail/imap/imap-extensions#acc...


I would argue the OP is correct gmail's implementation of labels is a proprietary extension of the IMAP standard. Now you are correct that it's not so relevant when exporting to mbox.

It should also be noted that placing labels into the message headers is a solution that can lead to information leaks, and one should be careful with it

The headers are kept (at least in some email apps) when you reply to those emails so the receiver will know your label for that message. So if you label email from your boss as "from idiot" he will know (and there are obviously more serious examples).

Regarding the Gmail labels in IMAP, I'm not sure why you talk about headers. The page you linked to is about the IMAP extension commands, AFAIK the labels do not end up in the headers in that case.


> One issue is that the domain needs to be with Go Daddy

Absolute dealbreaker.

There's no real reason why I can't just point my MX at them, do the additional configuration[*] and have them host my mail.

Any explaination would be pure (and utter) BS.

[*] being setting spf, dkim records and stuff


I don't think this is true; I am running Microsoft 365 and use AWS Route 53 and manually set up DNS records to work with Microsoft 365 just fine.


This is comparing o365 business and the personal offering.

The personal/home offering requires godaddy for the domain.


This is not accurate. I host through Site ground and have absolutely no issues setting O365 as my mail provider.


Does iCloud+ support catch all on custom domains now? I really like this about Google but would also be glad to go elsewhere


No they don’t and it’s a maximum of three email addresses per user.

Looking at it they don’t allow for “groups” or aliases either.

It feels years behind.


It has only just been rolled out. I think it’s still early days.

I’m using it for my domain fine but that has only two users on it.


You’re right it’s only just been rolled out but it’s missing so much fundamental stuff..

I want to make the switch, but I can’t yet. The lack of email lists “groups” is just holding me back. I have about 20 of them. I also have about 15 aliases…

It feels like it’s the beginning of Email…


I just moved my domain email over to Zoho following this news ($1/mo, was easy to set up). Seems to be working. Didn't feel like paying Google $6/mo.


I've been using Zoho for several years and I've been very happy. Only had 1 major outage (which was a bummer, to be honest) and I think they've improved their redundancy and reliability since.


Zoho has been great really happy with their setup


Oh wow I had no idea I could use a custom domain with iCloud, and I'm already paying for the 2TB tier and family sharing. Thanks!


+1 for iCloud+. I moved 3 business/family domains and shutdown my G Suite legacy account with no issues, and no extra cost (already paying for iCloud). Can't beat $0.99/mo for 50GB shared on up to 6 accounts.


+1 for iCloud+. I got the 200 to give my cousin a way to backup her pictures (around 30 GB, and it annoyed me she wasn't backing them up) The custom domain was nice, and I moved all of them to iCloud+.


You might want to read this reddit post about iCloud files disappearing. https://www.reddit.com/r/apple/comments/sixyvx/warning_files...


Just a heads up here:

iCloud / OneDrive / Google Drive / DropBox are not a backup solution despite the vendors promoting it.

They are there only for convenience.

I have experienced file loss on OneDrive. I am now using iCloud and have had no file loss whatsoever. I regularly diff my offline backup with iCloud Drive contents mirrored to my mac.

Also to note: About 50% of the stories you hear are users being morons. My sister lost some files. She deleted them after fat fingering something and blamed the cloud vendor (Google). It happens.

Make sure you back up stuff separately and fully offline. You’re just as fucked if someone rips off your account.


> Also to note: About 50% of the stories you hear are users being morons. My sister lost some files. She deleted them after fat fingering something

Some of these services (e.g. Dropbox) have rollback which would have helped in this situation, and most have a "Rubbish Bin" you can undelete from. I often click on the wrong thing because the web UI is lagging and I delete something by mistake.

I agree these services right now are all for convenience. There are horror stories from all of them, except for rsync (who are active on here) - I've never heard of any horror stories from their cloud service, but obviously if your payment stops for whatever reason, then all your stuff is gone with any of these.


I got a 15 GB account with Mega. I activated a bonus and got about 5 more. It's full now, but I forgot about that fact until I got an email about that I need to upgrade—bonus has expired —, or they're going to delete the data. But until I do, I can't delete the data, I can't do anything except pay, or everything's gone. So, I guess everything's gone. There is no way I'm putting my card on a service that kidnaps data.


AFAIK 20GB is now free forever for active accounts, so that email might just be a reminder to log in to refresh it.

If not, you can also subscribe via Google Play or the App Store and keep your payment info safe that way. (I didn't sign in to check if they support PayPal or the like)


If I ever will experience a file loss on iCloud I think I won’t even ever know the way it’s designed and the way it’s documented and the way way Apple deals with it even after reporting an issue.

Unless you deploy another tool or service to keep checking whether everything has been a file loss or inconsistency inside iCloud. Yes, it’s that opaque!

On the contrary on Dropbox I know exactly what is going on and there are features to revert a change.


If something happens with your iCloud and you get really locked out, is there good support to get you back in?

With Gmail, there is basically no human support these days.

I just had a buddy come to me after someone tried to brute force his sbcglobal email and locked him out; AT&T have told him it might take someone up to 2 months to get to his support request.

+1 for Fastmail. I've used them for almost 20 years and their support has been great.


Just migrated to iCloud with custom domain.


I just switched to iCloud as well, but I want all my email forwarded to my private gmail account. One thing to be aware of with iCloud is that it doesn't do ARC, so your forwarded emails will fail on SPF. I instead use cloudflare's email forwarding for incoming email, which does support ARC, and then iCloud for outgoing. Works well so far.


Are you sure that Cloudflare supports ARC? Last time I checked they used SRS for sender rewriting (that's why SPF doesn't fail), but didn't support ARC yet.


There's ARC headers on the emails I get forwarded, so looks like it. I don't know about SRS.


Does iCloud+ with custom domains support adding labels, e.g. youremail+label@domain.com?


Yes. It does


Yandex will do it for free up to 1,000 users.


I use Yandex. Not a heavy user, but perfectly happy with it.


Interestingly, I just went to register an organization on Yandex, and I'm forced to provide biz info now, including a TIN, seems like it's now inappropriate for families. Can anyone confirm this for me?

Their FAQ also states that it is only available for non-Russian residents that are businesses. Urgh.


Is iCloud+ IMAP/Push?


Yes and has been since it was introduced.

Unlike gmail they appear to implement the full imap protocol


> including Google where we've heard horror stories of getting locked out with no one to even contact --- [raises hand] Been there, done that.


Here is a workaround for Microsoft 365 to not host your domain with GoDaddy.

https://www.reddit.com/r/Office365/comments/ft15pk/use_perso...


That "workaround" instructs you to use "v=DMARC1; p=none;" for your dmarc record. I'm not sure if Microsoft actually requires this, maybe it's because it doesn't support DKIM, but setting your dmarc policy to none disables SPF checks and is an extremely bad idea.


Not true. You can host through any provider and link it to Office365.


https://support.microsoft.com/en-us/office/get-a-personalize...

Q: I already own a domain that's registered with a provider other than GoDaddy. Can I set up a personalized email address in Outlook.com?

A: At the moment, we only support connecting domains managed by GoDaddy with Outlook.com.

Maybe that only applies to "Microsoft 365 Family or Microsoft 365 Personal" and not their business offering? They have a basic business offering for $5/mo, but it doesn't include the Office apps (just the online versions).

EDIT: It looks like non-GoDaddy is for business/enterprise plans: https://docs.microsoft.com/en-us/microsoft-365/admin/setup/a...


The non-GoDaddy workaround from the adjacent reddit link works fine, not sure why the sibling comments have been downvoted so hard.

The reply to that about the workarounds disabling spf is wrong, at least for the adjacent reddit link. It includes relevant spf records and they appear to work fine.

I’ve been hosting my custom domain on the personal office 365 / outlook.com using these workarounds for a couple of weeks now and so far it has been working just fine.

Ideally dmarc and dkim would be supported, but it’s worth noting that it appear that neither of those are supported by the personal office 365 / outlook.com plan even with GoDaddy.


If you do some googling you can find forum posts on how to do it manually, though I've not tried it myself



The manual workarounds are to do things like disabling SPF, which is a very bad idea.


In their Q&A they have a link to a google form where they say they will email you alternative options after April 1.

https://support.google.com/a/answer/60217#faq

May be worth the wait and just sign the form. Worst case, you still upgrade. But it seems like they may offer some super restricted free version for personal use.

I’ll probably just upgrade at this point. I wish protonmail supported contact syncing. That’s the main issue, that and our dakboard.

>What if I use G Suite legacy free edition for personal use and don't want to upgrade to a Google Workspace subscription?

>Upgrading to a Google Workspace subscription is a seamless transition for all customers currently on the G Suite legacy free edition. However, we understand some customers may not use their G Suite legacy free edition for business and may be interested in other options. If you have 10 or fewer users in your group and do not use your G Suite legacy free edition for business, please sign in to your administrator account to provide more information.

>Sign in to an administrator account (doesn't end in gmail.com).

>Note that even if you decide you don't want to upgrade to Google Workspace, you'll still retain access to additional Google services and paid content purchased though non-Google Workspace services made with your legacy edition account (such as movies purchased on Google Play). Learn more above.


This question comes up a couple times every month. FastMail always comes up as a recommendation, so if you search comments for FastMail, you’ll find every past thread (and relatively few false positives):

https://hn.algolia.com/?dateRange=pastYear&page=0&prefix=tru...

Example from a week ago: https://news.ycombinator.com/item?id=30128198


It has definitely come up before but since Google just announced that the legacy free plans will convert to a paid service, there will probably be renewed interest.


How does FastMail handle tags? I tried Zoho but it's pretty terrible compared to how Gmail works. What I'd like is:

1) To be able to assign tags based on rules

2) To be able to view those tags in IMAP clients (Gmail exposes labels as IMAP folders)

3) To be able to Archive mail so they are no longer in the Inbox, but so the tag remains (in Gmail, 'Inbox' is just a tag that is removed when you Archive mail)

Zoho fails because:

1) Tags aren't anywhere near a first class citizen. You need to hover over an icon to see what tags are assigned to an email.

2) There's no way to search Archived mail (yes really) and it's not available over IMAP


FastMail doesn't have tags. What it does have? Let me copy/paste my comment from another thread:

They have subdomain addressing, which is kind of like plus addressing, but better (not all places let you sign up with plus addressing).

I've got my own domain, for example: mydomain.com. So my fastmail email address is depingus@mydomain.com. But with subdomain addressing, I can sign up for services with unique email addresses that look like:

social.hackernews@depingus.mydomain.com

I don't have to set up this alias ahead of time. Fastmail will automatically route incoming messages arriving to this email address to my "social" folder. If I start getting junk to that address I can easily blacklist it.

It wasn't easy switching out my email address EVERYWHERE. And there are places that won't even let me change it. But in the end, it was so worth it. I don't even miss Google Inbox anymore!



That's awesome! I didn't know!


You don't even need the subdomain addressing, a one catchall domain is enough (with you own domain).

Eg: I want to register on HN - I would just register with hackernews@mydomain or hn.com.accounts@mydomain or whatever on the mailbox address side - it would be delivered to my main catchall mailbox anyway.


When I set mine up, I went by their docs. It was pretty clear that the username becomes the catchall subdomain; whateveryoulike@username.domain.tld

https://www.fastmail.help/hc/en-us/articles/360060591053-Plu...


Sure, but it's needed if you have multiple users|mailboxes on the domain and you don't want to manually create the rules to forward mails for another users for each alias you|they had used.

Because I'm the only user on the domain I don't need the subdomain addressing.


You don't have to have the alias set up ahead of time, but you do need DNS set up for every subdomain you want, which means you can't just do it for every signup/account


The catchall subdomain is your username. You do have to setup your DNS a certain way. But its a one time thing.

whateveryoulike@username.domain.tld

https://www.fastmail.help/hc/en-us/articles/360060591053-Plu...


It handles them exactly as you describe.

They didn't have them when I first joined a few years ago but, when they added them, they did it the right way.

Coupled with the fact that you can use anything you want before the @, it makes for a very powerful way of organizing your mails.


If you switch to labels mode, Fastmail handles them just like Gmail.


Using Gmail labels for IMAP is not really ideal if you assign multiple labels, because if you end up syncing to another provider all those virtual "subfolders" has duplicate messages. You're much better off using your email client's built in labels and just syncing the 'All Mail' folder.


I love Zoho for what they offer for $12/year. I agree that UI is better on Gmail, which is why I redirect all email to my GMail Dashboard.


> This question comes up a couple times every month.

Thank you! I used HN search before posting but didn't find anything helpful when searching for "google workspace", so I appreciate the links.


I really like Fastmail's Android app too. It's probably only a wrapper around a browser, but it works so nice.


My gripe is that it doesn't work offline, so you can't expect to sync emails once and read them later.


Every service has their haters and lovers. While people in G-suite threads swear that moving to fast mail or MS is the best options, in Microsoft threads people complain about clunky MS interface. It is always full circle! https://news.ycombinator.com/item?id=30141192


I'm a happy Fastmail customer for e-mail but they don't do everything Workspace does. Microsoft is a more direct alternative with all the Office apps etc and personally I like the web Outlook interface way better than GMail.


Fastmail

I've just moved, and it's great. Import is fantastic (I migrated 14GB of email) and I've used Dmarcian to monitor and confirm everything is perfect on the SPF, DKIM front. Spam initially got through, but once trained it's been flawless I've personally abandoned labels for folders as I used barely 10 labels in Gmail and seldom added more than one, but they do support labels if you want that. It's great for wildcard email and aliases.

I've moved the calendar over too via Google takeout for the individual .ics files. On Android I use DAVx5 to keep using the Google calendar app (point it at your fastmail account and it will display in Google calendar).

For Drive I've moved to syncthing and am using a Synology NAS as my always online master copy, but each of my computers has a copy. I also installed libre office on my laptop.

And I'm keeping a Gmail account just for Android backup and app purchases, etc.


I would love to hear more about your Synology NAS setup if you don’t mind.


It's a slightly older Synology 1817+, 8 bay, all filled with smaller older drives... 24TB RAID6. It's powered by a UPS and I set it to put the disks to sleep to reduce power consumption.

That's the basics... Beyond that, everything is disabled that was shipped with it except Windows and Apple file sharing locally.

Then I've installed the SynoCommunity version of SyncThing.

I have multiple users in the house and each person has a folder on the NAS which is their home network share and only accessible to them (and me as server admin)... things like Time Machine will have this as their backup drive and they can also dump larger files there. Within each person's network share is a directory that is mapped to SyncThing. On each of their laptops their folder is also on a local SyncThing. This means there's a shared folder on their laptop and network share which SyncThing will keep in Sync when off of the LAN, and when on the LAN they can use any computer to access the folder via network. But mostly, locally on their laptop they just work on local files and don't have to think about how it all keeps in sync.

Finally I make a cold backup once a month to an 18TB HDD USB drive which I store outside of the house except for this once per month task. This is backup via rsync.

That's it. Fairly simple. I only use a NAS for file storage and SyncThing, nothing else.


how good is their spam filtering? it’s been years since i had to worry about it but i really have no desire to go back to something hacked together.


I moved to Fastmail last year. Their spam detection is very good from my experience, I have not received any spam, other than marketing "spam" from services I signed up for. Even then, I would ballpark most of those end up in spam. I am also a big fan of their relatively new Masked Email feature[0].

[0]https://www.fastmail.help/hc/en-us/articles/4406536368911-Ma...


It's excellent. Sometimes gives a few false positives which I have to move out of the spam folder, but it's right 99.99% of the time.


I’ve moved mine off to Gandi.net where I had the domains. It is either included for free with your domain, or something like 1.5 EU/mo if you store a lot of email.

Easy on the Gandi.net side and on Macs. A complete pain on the iOS side. The accounts added on the Mac don’t come over to iOS for some reason like they do other Macs, then when you go to add them manually iOS won’t look to see which ports to use or mail servers so you have to enter all that, except you can’t do the port until later and when you do the device hangs at “verifying” until you turn off all internet access and turn it back on. (That’s a half day of research for free for you.) It’s an accepted defect by Apple, its been documented for years.

Also, moving is a pain. Google lets you export, but you lose your folder information. Apple on Mac lets you easily copy from one account to another, but that is a little strange since you have two accounts for the same email address and there have been catastrophic failures in the past from that. Also some of the special folders like “Archive” apparently can’t be copied for “reasons”. The work around is to “select all” in Archive and hope it doesn’t explode from the volume.

All in all, you are in for some pain. And pain raised to some exponent if you have non-technical users in your domain to support.


HN is a hard place for people who like Microsoft but I'll tell you that a single user Office 365 Business Essentials subscription is a great deal. Along with e-mail you get a terabyte of Sharepoint (OneDrive) storage, online versions of office apps, and Teams. $5/mo. There's an IMAP migration tool. Just turn on IMAP on your Gmail account if it's not already enabled and let the O365/Exchange wizard suck all the e-mail down.


A sibling comment also pointed out Microsoft 365 plans [1] that run $70/year for 1 person and $100/year for up to 6 people.

[1]: https://www.microsoft.com/en-us/microsoft-365/outlook/outloo...


And Exchange online is a fully featured mail server. Fancy adding 50 aliases, go ahead. Fancy adding 50 domains, go ahead. Fancy adding your family, that too. Groups, distribution lists etc. all included.

Plus you can set up Azure AD and use the SSO tools!


That's a pretty great deal. And I've previously tried to replace the Office apps (with Google Docs, Apple's suite, and LibreOffice) but just can't, so that's really appealing too.

EDIT: This plan appears to only support "Office apps for the web", which are not good enough for serious use in my experience.


If it’s for personal use, then the Microsoft 365 personal plan is $70 per year and includes the full office suite and mail. Otherwise, $12 per month will get you mail and Office.


I’ve been considering this, but how good is the spam filtering included with this plan? Do people often end up bolting on 3rd-party spam filters in front of Business Essentials?


I haven't adjusted the spam filter. I have been using it in the default configuration since I signed up and it filters out most. YMMV.


I use it at work and the default spam filtering is fine


I've been eyeing this as well but it looks like neither DMARC or DKIM is supported on the family plan. Anyone know a way around that issue?


Yes, use an office 365 business essentials subscription instead. You now get a fully featured online mail server


As alternative I would suggest Office365, but If you used Google workspace for so long, why not just pay Google? Why you have to change. Just pay and do nothing... They invested billions for you to use it for free so long. Its a good service.


Google Workspace is expensive: $6/mo for 30GB. Microsoft will give you 1TB plus the Microsoft Office apps (plus email) for that price. If you have a family of 6 with a custom domain, Google is going to charge you $36/mo while Microsoft will charge you $8.33/mo - plus each person gets 1TB of storage and the Microsoft Office apps.

I think the reason to switch is that Google decided to use the same pricing that they want to get out of enterprises for individuals/families. Sure, $6/user is nothing to a company that is paying that worker $5,000+ per month, but it can be annoying for a family (even if it's still relatively affordable). But then you have to think about whether you want to pay $12/user to upgrade their storage making it $72/mo for a family of 6. And you still don't get the Microsoft Office apps. They aren't strictly necessary in a lot of situations, but they're still pretty commonly used.

It just seems like Google isn't offering great value for individuals and other companies offer something better. In a certain way, it feels like Google is charging $6/user/mo just for the custom domain. With Microsoft 365, it at least feels like you're getting something above a standard account with the Microsoft Office apps and 1TB of storage.


> I think the reason to switch is that Google decided to use the same pricing that they want to get out of enterprises for individuals/families. Sure, $6/user is nothing to a company that is paying that worker $5,000+ per month, but it can be annoying for a family (even if it's still relatively affordable). But then you have to think about whether you want to pay $12/user to upgrade their storage making it $72/mo for a family of 6

And if you're like me who has already been paying $12/user/m ( which is higher than it used to be! ) just for the unlimited storage aspect... Congrats! That's going away in a few months and the only equivalent is upgrading to an actual enterprise plan, which I _believe_ starts at $20/user/month

I just want to store my raws without spending an arm and a leg, god dammit


How are you getting $8.33 for a family of six? Their cheapest family plan is $100 usd.


8.33*12=100


Does paying them make you safe from their algorithms blocking your access at any point with no appeal? If yes it's probably the right answer, if no go with a company that is not primarily dealing with free users and has real customer service.


This was asked last week with some good answers:

https://news.ycombinator.com/item?id=30128198

This monster thread about the original announcement is full of them as well:

https://news.ycombinator.com/item?id=29996432


Office 365 is a great deal. For 1 user its $70 per year, up to 6 its $100 per year. You get a lot of storage and all of office.

https://www.microsoft.com/en-us/microsoft-365/outlook/outloo...


It's been said in other threads, but just to be complete. You need to have your domain with GoDaddy, which is batshit insane. Now, it it were a reputable domain company I wouldn't quite mind but this is GoDaddy we're talking about.


Absolutely, I had no idea that was a ridiculous and odd requirement


I've been using Migadu ever since switching away from Google Apps, and I've been happy with their service and pricing.


I use Migadu as well & recommend them: The ability to have unlimited domains (even on the cheapest tier) is key for a domain name hoarder like me.


Been using Migadu for half a decade now. Only catch is that there isn't a contact/calendar service. I've been told it's in in the works multiple times over the years, and I'll welcome it when it does release, but it might be a dealbreaker for some workplaces.


They have now implemented caldav and carddav so you can have your calendar and contacts linked to your email, but all the typical comfort of sending invites or confirming presence is still lacking.


Is there any documentation for this? I see nothing on the changelog[0]

[0]: https://admin.migadu.com/changelog


Also moved to Migadu after hearing about Google shutting down the "legacy" accounts.

Moved 5 domains with wildcard support and 80k emails over and been going great (and only $20 a year for that).

I used imapsync (free / opensource) to move the emails from Google to Migadu.


Another Migadu user here. They've been slow with the rollout for new features (the new alps webmail was promised over a year ago...) but overall, can't complain for the price I'm paying for my two domains (I'm on the $19/year plan).


I'm in the exact same position. I wish they posted more regular updates... I am not very confident this service will be around in 5 years as a result.


Same, the inactivity makes me nervous especially since they had such a big rebranding over a year ago -- makes me wonder where their priorities are. Fortunately, I'm glad I moved all my e-mailing to domains I owned to make moving easier in the future.


You can still use the Gmail UI with a custom domain for free. All you need is a mail server. Once it's set up, configure a free Gmail account to fetch your email with IMAP and send from your domain with SMTP. Now you own your email but still get the Gmail UI as long as you want to use it, for free, with the option to use any other client you want as well.


Why would you want to use the Gmail UI though?

I’ve found it to be one of the slowest, most bloated and resource-heavy web apps I use.

It’s nothing like the Gmail of 10+ years ago when Google actually cared about the product.


My experience with mail clients has been pretty poor in general. I haven't done a survey recently but all the others I've tried in the past have been slow too, and the search and spam filtering did not work as well.


They've got a new UX coming down the pipe, remains to be seen what the performance is like, but looks more modern at least.


Cloudflare's email routing offering seems to be a good fit for this as far as I can tell.


No SMTP though, so that fixes 50% of the problem.


Seems like it's not a replacement then. If you can't send from the domain, you'd be sending from your gmail, which is no good.


Oh yikes, good catch; I definitely thought they did smtp as well


Oh this is an interesting tip. Any guides? I'd imagine this could have deliverability problems being from a self-hosted mail server but maybe that's just been ingrained in me by email providers :)


I wouldn't self host a mail server, I'd go with a hosted option. Often you get one free with your domain registration anyway.


That's what I'm doing. Gandi provides two free mailboxes for each domain hosted with them.


I'm trialling Fastmail at the moment. Some observations. Excellent Google migration tool..Excellent support for domain aliases. You can also forward domain aliases to an external addresses...I raised a support query on A saturday evening and I had a resolution on Sunday morning.

Looking good so far. My main requirement is no restriction on domain aliases.


I offer https://privateemail.com as an option, "best" or not depends on you.

I'm a fan of namecheap. They do not, in my experience, engage in the same dark patterns as other registrars. I found out about their hosted mail service, privateemail, only last year. We needed something for a new business domain with very simple needs and Google Workspace would have been overkill. After using privateemail.com for the last 6 months or so, I can give it only a very basic, but positive review. It's been simple to use, reliable, and inexpensive. The plans come with Google Drive like storage, and they also appear to be developing (or integrating) online document editing which is available with their Ultimate plan (currently $68.88 per year).

We did not have any need to import mail, so I don't know if or how they support that. As far as I've seen they do not have a mobile app, but of course you can use other existing apps including the OS built-in apps. The domain is new and does not receive any spam, so cannot comment on the effectiveness of their spam filtering.



Wow, looks pretty good. Never heard of those guys. Are they new?


I joined MXRoute at a suggestion in on hackernews and I'm... probably gonna be moving away when my year is up.

Two issues I had:

1. 3 times my emails to gmail will be "silently delivered" in that they don't bounce but they don't land in the inbox. I had it happen to me (sending to my test gmail), me sending to a friend, and me sending to a business. It's a gmail problem, but this never happened when I was on fastmail.

2. Jarland is a solid admin, but he's "old school". Sometimes he'll blanket ban incoming mail, and you might miss messages. For example, I was trying to sign up for mailjet and I wasn't getting the sign up email. When I opened a ticket, it was because MXroute was seeing "a bunch of spam from that provider" so it was blocked. I have no clue if I missed any emails from sellers/senders that use the service during that time...


Re. 2.: https://accounts.mxroute.com/index.php?/news/view/18/don--03...

Looks like you were not the only one.


Right. It's one thing to ask customers to choose a different provider, and I'd happily consider. It's another to blanket block receiving mail from mailjet. I have no clue how many vendors that I've purchased from that are using mailjet!

(Sure, if you wanna send it to spam, I'm open to that, but it was dropped on the floor...)


Domain Name: MXROUTE.COM

Creation Date: 2013-10-14T22:37:59Z

In 2019, MXroute became an official legal entity in the state of Texas, MXroute LLC. MXroute remains a family business managed by Jarland and Christine Donnell.


Not new, but I don't think they're intended for primary mail.


I have used Zoho for my burner domain for a couple of years.

It's functional and works ok, but is not as slick as Gmail (both web and app)


Another Zoho user. I use them with my own domain and make a heavy use of catch-all addresses + aliases when I need to respond from a specific one. (But I'm also using their docs and invoices services)

I've had two actual delivery issues over the last 5 years, so overall not bad.


Also a Zoho user - been very happy for a few years now.


I love Zoho for what they offer for $12/year. I agree that UI is better on Gmail, which is why I redirect all email to my GMail Dashboard.


I will keep the free version of "google cloud identity" so I kan keep my google account and things connected to it; things like drive documents, YouTube account, app purchases, and so on. But then I intend to move my email domain to iCloud.


How do you do this? I’m planning to keep my Gmail account and pay for it, but my son does not need the mail address but wants to keep his YouTube account.


https://admin.google.com/ac/billing/catalog

Enable "Cloud Identity Free" then just go to his user in the admin panel and remove the users "Google Workspace" license.


I'm currently going through the process of setting up a self hosted instance of mailu (packaged set of docker containers) to migrate my domain away from Gmail.

I'm doing it this way because I'm a masochist (in other words: idealist).


All I want is a mail provider that will dump wild cards into my Gmail box. What's the best tool for that? I don't mind the Google Borg... but I'm not willing to pony up $$$ for simple wildcard email delivery.


I use namecheap for my domains. Their mail forwarding service does exactly this. I used to use joker which was also the same


Migadu, Mxroute, or just cloudflares free email routing.


I have no idea what Google Workspace provides, but here's my review of Fastmail:

- The web interface is good, the Android app is good. Relatively fast and straightforward to use. Pretty good reliability aside from the occasional DDoS.

- The calendar is functional but kinda lame. I don't think I've ever noticed before an event happens, and trying to open new events has poor UX. Typical Calendar features work fine.

- Haven't really used Contacts but they're all there from my phone.

- There's a Notes feature which I find mostly useless since it doesn't really sync with anything (though supposedly it can work with Apple Notes' proprietary format?).

- They give you dedicated file storage and transfer quota just to serve files on the web (unrelated to mail quotas). It's accessible via normal browser and via WebDAV client. I guess it's handy, I've used it once, but pulling attachments out of emails is almost the same. If you had to send someone a large file and couldn't send it via e-mail, there you go.

- They have all the mail features that I've used in Gmail. They have some "team" features, I suppose they're helpful if you have multiple users.

- You can connect your Google, Yahoo, Outlook, iCloud, and other accounts in Fastmail so you can actually pull mail from all those places. You can even send e-mail through each of those providers too. So this is pretty cool for consolidating accounts.

- They have their own e-mail masking service, and partnered with 1Password so the masked e-mails have matching credentials in your 1Password account.

- The people running it are using really old tech and don't chase after the latest shiny thing, which I appreciate. Everything they do seems sensible. These aren't tech bros gobbling up VC money to become a Unicorn. And they don't seem to use any trackers or ads at all. The only 3rd party domains I see are from Sentry (for debugging app issues).

- My gripes: the Android app doesn't cache mail or calendar, the Calendar is clunky and notifications don't grab my attention, their new UI in beta will probably become more cramped soon.


I migrated four separate Google accounts to a single Fastmail account last year. I had put off migrating for _years_ because I thought it would be painful, but I've had no issues at all. The migration was automated with good progress updates as emails are copied across. I had to do the DNS bits manually but they were nevertheless well documented. I've had zero issues since with mail, calendars, or their simple static site hosting. I think about it so little I sometimes forget how happy I was with the whole process.


four different email accounts to a single account? .. Thats neat.


Mxroute, migadu, purelymail (in beta). Can also consider Gandi.net which gives two 3G email when you use them as domain registrar, their domain pricing however is not the cheapest you can find.


Fastmail. It just works and does everything I need, without bloat (I've got it on a custom domain). It also seems reasonably likely to last "a decade or two".


I'm very happy with Tutanota. I use it with my own domain because it's one of the cheapest options I could find and they use renewable energy.


+1 for tutanota.

It's also open source.


Google is not just email. It's the email client. It's the calendar. It's the calendar integration with email. How do you replace those?


> How do you replace those?

These days? Pretty easily!

Fastmail also has an email client, and a calendar. The calendar is integrated into its email service too. And the calendar integrates really well with iCal / CalDAV. I find fastmail syncs calendar entries between my apple devices more reliably than apple's own icloud.

The big hole in fastmail's offering is that they have no replacement for google docs & spreadsheets.

Microsoft Outlook + 365 (as others have suggested) also does pretty much everything gsuite does.


One thing I like about Fastmail is the ability to serve static web content directly from the “Files” section of their apps/website.

Since they already manage the domain for email, spinning up static sites at subdomains is really easy and really nice.


This is a huge feature for me. I had set up my EE consultancy and even though I'm no longer doing any side work the Fatmail hosting feature allows my to keep a professional-looking static site for no extra cost with a place to post periodic blog updates and even the beginnings of a niche knowledge base. I love it!


I almost did this, but they don't have rsync access to the Files space. It's really nice with a static site being able to use rsync to just update the changed files.


I use ncftp from a CI/CD job to push my files to Fastmail; it has a sync option

Edit: I’m pretty sure the sync options are part of the put command


I'm a new fastmail customer. Fastmail doesn't control my domain how does this feature work?


Fastmail recommends setting them as the DNS nameserver for your domain. If you do that, then they'll automatically add any records needed to host websites with them. (They'll also set up records for stuff like DKIM and SPF for you, which helps your email stay out of spam filters.)


> they have no replacement for google docs & spreadsheets

I'm happy about this. Those are really complicated apps to support; they'd have to spend a ton of time and money and dedicate new teams to them (even if they "just" hosted OSS alternatives) which would raise the cost of my subscription and take away from their core competency (e-mail). And it may result in proprietary features, making it a lock-in device.


I don't mind losing out on bundled document editing apps, etc. by not giving my email money to Google or Microsoft, but I do wish the smaller providers saw email and calendars as two sides of the same service as I do. I use Migadu for email, but their calendar offering is still in beta and very primitive. So I use Fruux, to support a small open source company. But i've had support messages completely ignored by Fruux and the cost of paying for 2 micro services feels disproportionately expensive.


And Google Photos.


That’s not part of Workspace and it will continue working.


Office365, you get exchange email and Microsoft office included in the basic plan which is about $80/yr.

You can BYO your own unlimited number of email domains.


Check if your domain registrar comes with a free mailbox and mail forwarding (e.g. Gandi), and you can wire it up to a free gmail account with a custom domain. Useful for branding side projects more with custom email addresses.

By the way, is there something special about Cloudflare email routing that people keep mentioning? Don't most registrars come with mail forwarding? It's different?


It's just a new service in beta from Cloudflare, fully free email forwarding (doesn't appear to be "free for now"). Useful for people who already use Cloudflare, except it doesn't have SMTP so you can't fully "pretend" (i.e.: "send as" from your main mailbox) to be your alias, just forward.


One way of getting consumer Gmail to work with a custom domain almost exactly like the way legacy Gsuite worked is to do something like this:

1. Tell your registrar to forward e-mails from john@doe.com to john.doe@gmail.com. Many registrars offer this service for free.

2. Set up john@doe.com as an alternate sender in Gmail (Settings > Accounts and Import > Send mail as).

For (2), you can use smtp.gmail.com to send mail on behalf of your domain. Example setup instructions: https://support.google.com/domains/answer/9437157?hl=en. You might also want to make sure "treat as an alias" is unchecked, so `john@doe.com` shows up as the From address (as opposed to `john.doe@gmail.com on behalf of john@doe.com`). You probably also want to edit your spf record for your domain to allow Google's mail servers to send mail on behalf of your domain, e.g. "v=spf1 include:_spf.google.com -all".

So this mostly all works...but the problem is that there doesn't seem to be any way of setting up the proper DKIM and DMARC records for your domain when using smtp.gmail.com. So I'm wary of deliverability issues with this setup. I already found one other user complaining about this: https://serverfault.com/questions/1092392/spf-dkim-dmarc-for....

Does anyone have any ideas here? Are there any reputable SMTP only hosts that cater to individual users? You could use Amazon SES but it seems like it might be a bad choice for individuals, as those SES hosts are generally used for bulk e-mail and you might get stuck sending mail on an IP with a bad reputation.


Set the Reply-To header?


Also went looking for an alternative and moved everyting to mailbox.org...


Be aware that Mailbox.org allows any user to send emails as ("from") any other user via SMTP and these emails will look legit since they pass SPF and DKIM checks. Many consider this a security issue.

There was a quite lengthy discussion about this in their forum but they deleted it since. They refused to fix it. Archive.org still has it. Content is in German (sorry):

https://web.archive.org/web/20210123192856/https://userforum...


Oh wow, do you perhaps have more details on the current situation? The CEO’s response is from 4 years ago.

I also don’t fully understand the reasoning. Having an open SMTP server that doesn’t restrict senders is one thing, but attaching DKIM without further checks is another.


AFAIK they still refuse to acknowledge the problem. But since they deleted the forum thread, how would I know.

What they said in the forum doesn't make much sense. Yes, anyone in the wold can send emails with any address as "from". The big difference is that those emails won't pass SPF and DMARC checks.

If I wanted to use them, I would need to configure SPF and DMARC for my domain so that their mail servers pass those checks. At this point I would expect their mail servers only to allow sending "from" my domain when my account is used.

Note that just about any major mail provider does this check (e.g. Google). It is industry standard. It is crazy that they even refuse to acknowledge this. I'm working in this field and this is basic knowledge. I just don't get how they can do this professionally and not understand what the problem is. The only explanation I have is that for some reason it would be hard for them to fix and so they try to ignore it / make it disappear by deleting the forum thread.

Also they use the same DMARC key for all customers, which is weird. Usually each customer gets it's own DMARC key.


I assume you mean DKIM where you wrote DMARC. A DMARC check results in a pass when at least one of SPF or DKIM is aligned, i.e. SPF alignment alone is enough. Which makes this situation even worse because a custom domain user of mailbox.org obviously will have mailbox.org’s SMTP server in the SPF record.

It seems this issue was acknowledged 2 years ago: https://userforum-en.mailbox.org/topic/anti-spoofing-for-cus...

Edit: re the shared keys you mentioned I agree. If they had per-user DKIM keys that were only usable after successful SMTP authentication (e.g. by encrypting them with credentials) that would solve the DKIM part of the issue AND even further improve the situation.


Anyone willing to spin up a mail server can do this. DKIM and SPF are only intended to establish the identity of the server. I don't know that there is any obligation on the part of someone running a mail server to police the "From:" address on an email in some specific way. Traditionally the "From:" address was considered informational. It generally represents the address that the sender considers "their" email address. A actual user identity is established by signing the email and is separate from the "From:" address.

Does mailbox.org even include the "From:" address in the DKIM signature?


As others said, DKIM always includes "from". And almost none of the emails I get are S/MIME or PGP signed.

Like you said: SPF and DMARC only authenticate the server. It's up to the server to authenticate the user.

Scenario: imagine your bank uses Mailbox.org to send emails. How would you verify that an email is legit? Any Mailbox user can send emails through Mailbox with your bank as "from" and all of these emails pass SPF and DKIM checks. Your mail server has no way to distinct a legit email from a fake one. This is why it's important that the server does this check (check that sender account and "from" match / are a valid combination).


Anyone that runs a mail server can generate emails with any "From:" address they want with a valid DKIM. The SPF works on the envelope address, not the "From:" address.

The actual complaint here is that mailbox.org is not policing the "From:" address and thus are providing such an ability to people that have not bothered to spin up a mail server on a domain they control.

Yeah, banks should sign their emails. I think that even Facebook does this if you give them a public key.


I’m sorry I don’t get the part about DKIM. I thought the DKIM signature would only be valid if the signing SMTP server has access to the private key matching the Header-From’s domain’s designated DKIM public key.

E: by valid I meant valid and aligned (according to DMARC), sorry


A sender can throw anything they want in the "From:" field and then sign it. The receiver does not have to agree. What would happen is that the receiver would see that the holder of the domain was different than the domain in the "From:" address and on the basis of bad "domain alignment" could reject the email.

I now think that the DMARC stuff is a red herring and would actually help make the current mailbox.org behaviour not all that problematic (they specify "reject" in their DMARC policy). The actual point of dispute is the lack of enforcement of the "From:" address domain.


Yes, lack of enforcement by mailbox.org on the Header-From when signing DKIM is the problem for DMARC IMO. It means I can’t trust a DMARC pass due to aligned DKIM.

Mailbox.org’s servers have access to 4 private keys as far as I know. These (I mean the matching public keys) are stated in mailbox.org’s DNS records. If you send from an @mailbox.org address you trust mailbox.org to do checking on the Header-From when signing it, as you have no control over which keys you state in DNS. This is the same situation as for any mail provider with a shared domain.

What’s even worse, when using mailbox.org with a custom domain they will have you state the exact same 4 keys in your domain’s DNS records for DKIM to work. There is no way to upload custom keys. So even someone with a custom domain has to trust mailbox.org to not sign strangers’ e-mails.


The DKIM key is in your DNS. Does mailbox.org provide a DNS service and somehow enforce what you put in there?

Added: Wait, how would that even work? You need to generate your own DKIM key.


No one is forcing me, but not using it would mean I can’t have DKIM signatures, wouldn’t it? As far as I know there are no mail clients that add the signature before sending it to the MSA, but I might be wrong.


Re the addendum: No, mailbox.org does not support own keys.


But since DMARC will also give a passing result with aligned SPF, the Header-From checker has not only to refer from adding a DKIM signature but actually reject the e-mail completely for DMARC to be reliable.


> Does mailbox.org even include the "From:" address in the DKIM signature?

According to the spec, the “From:” field must be included in every DKIM signature.

https://datatracker.ietf.org/doc/html/rfc6376#section-5.4


Seems like it, I just sent an e-mail with it and it resulted in

  h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
    to:to:cc:mime-version:mime-version:content-type:content-type;


If you’re using DMARC the from and the DKIM signature must be aligned or it doesn’t pass. Simply passing any DKIM check isn’t enough.


Mailbox.org has a DMARC policy of "reject". So receivers that enforced DMARC and did "domain alignment" would reject the email. Does that make what mailbox.org does with the "From:" address OK?


Not if they are still signing it with the private key for the domain.

If an email is sent with a From of @bob.com and DKIM signed using the private key for bob.com…it’s from bob.com.


I thought about how I would fix that retaining the catch-all feature they have. You can get mail from all non assigned names on your domain on the catch-all assigned account, if you enable that. You should also expect to be able to write from any of those non assigned names with this account. If your account is the only one connected to that domain, everything is ok. But if you let's say have 100 users-accounts on this domain, you could build a blacklist for the names that are assigned to other accounts (which would be cached, therefore could have delay), accept that the admin can impersonate all their users or lookup every assigned domain on each send. Am I missing something obvious?


That’s a huge security issue! Geez.

If anybody realizes you’re using that service they can immediately impersonate you.


The email standards explicitly allow everyone to impersonate anyone. That’s why you should use S/MIME and PGP.


That's not true. SPF and DKIM were explicitly made to prevent email forging by authenticating the server, and the server is responsible for authenticating the user.

Please name even a single major mail provider that allows to send emails with arbitrary "from" headers.

https://datatracker.ietf.org/doc/html/rfc7208 https://datatracker.ietf.org/doc/html/rfc7489


If you’re using DKIM to sign the outgoing message it’s a huge flaw if your service provider is signing other peoples emails with your key just because they included the domain. You authenticate to the server for a reason.


I did not know this, I moved to mailbox.org in December.

Surely they'll only allow that if they pass the auth and the domain belongs to your account?


No, they don't do that check, that is the problem.


I don’t think they can implement such a check without breaking changes.


And that's why we shouldn't fix bugs anymore? https://xkcd.com/1172/

Fixing this would only affect users who send emails "from" other users email addresses, basically users who commit fraud.


I like them as well, especially their catch-all feature. But they increased prices for their cheapest custom domain plan from 1 to 3 euros per moth not so long ago. While I’m still grandfathered in, it doesn’t feel good. I know it’s not too much in absolute terms but the relative increase is steep.


I'll second that. It's the best choice if you want an EU-based company.


I love Zoho Mail.

I pay $12/year and can have as many emails as I want. For example, I have set up an email for my personal domain, and 3 of my projects. It is very easy to do with their docs.

You could stop there, but I redirect all those email to my GMail address (I just prefer Gmail UI). Then I set up labels for each email and now I have 5 different email in my GMail Account.


I recently had to deal with this. I created a free Outlook account. I transferred the domain from Gsuite to cloudflare and signed up for the email beta (all email is forwarded to the Outlook account).

I moved the email using Outlook on Windows (I have a separate MS365 plan for my family so I have access to Outlook). I just connected both accounts to Outlook and then dragged and dropped the emails from the Gsuite account to the Outlook account. Honestly, this was the easiest part of the whole process of leaving Gsuite.

This setup doesn't allow me to send email from the domain, but it does allow me to receive email. It's for a small HOA so I'm fine with this arrangement. If I wanted to send email, then I'd probably sign up for o Microsoft plan that allows me to do that. These are described in other comments.


Similar experience. I moved a domain of mine to O365 from GSuite (Google Workspace) about 2 years ago. I am currently in the process of migrating BACK to Google Workspace.

Generally unhappy with O365 email over the last 2 years. Few of my complaints are: Subpar experience on Outlook for Android. (Gmail is so darn good). Just ready for my Gmail experience again. Overall site management using Microsoft's web dashboard for domain, permissions, spam, 2FA, is %ו@#$ NOT GOOD! I have read so many outdated, no-longer-valid support docs that I'm simply done. "Cloud" products like this have a hell of a time keeping their docs up to date and relevant. Google isn't immune here. But for whatever reason I have far less problems with several other domains I manage that are pure Google Workspace, er.... GSuite....er Gotigle Apps. Y'all get my drift.


How about free email plan from your web hosting? Many hosting companies provide free email plan when you host your domain/website with them. If you have a personal domain/website, why don't use the free email hosting? If you need more features, they also provide upgraded plans.


Exactly. Maybe not free but for a very small fee, compared to the HN popular options. And you might even get caldav and carddav (calendar and contact) sync included.


Tutanota.

It's secure, reliable and supports also family members and shared calendars, for 1€/month/user


Fastmail - it has a one-click migration from Gmail. The web interface is good enough, but I prefer to just use Apple Mail client on both iPhone and Macbook. It is also one of the few (if not only?) providers that support Apple push natively in Apple Mail app.


Migadu (https://www.migadu.com/)

Migadu prices per volume of emails not per domain. So you could have 20 domains and only send/receive 10 emails a month between them all and you’ll pay pennies versus almost everywhere else where just the act of having another domain (regardless of usage) incurs cost.

I use them and they are singularly focused on email (no bloat), have a range of power features in all plans like + domains (similar to Google), filters etc.

They are also hosted in France so you get the added benefit of being subject to EU data protection laws.


I use Migadu too, but currently use Gmail as the client (Migadu over IMAP). I do that because pricing on storage is terrible.

Migadu used to have unlimited storage, but made all their plans worse (and more expensive) during the pandemic. Now even the $9/mo account has only 30GB.

Also as Migadu has no calendar, I use my Gmail calendar. I am trying to get off Google though, so maybe Fastmail is a good alternative


I'm very happy with Protonmail


I really like ProtonMail but the lack of usable search kills me. I definitely get that it’s kinda the point but from a UX standpoint it’s rough.


I looked at ProtonMail but ended up going with Zoho as it was cheaper and seems to work. Proton looked pretty nice.


Yandex 360 is great and also has calendar support etc.

There are a few things that make moving your calendar away from Google pretty hard. If a Google account invites you, the invite still lands in your old calendar for example - even if that's not where your domains MX records point. Lots of third-party software also has mostly Google-specific integrations.

Moving away from them is hard, but overall probably worth it, iff you move to a provider that has real support.


Honestly, I can't understand why anyone would use yandex. Any of the many stories of the Russian internet will tell you how easy it is for anyone to buy your data from Russian services. I haven't seen specific stories on yandex but for peace of mind I need my email with a provider in a jurisdiction with functional political and legal system.

Somewhat similar with data acces rights for the US secret services - I can't imagine anyone e.g. working for Airbus or Shell or even HSBC to feel comfortable using US services.


> If a Google account invites you, the invite still lands in your old calendar for example - even if that's not where your domains MX records point.

Same thing happens with iCloud. Let’s say your iCloud account is ‘bob@example.com’ but that email (and preferred calendar) is hosted elsewhere. If someone using iCloud calendar sends bob@example.com a calendar invite, it will go you your iCloud calendar whether or not you want it to.


Infomaniak is great, starting at 1,50€/month for 5 email addresses, custom domains and unlimited space. They have a real support with humans.


Runbox.com out of Norway is rock solid.


I second that. I learned about it years ago, here on HN in fact. I have been using them ever since, happily. Some while ago they were subject to a DDoS attack and service was flaky for a day or two, but apparently the attackers lost interest when the company refused to pay the ransom.


How is self-hosted email these days? Are there web-based email clients with search, filters, and labels?


Zimbra is the defecto mail solution for an integrated (mail calendar chat) solution. Horde is still the best solution for something completely FOSS. Outside of that there’s mailu which feels like a bunch of services flying in unison.. kinda like an old GM.

All of this to say it’s not worth hosting your email because your smtp server doesn’t have any reputation. I had a mail server that never sent spam or junk mail, was online for over 8 years on the same IP and I still had emails blocked or black holed. Not to mention all of your mail will just go to spam the first few times. Very unprofessional and not worth it in my mind.


I can live with a smarthost for sending, they are the easiest to switch out and very cheap. I'm just wondering about the receiving side.


I recently moved from Gmail to Fastmail, and noted a detailed process here: https://sami.eljabali.org/how-to-replace-gmail/


Regarding migadu, which I am now looking at, what verification have you who’ve selected it done for this statement “ Your emails are your own business. We have no interest in them. We do not access1, analyse2, scan or share any user data.” from their site?


As emails are not encrypted in transit or storage - none. I know that their business is email, not ads, and that I'm the customer, not the product.

If you have confidential emails best to encrypt them before sending, but that is true for anynhosted service.


On https://etik.com, you can have an email address with 20 GB of storage and an alternative to Google Drive with 15 GB. It is hosted and developed in Switzerland by Infomaniak.


Is there any good alternative to Google Docs/Sheets and Microsoft Office 365?


Zoho and OwnCloud.


Thanks!


I'm currently waiting for access to Cloudflare's email forwarding beta. If that didn't exist, I'd use Namecheap, which I believe is also free regardless of whether the domain is registered with them.


I got access and it wasn't a good replacement for me, as they don't have SMTP servers to send mail via your domain, just (incoming) email forwarding.


I'm confused by all the branding. Google change the names to things every week. Is it Google Docs, or Google One, or Google Workspace, or GSuite? They need to stop this.


Google Workspace is just your own instances of their services running on their servers for you. You manage it as your own domain and it has all the services you get with a with GMail account, including Google Docs. It was called G Suite before. I don't know what Google One is.

[edit: "Google One replaced the paid services of Google Drive." Apparently Workspaces is for businesses and Google One is for consumers. It seems that you can't use your own domain as a consumer.]


This is odd. When "migrating" from G-Suite to Workspaces a couple of days ago I got the option to continue as not-a-company. I migrated a company account but still have a personal account with a domain to migrate. I'm sensing problems ahead...


I don't know honestly. I tried asking about exactly this on Community but they just wanted to gaslight me about it being a valid question and then deleted the thread to hide the evidence of that embarrassment. I did a Google Takeout and moved all my stuff to Proton and whatnot.


Google and confusing, misguided name changes for already-effective products: name a more iconic duo.


Microsoft comes close - my most personally irritating example was them trading “Lync” (short, wonderfully searchable, very little rubbish returned) for “Skype for Business” (impossible to search for specific technical matters, and the site itself was blocked by most corporate web filters for the first several weeks)


Shameless plug: Qboxmail.com

We host everything in Europe and we are working hard to give all the tools necessary to work with emails. Both for resellers/companies and the end users.


Migadu.com supports unlimited domains, in case the core reason for you was having an email address with a custom domain. It is a paid service though.


After seeing Fastmail plugged here for years I finally switched and couldn’t be happier. Custom domain and everything. And… the web ui is… fast!!!


None of the answers 20 hours after post address my primary question: spam handling efficacy


Moved an account from Google Apps to Fastmail. Great experience. I moved 9GB worth of old emails.


I have switched to FastMail a few months ago and are very happy with them! Thank you.


Fast mail is awesome. And fast.


We just migrated to Fastmail.


I've decided that I'd rather give my money to someone else

Why? the less cumbersome route is to pay google.


Why would you pay a company with no support and who constantly cancels features and products? Also, why would you want an ad company reading your email to weaponize against you?


They have some support, I recently read a G Suite legacy free "customer's" chat with a Google Workspace Support person.

There is no danger of Google canceling the core services of Google Workspace (email, calendar, Drive).

Google has never scanned G Suite/Workspace email for ad targeting and stopped doing it for email entirely in 2017; the ads in Gmail are targeted based on other information Google has (e.g. search history).

There are good reasons to not pay for Google's service, the above are not any of them.

Since Google has stated they're going to create an option for small, non-business G Suite legacy free customers, there's no rush for those people, who have been using it 10+ years, to get off it before they see what that option is.


I've paid, and have already accessed support three times since with great success and good response times. I was quite surprised actually considering all the horror stories I'm reading here.


If you pay you do have support and they do not analyze your email.


Fastmail.


Outlook.com O365 is good


Fastmail!


Fastmail


I would recommend hey.com


I'm switching away from hey.com at the end of my term. It's not a bad service, but the UI is absolutely inflexible. The absolute worst feature for me is that the sorting of your inbox (I guess I mean "Imbox") is based the time you first accessed the email. There's no straightforward way to sort by the date the email was actually sent. I asked the support group if there was ever going to be an ability to sort by anything other than the quirky default sorting they've chosen but my query received no response.


This is a shame. I was waiting for some reviews of Hey. The idea is great. And its from a company with great experience in UI. It's early days I guess.


Your ISP and a raspi running pine.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: