this post was submitted on 21 Apr 2024
63 points (97.0% liked)

Selfhosted

39435 readers
2 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

I self host pretty much everything, but one of the services I find makes more sense to not self host is an email server.

I’ve got a few domains I’d like to have emails for, and usually I’d go for Tutanota or protonmail. But in this instance I’m looking for something dirt cheap. These domains are for a hobby club so I’m much less concerned with privacy like I usually would be. Anybody got any recommendations?

So far namecheap seems like my best option for under $8/month. They would bundle with my domain registration and I’m assuming having both on the same service would make things pretty seamless to set up.

Not crazy concerned with privacy for these particular accounts. Namecheap or similar is reputable enough.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 7 months ago* (last edited 7 months ago) (1 children)

But, regardless, blocking any registrars that size the way you’re describing would break way more businesses and hurt the recipient provider’s own reputation.

Yeah I thought that too but when speaking with the email admin that was blocking Namecheap while figuring this out they had already decided it wasn't worth trying to allow the 1% of valid emails vs the 99% spam emails they felt they received via Namecheap domains.

This honestly starting to sound more and more like a smear campaign

Smear against whom? I'm a Namecheap customer, just relaying my own experiences using them. Besides that quirk I like them fine as a registrar.. I know it sounds dumb but I even renewed my domains there even after those email issues.

It's fine, you don't need to believe me as I said it's just my own experience using Namecheap domains for emails. But you could just google around, you'll see plenty of people discussing Namecheap & looking for solutions to block them (or solutions to successfully send emails with hem).. it's not something I randomly made up if that's what you're implying.

e.g.

https://community.spiceworks.com/t/blocking-emails-based-on-registrar/816565

https://tacit.livejournal.com/608386.html

https://shkspr.mobi/blog/2021/05/why-do-scammers-love-namecheap/

https://www.reddit.com/r/NameCheap/comments/13t6fvm/namecheaps_private_email_is_blacklisted_by/

https://www.reddit.com/r/NameCheap/comments/wlb6vp/namecheap_making_it_too_easy_to_register_domains/

https://www.reddit.com/r/NameCheap/comments/tz4mkb/my_emails_are_always_going_in_the_spam_folder_of/

https://www.reddit.com/r/NameCheap/comments/ye358x/i_am_getting_a_ton_of_spam_scams_from_namecheap/

etc.

[–] [email protected] 3 points 7 months ago

The name servers themselves is not part of the equation. The commonality in all those linked are sending emails from Namecheap’s shared hosted email/website, not name servers. Sending email from shared hosted email/website is asking for trouble, doesn’t matter who you’re hosting with, because those IP range are always abused, especially with the larger providers, simply due to a larger exposure. The detection mechanism here is really simple and observable via raw mail headers by checking the Received: line. Filtering emails from this information here is a typical part of the anti-spam model. A typical implementation would be via DNSBL providers such as Spamhaus, Sorbs and alike. The solution is always to use trusted transaction email services to deliver email from the website instead.

That, however, is a very different problem than the dedicated email services like Google Workspace Gmail, because you’d not be sending from your web server’s IP address, but rather via Google’s dedicated range. As such, the Recevied: line is much less likely to yield a match in DNSBLs. Validation for these are then done via the SPF/DKIM/DMARC records on your domain, checking if your configuration permits delivery from server at the Recevied: line (look for Received-SPF) and whether or not you have the appropriate signing (look for Authentication-Results: and bits about the various stages of DKIM and DMARC).