I self host pretty much everything, but one of the services I find makes more sense to not self host is an email server.

I’ve got a few domains I’d like to have emails for, and usually I’d go for Tutanota or protonmail. But in this instance I’m looking for something dirt cheap. These domains are for a hobby club so I’m much less concerned with privacy like I usually would be. Anybody got any recommendations?

So far namecheap seems like my best option for under $8/month. They would bundle with my domain registration and I’m assuming having both on the same service would make things pretty seamless to set up.

Not crazy concerned with privacy for these particular accounts. Namecheap or similar is reputable enough.

  • chiisana
    link
    fedilink
    English
    37 months ago

    The name servers themselves is not part of the equation. The commonality in all those linked are sending emails from Namecheap’s shared hosted email/website, not name servers. Sending email from shared hosted email/website is asking for trouble, doesn’t matter who you’re hosting with, because those IP range are always abused, especially with the larger providers, simply due to a larger exposure. The detection mechanism here is really simple and observable via raw mail headers by checking the Received: line. Filtering emails from this information here is a typical part of the anti-spam model. A typical implementation would be via DNSBL providers such as Spamhaus, Sorbs and alike. The solution is always to use trusted transaction email services to deliver email from the website instead.

    That, however, is a very different problem than the dedicated email services like Google Workspace Gmail, because you’d not be sending from your web server’s IP address, but rather via Google’s dedicated range. As such, the Recevied: line is much less likely to yield a match in DNSBLs. Validation for these are then done via the SPF/DKIM/DMARC records on your domain, checking if your configuration permits delivery from server at the Recevied: line (look for Received-SPF) and whether or not you have the appropriate signing (look for Authentication-Results: and bits about the various stages of DKIM and DMARC).