My last post on the importance of moving away from Gmail unexpectedly gained traction, so I thought about posting a follow-up guide. For reference, here is my last post on why you should stay away from your free @ gmail.com account. If you haven’t already, it’s worth a quick read to understand the why.
The approximate steps to set everything up are listed below:
- Register your own domain name
- choose your email host
- configure your domain name records (DNS records)
There are many good areas msame registrars. Personally, I have a good experience with Pork bun and Nompas dear. Other registrars you may want to consider are Cloudflare, Gandi Where Last name. Try to stay away from GoDaddy if possible for reasons – I’ve heard less good experiences with them anecdotally. The cost of the domain name should be around 10 USD per year. When looking for a registrar, look for one that offers free Whois Privacy. This should be a standard feature included. When you register your domain, you are required to enter real information such as your full name and address. Whois confidentiality hides this information from the public and essentially acts as an intermediary when someone needs to contact the owner of the domain name.
Once you’ve registered it, there should be a setting to automatically renew your domain name. This is important, please activate it!
If you forget to renew your domain name and end up losing it, you lose your email and potentially access to all accounts associated with it. Even big companies like Google may forget to renew its domain name. Fortunately, most registrars will send you multiple reminder notifications when your domain is about to expire.
By the way, I would also encourage you not to use any identifiable information like your real name in your domain name, just as a good measure of privacy.
There are few important factors to consider when choosing an email host. Price, confidentiality and friendliness. Keep in mind that your mail server must be trustworthy. In theory, all mail servers, including Gmail, will be able to receive and read your emails, unless they are end-to-end encrypted.
- Gmail (Google workspace) the interface has probably the most familiar interface and costs around $ 6 / month
- Protonmail has a strong emphasis on maintaining privacy and security and will cost you around € 8 / month
- TutaNota is also focused on privacy but has a small development team although it is much more affordable at 1 to 2 € / month
- As an option, if you have the technical knowledge and want to host your own mail server, you can try something like docker-mailserver and manage the processing of your e-mails yourself.
An important feature to look for is support for catch-all emails.
This allows all emails sent to your domain name to be routed to a specific email address. This means that you can sign up for websites with emails like firstname.lastname@example.org, email@example.com or firstname.lastname@example.org and you will receive them all.
We will see how to configure this with TutaNota specifically, but for reference I’ve also included official host-specific links for how to set up DNS records and catch-all emails.
Usually the purpose of setting up records is for the mail host to verify that you own the domain name. This is usually done by forcing you to add a TXT type record with a specific value. The second step is then to add an MX (mail exchange) type record that indicates to the servers where your email host is located.
Depending on the host, they may also ask you to set up additional recordings. These are primarily for security and privacy. These recordings (SPF, DKIM and DMARC) help ensure that other people cannot claim to be sending email using your domain name. As a best practice, it’s a good idea to configure these as well – and it usually doesn’t take long.
To get started, go to Settings> General settings> Add custom domain / catch all
Enter your domain name and press next.
In the next screen, there will be a TXT record verification to verify that you are the domain owner. It should look something like below (your t-verify value will be different).
To add this record, you want to connect to your domain name registrar. It should be under something like Settings> Manage Domain Name> Manage DNS Records. On Porkbun it’s here:
Now add this TXT record. Your t-verify value will be different. Make sure to copy and paste the displayed value from the TutaNota client.
Back to configuring TutaNota, it will ask you if you want to add email aliases. Adding an email alias allows you to send your email from a specific address. It is useful when you have registered on a website under a certain email address and want to verify your account by sending an email from that specific address. For now, we can skip this step.
The last step is to add all the other DNS records (related to MX, SPF, DKIM, DMARC). On the registrar’s site, when you add the record, you will need to specify (1) type (2) host / name and (3) value. Go through each of the items below and add them one by one. Your values will be different from what you see below, so copy and paste what’s on your screen.
DNS records take a long time to take effect, called DNS propagation. You can click refresh button until you get all the check marks. Once done, tap Done.
Now go back to Settings> General settings and under your domain click on the ellipse button and tap on “Set capture of all mailboxes”. If you set your catch-all email address to the free @ tuta.io email, there is no additional charge. For 1 € / additional month, you can set your catch-all email to a specific address with your domain name (Settings> User management> Add user). After that, you should be ready now. You can test it by sending an email to any @ yourdomain.com prefix.
Congratulations, you are ready!
Now you really own and control your email. If you have any questions or encounter any issues along the way, please leave a comment and I will do my best to help. Hope this has been helpful.