Ask HN: Setting up custom domain for email

1•agent008t•8mo ago

Following up on earlier thread about what setup to use for main email account. Consensus appeared to be 'Get a custom domain (e.g. with Cloudflare) and use it with e.g. Fastmail'. The plan is to then make that email address the cornerstone of my online security, use it for password manager recovery etc.

The domain registrar and the email hosting then appear key to the whole security model – if they are compromised, all other accounts are.

So I'm trying to work out the details of how to go about it.

E.g. which email should I use with the registrar to buy the domain? Some throwaway one, which I then change to the new domain I am purchasing in a circular fashion once it is set up? Is that a good practice, or too risky for recovery should anything go wrong?

If I use a separate email address to buy the domain, then seems that email becomes crucial to the security of it all and then why even bother with paying for the domain and Fastmail etc. if I am relying on some pre-existing email account?

I'm probably way overthinking it, but since I'm working on this at all and the stakes are rather high I'd like to set things up properly, for decades.

The goal is to achieve reasonable security against: 1. Attacks that are not highly sophisticated or targeted 2. Getting arbitrarily locked out by Gmail etc., potentially then losing access to other important accounts 3. Me locking myself out by forgetting some secret

It seems surprisingly difficult to find a best practice guide for this scenario, how to set up a password manager with it, which recovery information/backups to keep offline etc. Information I find is either too vague or overly involved (after all I don't want to dedicate all my time to maintaining security, just want a reasonable setup). Any practical advice appreciated!

Comments

koakuma-chan•8mo ago

> Consensus appeared to be 'Get a custom domain (e.g. with Cloudflare) and use it with e.g. Fastmail'.

Huh, that's literally what I do!

> E.g. which email should I use with the registrar to buy the domain?

Not saying you should do this, but I use a fastmail masked email address as my Cloudflare email address.

> use it for password manager recovery etc

The cool thing about fastmail is that it has an integration with 1Password where, if you need to register at a website, you can quickly generate a masked email (e.g. cool.boat1337@fastmail.com) via the 1Password extension at the same time you generate the password. It's reaally nice.

agent008t•8mo ago

By 'fastmail masked', you mean an email on the fastmail domain, right? I.e. something123@fastmail.com? So that if there is a problem with your domain, you can still login to your registrar even if they want to say verify your identity by sending a code to your registered email address?

koakuma-chan•8mo ago

Yes. Fastmail has a feature that allows you to generate masked email addresses, e.g. "funny.hat123@fastmail.com" (also known as temporary email addresses). Emails sent to these addresses still arrive in your inbox, but you can easily block them any time. They are suitable for making accounts at garbage websites, so that you can block their spam any time. In fastmail though those email addresses are permanent (they won't disappear on their own after X minutes or anything like that).

Anthropic: Latest Claude model finds more than 500 vulnerabilities

Brooklyn cemetery plans human composting option, stirring interest and debate

Why the 'Strivers' Are Right

Brain Dumps as a Literary Form

Agentic Coding and the Problem of Oracles

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Show HN: I built a <400ms latency voice agent that runs on a 4gb vram GTX 1650"

Penisgate erupts at Olympics; scandal exposes risks of bulking your bulge

Arcan Explained: A browser for different webs

What did we learn from the AI Village in 2025?

An open replacement for the IBM 3174 Establishment Controller

The P in PGP isn't for pain: encrypting emails in the browser

Show HN: Mirror Parliament where users vote on top of politicians and draft laws

Ask HN: Opus 4.6 ignoring instructions, how to use 4.5 in Claude Code instead?

We Mourn Our Craft

Jim Fan calls pixels the ultimate motor controller

Exploring a Modern SMTPE 2110 Broadcast Truck with My Dad

AI UX Playground: Real-world examples of AI interaction design

The Field Guide to Design Futures

The Other Leverage in Software and AI

AUR malware scanner written in Rust

Free FFmpeg API [video]

Are AI agents ready for the workplace? A new benchmark raises doubts

Show HN: AI Watermark and Stego Scanner

Clarity vs. complexity: the invisible work of subtraction

Solid-State Freezer Needs No Refrigerants

Ask HN: Will LLMs/AI Decrease Human Intelligence and Make Expertise a Commodity?

From Zero to Hero: A Brief Introduction to Spring Boot

NSA detected phone call between foreign intelligence and person close to Trump

How to Fake a Robotics Result