Leaving Gmail for Mailbox.org

Fastmail is kind of a weird service. If you stop paying they release your email for someone else to take over. Pretty unacceptable this day and age.

That is 100% unacceptable.

How's that different from any other provider?

This would be easily solved for customers who care about it by allowing you to pay a one-off fee to reserve the name for ~100 years.

Or they could just absorb that.

Any idea why it works that way? Have they offered an explanation?

I'm a Fastmail customer but I've never noticed this because I use my own domain.

I use Fastmail with my own domain. I am not sure of the logic that says paying $60/year for email is fine, but $8/year for a domain is a bridge too far.

Do that, it's a non-issue, though I do agree with you that it shouldn't be a thing (or at least have like a multiple year embargo on the address).

Most prevent your username/email from being reused but restrict access or storage. From what I've seen, the delay often ranges from 30 days to years (but not guaranteed).

At the very least it's weird when you consider their privacy focused marketing and the fact that it costs them like nothing to delete the data but mark that email taken.

It is easier to change MX records for your personal domain.

I really wish all mail providers made it easy and seamless to bring your own domain (or register and manage one in the background for you, without you having to care for the details). Obviously giving a service-tied email domain to users is a great lock-in strategy. But it's worrying that so many people have a big part of their online identity tied to Google.

(You can even sign up for a Google Account without GMail, using a third-party domain. And this is distinct from Google Workspace, or whatever they're calling it today. You get a normal, regular, personal Google Account, just without GMail and using your own non-gmail.com address.)

Any provider with a free tier doesn’t have the issue so that covers a lot of them

Domain names work the same way -- once you stop paying for it, someone else can buy and use it.

Do you have the same problem with domain names? If so, how would you propose to fix it?

That's incredibly dishonest reasoning. Are you seriously telling me that unless people have a solution for fixing DNS, commercial email should be free to hand out used email addresses? Seriously?

Isn't it more like fixing whois than fixing DNS? It's the name registration part while "fixing DNS" seems like it carries a lot of additional baggage that doesn't map to the "service username" space.

not if you use your own domain they don't.

When you move to a new house the old address becomes available for mail eventually.

At one point in the late 90s the U.S. Post Office was going to host email. Sadly, it didn’t happen.

Email is used a single factor (either because of magic links or forgot password flows), so the impact is much larger than getting your snail mail sent to someone else.

Also, whoever takes your old residence is probably not malicious (they just want the house because they want a house), but whoever takes your email address is much more likely to be malicious (as the acquisition cost is low and it scales).

So does mailbox do from OP. Just after some time, depending on which package you had. Eg after your light package expired, the address is free for reregistration after 90 days.

I find it "meh" as well.

The trick is in never ever touching the username@paid-main-provider.tld to give out to anyone. It's just for logging in.

My mailbox.org username is literally three random short Engish dict words concatnated by underscores (e.g jet_sit_gill@mailbox.org) just to ensure I'd never share that email with anyone. I only use my domain's email addresses. This way there's ZERO lock, zero fear of them giving my email to someone else and staying with the domain provider for a day longer than I have to.

For email addresses on others' domains here

- icloud.com came with the devices (I honestly have not thought about what happens to these if I have zero Apple device at one point in future :D)

- tutanota(barely ever used; just to support them I paid until they removed the 12/year plan)

- protonmail, and sdf.org (ARPA)

All of these at least let me hold on to the email address even with little resources when I stop paying or have an unpaid a/c. So little risk of email goign to someone else. And I never use these for anything important anyway.

For temp emails - duck.com, HideMyEmail (stopped using this one for new accounts though).

Yes, I use Google (that's rare; when I 'must' must) with a icloud.com temp hidemyemail address created Google a/c.

You don't have reserved/registered post bags (with a identifier at a certain post office) in your country? Or not available to individual users?

I don't think that's true. Some years ago I did a free trial with them (did not pay anything). More recently I decided to actually sign up (for a paid account) and the email address I used for the free trial years ago was not available. I eventually got that username only after contacting support and giving them the date on which I started that free trial, to prove it was me.

This way - many different providers either lock that username away and throw the key (even you can't get it again; some give you the key instead of throwing away but no space in their home until you pay again) and some just graciously offer a free plan with that address whith little or barely any resources (which is actually great and very generious of them). Which ones? Google around and you shall find.

> Do that, it's a non-issue

I think the issue is why use an email provider that has designed such a glaring security hole into their system? Does it not raise questions about their judgment in other matters that are less visible to the user?

First, it’s not been established that they do have that security hole. Someone upthread said the email address they used during a fastmail trial was no longer available when they tried to sign up later because they didn’t want to give out the address again.

Second, and I don’t know how much weight this carries - but I personally know some of the people on the Fastmail team. They’re some of the most thoughtful, steady engineers I’ve ever met. Every time I’ve criticised something about Fastmail to my friends there, it turns out they’ve had the same discussion internally and immediately tell me about a bunch of arguments I hadn’t thought of which explain their final product choices. I wish much more of my software was made at companies like that. They have excellent judgement. They’re absolutely the right kind of people to host a long lived email service.

Fastmail makes it super easy to bring your own domains. As many as you want even on their cheapest plan.

This does not appear correct. I lost my original account in 2013 and the handle is extremely unique, and I just tried to reregister it, and it won't allow it. ("Sorry, [redacted]@fastmail.fm has already been taken.")

Are you sure you didn't confuse domains? My original handle is on fastmail.fm, but it will let me register that on fastmail.com.

Sure.

Now that you've said what you wanted to say about how dishonest the question is, would you like to either answer it or explain why the analogy fails to hold?

Are you the type of person who thinks it's okay to dump garbage on your neighbor's lawn because governments haven't been successful at stopping pollution? Because that's the extract same rhetoric you're using.

It's OK that you don't want to answer the question.

Using domain for identification carries a similar risk though? If for whatever reason you stop renting the domain somebody else can rent your identification. You are not locked into an email provider but you are locked into a rented domain and the whole domain marketplace rules, by extension. At least with most email providers your email address is not supposed to be resold (likely with fastmail too judging by the responses).

Am I missing something?

It's okay that you can't comprehend a straightforward answer.

Definitely not acceptable, sounds like not good thinking. Consumer protections might exist in the US for this.

You can find several discussions of this practice online, including people commenting that they receive email for previous holders of those ids.

The commenter above may have never deleted the alias to release it for reuse.

Reusing email addresses is pretty universally considered terrible practice. So you may want to discuss it with your friends there.

With Fastmail, creating an email alias is free, and quick -- I have dozens myself. There's good reason FM would not want these to be tied up forever.

Could the above report have lost the distinction between original, paid-for Fastmail address, and user-created free aliases to it?

I could never get my domains hosted on sdf.org to work reliably on fastmail. It had briefly worked when MX records were set up but the moment I configured for DKIM and SPF, I haven't been able to get the service back.

I will. But for everyone on this site, the real answer is to own your own domain and use that. Then your email service is just a commodity.

And now shadowbanned accounts are hurling insults [1]? Come on.

If it wasn't clear enough when you made your fallacious argument, and even after I called it out twice, issues with domain name registration has no bearing on the choice of commercial email providers handing out previously used addresses to anyone who asks. They can stop doing that today without having to break the internet for an unrelated issue or go through internet standards committees to do so.

In addition, email addresses handed out by commercial email providers are highly personal as opposed to your typical domain names. End users, who are oblivious to how any of this works, risk being victims of identity theft by having their previous address taken. Scammers can impersonate as grandchildren and steal from the elderly. They can take over online accounts that's tied to that email address. There are grave consequences to these kind of decisions.

This is obvious stuff to anyone who has an idea of what a domain name is. But I understand, you're "just asking questions."

[1]: https://news.ycombinator.com/item?id=44998990