I own a .net domain but recently I was able to get the domain that I originally wanted to own. I wanted move over to the new domain for my email which was the only thing I was using my .net domain for.
I only had two email under that .net domain which is just for looking for work and my personal for “buying” games.
What are the ramifications of letting someone else own my domain in the future? (Mostly talking about email)
-
You can’t receive those emails anymore.
-
Someone else can.
When I opened my business there was a company that made Android apps that had the same name. They since closed and I own the domain. I still get their Facebook and play store emails. I have tried to stop emails from both but that appears to be impossible.
Recover the accounts and close them?
Might be illegal
If the company is gone now then, I guess it would harm whoever bought the rights to the apps or the name? In which case they can contact that entity to sort it out
-
The purchaser of that domain will be able to send and receive email from your addresses.
The biggest concerns here are probably:
- The new owner taking over accounts that use the old email (either via password reset or email or by contacting support).
- Sensitive personal information intended for you being sent to the new owner.
- Someone spearphishing people you know from your old email address.
The purchaser of that domain will be able to send and receive email from your addresses.
Wait wait wait, DKIM doesn’t solve this???
The owner of the domain owns DKIM. It offers no protection against that.
The only actual protection would be PGP because it provides your key as an identity rather than the domain itself.
Nope, DKIM is tied to the domain and DNS.
Someone registering the domain would be able to receive any email sent to any address under this domain, including password resets.
Can confirm. I still get mail to the previous owner.
In the worst case, the new owner could create the same email account and try to supplant your identity. I think it is very unlikely, but I would not risk and keep the domain for a couple of years, at least, to be sure.
I defo agree. Keep the domain for a few years, with the email server up still, but flag any emails from the server so you can go through and unsubscribe/change emails on anything using the old address.
There was an example of an ethical hacker that bought up old email-domain names of police offices, city councils (name of city changed due to Mercer) and so on. He received quit a few mails with quite sensitive data.
