Email forwarding to avoid single point of failure

[JohnB]

It occurs to me that far too much of my online life is beholden to my gmail address, with all my online accounts pointing there. If it were ever compromised, a flurry of password resets could leave me wide open. A solution would be to change them to account@*******.org.uk and just forward the emails to gmail, and just change the diversion if gmail fails. (Gmail also plan to sign up to AMP, which sounds like a recipe for singing/dancing emails which I'd hate too, so I might want a new client anyway) I have a protonmail account, which is more encrypted, but again a point of failure.

My vanity domain ******.org.uk is registered with a friend for 6 more years, and I use dnsexit to handle the dns work, currently just pointing to a second friend who kindly hosts my vanity website. They would charge $12/pa to provide the email forwarding.

Does this sound a good plan, is there a better or cheaper solution?

[didds]

Imay have misunderstood you so bear with me if so

What is doing the redirect from X@Y.com to X@gmail.com? a web domain host interface? Or a sendmail/postfix/whatever server with suitable rules?

Why not instead of "send here if gmail is down" config just forward each email to both the gmail account and a secondary one. it may mean you need to visit the second one on occassion to clear it out, or maybe have some config that deletes all mail after a month (or whatever time frame).

?

didds

[JohnB]

Its a feature of the mail server (technically the DNS entry has a MX record pointing to a SMTP server which does the forward)

The reason to worry is not that Gmail might be down, but that it could be compromised, either individually because you let your password slip, or global security breach. Then a black hat logged into your gmail account reads your mail to see the sites you use, goes to them and triggers a series of password reset messages, logs in, changes to a new email address and steals your money.

With a redirection, you can divert all those reset messages away from gmail with one action, leaving the black hat isolated.

Also, Google could just switch off their service, or hold their users to ransom. Unlikely, but possible.

[didds]

do you control the DNS?

then just add a second MX record to the other smtp server. "weight" the two servers such that gmail is higher than the other (eg 10 for gmaiul, 20 for other)

then if gmail is down the seocnd smtp server will be aitomagically used. Ifr you want to circumnavigate gmail, then either rmeove that MX record or change its record to be lower than the other

??

didds

[Infrasonic]

Its a feature of the mail server (technically the DNS entry has a MX record pointing to a SMTP server which does the forward)

The reason to worry is not that Gmail might be down, but that it could be compromised, either individually because you let your password slip, or global security breach. Then a black hat logged into your gmail account reads your mail to see the sites you use, goes to them and triggers a series of password reset messages, logs in, changes to a new email address and steals your money.

With a redirection, you can divert all those reset messages away from gmail with one action, leaving the black hat isolated.

Also, Google could just switch off their service, or hold their users to ransom. Unlikely, but possible.

I'd say the weaker link in the chain is likely to be your domain provider, as they are very unlikely to have the financial resources of a major player like Google. I once read up on how the Google data centres are run (with their own custom built hardware and fully audited firmware), Fort Knox doesn't even get close...

Microsoft have publicly stated that collectively their servers come under attack over a million times a day.

That doesn't mean they won't have issues (Amazon cloud had some problems a while back) just that they have the resources to deal with it and will have all the mirroring and redundancy built into their networks that would be financially prohibitive for the smaller players.

I have two main aggregator webmail accounts, one Gmail and one Outlook.com, plus other dedicated accounts, as well as domain and other specific addresses from smaller third party providers that all feed into the aggregators. The Gmail and Outlook.com aggregators are mirrored via IMAP or POP3 to a corresponding account from the other provider, so a 'system down' situation doesn't affect access, as well as offline email client backup in case the internet connection is lost.

You could achieve the same result just using forwarding (which would avoid the password leak issue), but if your volumes are high there's a chance you'll attract the attentions of Spamhaus or similar services and start running into IP or domain blocks.

[JohnB]

I used to have a Yahoo account as a backup mail one, but closed that after they were hacked. . In the old days you had control of the slot in your front door and trusted Royal Mail and the postman. Its hard to find anyone to trust these days.

I have implemented the solution I mentioned, but I do need to beef up my DNS provider security.

[Infrasonic]

Yahoo isn't the same as Google or Microsoft.

Yahoo have been going downhill for ages, I saw the security issues looming with them more than ten years ago, so I deleted everything off it (contacts, calendar, general emails) and just use it as a generic newsletter drop address and nothing else these days.

I think Yahoo may well have had their entire database hacked at one point or another...

[BobbyD]

Personally I would avoid having an aggregation account. It puts far too much information in a single place. Virtual aggregation using a single client to view multiple accounts means you can see all your email only if you have the device on which you view your email. Properly secure that device and I would argue you are a lot safer. Such clients are easy to come by whatever platform you use.

Remember the Barclays customer whose investments were sold and the proceeds transferred while he was off sunning himself on a beach for two weeks because he had one account which told the hacker both who his broker was and when he would be on holiday?

Yahoo isn't the same as Google or Microsoft.

May no longer be true but microsoft webmail used to disregard everything after the first 16 digits of the password.

[Infrasonic]

Did the Barclays customer use two factor authentication across all their online services that offer it?

I'm guessing not, and in all probability left a trail of ID clues all over the internet through general ignorance of the issues.

Hacking bank accounts these days requires a bit more than access to someone's email account, aggregator or not.

I use a 9 digit ID encrypted Proton Mail account for anything sensitive, but have had zero security issues with my Hotmail account since 1998 or my Gmail account since 2004.

[BobbyD]

Did the Barclays customer use two factor authentication across all their online services that offer it?

I'm guessing not, and in all probability left a trail of ID clues all over the internet through general ignorance of the issues.

He might even have sought cyber security advice on an online forum...

I'm happy you are happy with your arrangements...

[GeoffF100]

In order to reset the passwords for your online financial accounts, a hacker has to compromise the device that you use to access your online accounts. The reset passwords get sent to your email. It is dangerous to access your email from the same device that you use to access your online accounts. Use a separate device. When I recently reset a password, I got a phone call to my landline, and had to type in a number. If a hacker just has access to your email, you are at risk only until you have logged into your account and changed the password. It occurs to me that using an obvious user name is probably not a good idea. It is, however, very worrying when an account is entirely online. I feel a request to change your nominated account should be verified by snail mail.