Set Up A Custom Domain Email Inbox Using Tutanota
At the time of writing, Tutanota premium costs €12 per year. This is not a sponsored post. I just think Tutanota is a great product.
Updated 2019-08-12: Tutanota now supports DKIM and DMARC!
Why you should care
tutanota.com Is a secure email service, which handles encryption of your emails and filters spam for you. The project is open source https://github.com/tutao/tutanota, GDPR compliant https://tutanota.com/blog/posts/gdpr-compliant-email, and available on Android as well as iOS.
There are a lot of other email providers out there, too many to count. Just search them up on your favourite search engine. However, the purpose of this is to avoid the titanic email providers in Google’s gmail, Microsoft’s Outlook, and Yahoo’s… yahoo email. These are all free services, but ultimately it means that the user is being mined for their data. All of these providers allow ads into your inbox based on your data. Just like everyone is annoyed by junk mail in their physical mail boxes, we should be equally annoyed by ads in our inbox.
Tutanota cares about protecting the user’s data. The servers powering it are kept in Germany (take that Patriot Act), emails are encrypted at rest and in transit, and two facter authentication is supported.
You can use Tutanota for free. But if you want to support privacy on the internet, the price of €12 per year is not too steep. Or, if you want to follow a quick guide which will help you set up an email inbox using your own custom domain, then this post is targeted at you.
Pre-amble over, the Guide
I’m going to assume you already own your own domain. If you don’t I’d recommend AWS Route53, or Google Cloud DNS. They’re both easy to use, and rock solid as DNS providers.
Sign up for an account
https://mail.tutanota.com/signup
If you are willing to pay, pick Premium. If you don’t want to pay, disregard the rest of the guide and enjoy your free, private email inbox.
Create the required DNS records
- MX record which points your domain to Tutanota’s mail server.
- fake SPF record (aas a TXT record) which allows Tutanota to send emails on your domain’s behalf.
- DMARC TXT record to help prevent senders spoofing your domain.
- DKIM CNAME records to help prevent senders spoofing your domain.
| Name | Type | Value | TTL |
|---|---|---|---|
| your-domain.com | MX | 1 mail.tutanota.de | 86400 |
| your-domain.com | TXT | "v=spf1 include:spf.tutanota.de -all" | 86400 |
| _dmarc.your-domain.com | https://tutanota.com/howto/#custom-domain | "v=DMARC1; p=quarantine; adkim=s" | 86400 |
| s1._domainkey.your-domain.com | CNAME | s1._domainkey.tutanota.de | 86400 |
| s1._domainkey.your-domain.com | CNAME | s2._domainkey.tutanota.de | 86400 |
Configure your Tutanota account to use a custom domain
- Login
- Settings > global settings > Custom email domains > add your-domain.com
- Settings > user management > Click your user > create an email alias for your new domain
Hurrah, you can now send and receive emails using your own domain. And it probably took less than 10 minutes.