14·
7 days agoLike basically all cloud providers, Oracle publish their public-facing IP address ranges.
https://docs.oracle.com/en-us/iaas/Content/General/Concepts/addressranges.htm
Many services block these because, as you are pointing out, standing up VPN tunnel routing on a cloud instance is sort of trivial. Cloud providers publish these ranges specifically so anyone can block them easily. If lemmy.world is not blocking Oracle Cloud already, it’s only because they just haven’t come around to it.
If you only ever use services that let you sign up with arbitrary addresses, then sure, you gain resilience against mail provider shenanigans at the expense of exposing a non-agile identifier — the domain name you bought — to any third party you provide with an address.
However, in a confused attempt to stamp out single-use mail services, some sites are rejecting mail addresses that don’t originate from one of the big mail providers, like Gmail, iCloud, Outlook. ‘Please provide your real mail address’, they’d say.
If you aren’t using any such service, you can use your own domain. Be wary of services that bounce messages to your “actual” inbox without rewriting the involved addresses (Cloudflare offers something like this, I don’t get why though), as that can lead to deliverability issues due to DMARC.
The IAB publishes some Gmail-specific guidance on how to ‘normalize’ plus-addresses to ‘real’ inboxes, so that’s something that doesn’t really do anything for you anymore. Out of the large mail services, iCloud is somewhat notable for offering single-use addresses under the same @icloud.com domain name they use for standard addresses, without having to register extra accounts or other annoying requirements. So websites that want to lock out single-use iCloud addresses would have to block iCloud addresses entirely, which is something they’ll most probably refrain from doing.