Can someone read my E-Mail if I lose ownership of my domain?
Now if someone buys the domain and creates a mx record pointing to the his own mail server he can read all my confidential emails the people are sending me right?
If they register the domain name, they will receive all email being sent to it from that point on. They will not have retroactive access to previously sent emails. There is nothing to fundamentally prevent this.
Are there ways to prevent that or is the only option I have is to pay for the domain until I die?
You can request that all contacts to you encrypt their communications with PGP using your public key, which will prevent anyone who obtains the domain later from reading new messages, but it requires people actually use PGP, which may not be likely if you are distributing the address to average people in a business card. However, if you maintain or at least renew the domain for, say, 20 years, then what are the chances that anyone is going to seriously send an email to such an ancient address?
I asked the question on the Law Stack Exchange whether or not there would be any legal recourse to someone using your domain, and the answer was no: https://law.stackexchange.com/q/35917/15724
As others already mentioned: Yes keeping a domain name is the only way to be sure that nobody is going to receive emails sent to there.
That being said:
Just keeping a domain is often cheaper than using it
Of course everything depends on the provider, but as I understand you currently have currently more than 1 service (domain name, redirect?, email server?, hosting space?).
When your only objective is to prevent others from receiving your emails, it is sufficient to only renew the domain name, and you can avoid the costs for any further service.
Assume someone will definitely buy your domain, as domain crawlers try to lock and resell, overpriced, domain names that people forget to renew. An MX record is not required in order to have mails delivered somewhere.
Thanks to @Criggie, if an MX record is not set, the Mail Transfer Agent will try to point to the root A record for that domain and open a connection to its port 25. So, the web server responding for the new buyer must also be capable of mail server.
Now, we need to estimate the odds that someone will effectively monitor the email address(es).
In my personal opinion, unless you are a person worth to target by a human interest, the best that the buyer company will do is just crawl sender email addresses for unsolicited bulk advertising purposes, namely spam. Not to inspect the real contents.
Update: non-scientific statistics
I tried to ping 5 of the domains I owned in the past. Out of them, one has been purchased in 2015 by what looks like to be a business whose name is meaningful to domain name, and they have set an MX record. The other 4 are not existent.
Are there ways to prevent that or is the only option I have is to pay for the domain until I die?
Use a long-term grace period
That means gradually decommission that domain. Keep it for now, e.g. renew for 2 years, but perhaps establish an auto-responder (or auto-refusal) email like
Greetings,
the email address [email protected] will be decommissioned by [2 years from now]. I kindly ask you to update your address book and send the email again to [email protected].
For the privacy of both, it is important that you kindly implement this change as soon as possible
The last sentence explains the matter but is hard to understand for non-security-expert users.
I would expect emails sent to mydomain.tld will gradually decrease over time. Do not forget to update your business cards immediately and start using the new ones.
Eventually, there could still be someone, hopefully a handful, using your old email address after the grace period expires. What to do?
This is where maths come: put on a scale the total cost of lifetime ownership of the old domain name versus the economic losses that YOU will suffer in case a confidential mail is revealed to someone unauthorized. I said YOUR losses because if your customer/sender is a jerk and keeps sending sensitive material to the wrong address it may not be your business.
Comment
I don't personally like this question from the very beginning. ISPs, including the sender's, have full access to plaintext emails, some may be required by law to keep ("data retention") record for months or years. In the very end, plaintext email is not the best option to deal with sensitive contents.
Eventually, we trust major ISPs to protect our privacy. We trust them to...