Most people either have too few mail inboxes or far too many. Too few means that professional, personal, and transactional mail all flow into the same place, creating both a security risk and a noise problem. Too many means a sprawl of accounts that receive varying attention, some forgotten entirely. The right number is the smallest number that gives you genuine separation between the things that actually need to be separate.
The core separation
At minimum, maintain a distinction between professional and personal mail. These should be on different domains, with different providers if possible. Your professional address is the one that appears on LinkedIn, in contracts, in public-facing materials. Neither should be a Gmail or any other free consumer service for anything that matters. An address on your own domain gives you control: if you ever need to move providers, the address stays the same.
A third inbox, kept separate from both, is worth having for low-stakes registrations. Online purchases, newsletter signups, accounts for services you use occasionally. When a retailer sells your data, it maps to an address that tells the buyer very little and affects nothing important. What you buy, where you shop: these things are worth keeping out of the same address book as your professional identity.
Defensive inboxes
If you are registering social media handles defensively, those accounts need email addresses too. These should be entirely separate from your main infrastructure: a dedicated mailbox, its own entry in your password manager, clearly labeled. They are not part of your daily workflow. They just need to exist, be secured, and be checked occasionally.
Aliases as a tool, not a system
Alias services like SimpleLogin are useful for adding separation without multiplying full inboxes. Clustering aliases by category, one for tools, one for newsletters, one for general registrations, is manageable. One alias per platform quickly becomes unmanageable. When an alias category is compromised, migrate the accounts that matter to a new address and close the old alias. That only works if you know what is under each alias.
Authentication matters
Any domain you send professional email from needs SPF, DKIM, and DMARC configured correctly. Start with DMARC in monitoring mode, p=none, to see what is being sent under your domain before you enforce anything. Once you are confident the legitimate sending is covered, move to p=quarantine and eventually p=reject. A domain with p=reject configured is genuinely difficult to spoof.
Provider choices
For anyone prioritizing privacy and control, Proton, Tuta, Posteo, and Mailbox.org are all solid choices. They take data protection seriously and are based in jurisdictions with strong legal frameworks. What matters more than the specific provider is that your primary professional address is on your own domain. Providers come and go. Your domain stays with you.