Hacker News new | ask | show | jobs
by bennylope 2564 days ago
I do this with Fastmail, including specialized subdomains to help me segment the addresses and then distinct email names for each sign up as necessary.

You can also do something similar with Gmail (and probably other providers) using "+" in your username, e.g. "myname+hackernews@gmail.com". This creates a unique email address that delivers to your Gmail account as if the "+<whatever>" were absent. This is more easily defeated if you're a moderately motivated spammer.
2 comments
kps 2564 days ago
If you run your own email, you can catch the moderately motivated spammer: use a character other than + as the segmenter, and a honeypot +.

  <me+some-thing@example.com>
  <me+some-other@example.com>
Here, ‘-’ is the segment character, <me+some@example.com> is the actual delivery address, and <me@example.com> triggers an immediate block.
link
mehrdadn 2564 days ago
> <me@example.com> triggers an immediate block.

This doesn't work. I've seen legitimate companies just strip everything from the + onwards.

link
TeMPOraL 2564 days ago
Well, "legitimate". There's no legitimate reason for a company to remove anything from user-provided e-mail address.
link
mehrdadn 2564 days ago
Legitimate reason != legitimate company
link
TeMPOraL 2564 days ago
Doing something like this is extra work, implying the company in question has either some malicious intent (e.g. spamming, or sharing data with third parties behind users' backs), misguided (e.g. thinking this is a proper way of dealing with user account spam), or just don't give a damn. Either one of these cases reflects badly on such company.
link
mehrdadn 2564 days ago
You can reflect it however badly you want, I'm just saying these weren't companies most people would consider shady or cutoff business with over this issue.
link
h1d 2564 days ago
Using + isn't the best method as some services just won't allow having + sign in the email address (probably shitty email address detection) and of course spammers can simply strip the alias parts and send you mail.

You'd have a better luck with *@user.your.domain if you can give each user a unique domain.

link
ghostbrainalpha 2564 days ago
Are you suggesting buying a new domain for each email address? That could get extremely expensive to maintain.

I bought a single domain @MyEmail.org, and create a new user for each site I sign up with that forwards to my gmail.

1@MyEmail.org, 2@MyEmail.org, 3@MyEmail.org etc...

link
h1d 2564 days ago
No. Your case works for a single person but for more people on a single domain, you would want to do,

service1@me.your.domain service1@dad.your.domain

(Instead of me+service1@your.domain)

service2@me.your.domain service2@mom.your.domain

and so on. So, those services have no way of fooling you by tampering with the alias parts.

But of course this isn't easy unless you roll your own mail server.

link
ghostbrainalpha 2564 days ago
Thanks for the breakdown. I didn't think about using Sub Domains!
link