top | item 46791653

(no title)

thinker1972 | 1 month ago

People should be using email alias. 1 unique alias per 1 uniques service and websites for proper segregation. If any of the unique alias leaked or getting spammed you'd know where the source is and blocking that specific alias would limit the breach. Theres simplelogin.io, addy.io, firefox relay, apple hide-my-email, custom domain catchall etc for that.

discuss

karlgkk|1 month ago

IMO use email providers that have that built in. Because if your alias provider goes down, you’re fucked. And considering it’s a much less stable business than an email provider, it’s more likely.

If Gmail goes down in 20 years, it will be a major occurrence. If mailgoforward.fart goes down, you’re screwed.

The advice is, as always, use a second mail address for “sensitive” providers. Use a password manager and two factor for everything. Ideally one that integrates into your phone and browser.

For traceability, most providers support a + alias syntax now. Ie foobar+baxservice@provider.com

perching_aix|1 month ago

I don't get why + addresses always come up in this. They're machine-undoable by design.

Using randomized relay addresses instead gives you an immensely higher confidence that when a given contact address starts getting spam, it is misuse stemming from a specific entity. Especially if you rotate it at a fixed time interval, cause then you can even establish a starting timeframe.

Still not perfect but it can never really be, and not even out of email's fault. As long as DNS and IP addressing rule the world, there's only so much one can do. Once identity is private-default, it becomes a secret handling problem at its core, a capability these schemes were never designed to provide.

thinker1972|1 month ago

I'd say for longevity and portability use own custom domain. Simplelogin, addy support using own custom domain. Its just $10-15 something per year. Most tld allowed max cumulative renewal up to 10 years so $100-150. Setup a yearly calendar reminder on January to renew +1 year so at any give time the domain will have minimum 9-10 years before expiring. If got hit by a bus tomorrow then 9 years should be long enough time for whatever accounts linked to the domain to rot and be useless for the next domain owner.

charliebwrites|1 month ago

> If Gmail goes down in 20 years, it will be a major occurrence. If mailgoforward.fart goes down, you’re screwed.

The technical equivalent of “if you default on a $100,000 loan you have a problem. If you default on a billion dollar loan the _bank_ has a problem.

theandrewbailey|1 month ago

I have my own domain, so I canary trap the email addresses I give out.

https://en.wikipedia.org/wiki/Canary_trap

varispeed|1 month ago

Many websites block such providers because of spam.