I use a different email address for every service. About 15 years ago, I began getting spam at my diversalertnetwork email address. I emailed DAN to tell them they'd been breached. They responded with an email telling me how to change my password.
I guess I should feel lucky they didn't try to have me criminally prosecuted.
During a property search for rentals in the UK I created a throwaway alias email (to my regular account) as I did not really trust them with my data.
This was not for those requiring me to provide credit check papers and name of children (!! yes, you read it right, name of children!) at the very first contact in their web form just to start conversation about if there is viewing ability or not, and then perhaps schedule one. No. Those were avoided completely (despite the desperate property market for renters, I am not that desperate: eventually we left the UK in a big part because of property troubles). Two of those were reported to the relevant authority (one case got confirmed after several months, but still pending after more than a year. The other sank, apparently. My trust in the UK institutions is not elevated). There were more than two requiring full set of data on the prospective viewing candidate.
The throwaway email was for the ""reliable"" ones. The trusted names. Or those without over-reaching data collection (one big name, Cheffin, one of the reported one, had over-reaching habit).
Having a throwaway alias proved benefitial. From zero spam to my email suddenly spam started to arrive with about 4 / week frequency. Kept coming until the alias got disabled. Cannot tell which was the culprit, only have a shortlist based on timing. But that never ever elsewhere used email somehow got to fraudster elements from the few UK property agent organizations I contacted. In very shor time (few weeks).
I've had multiple "big companies" leak my randomly generated email addresses. I create a unique one for each such account, like say my airline frequent flyer account for delta, and I've had several of those leak.
blah1381812301.318719@somedomain.com would never be guessed.
A few ways I've heard about - DuckDuckGo.com has a system that generates a random email address on their domain where you can request "a new email address" whenever you need one; you request a new alias and they create a permanent mapping to your real address from that new address. Then mail sent to say Foo-Bar-Hotdog@duck.com goes to you, duck remembers the mapping that this goes to your address. You can reply back and duck handles the anon mapping.
Or you can have a catchall email address on your own domain, where anything sent to any alias on your domain gets forwarded to your own address. Then hamburger@myDomain.com and mcdonalds@myDomain.com goes to your real private address. you don't have to set it up. Anytime you join a new service, say reddit, you tell them your address is "reddit@myDomain.com".
All of these have a level of pain associated with them. And they aren't that private. The government could no doubt get a court order to pierce the obscured email addresses.
There's proton email and many others. All of these are too painful for most people.
I have wondered if people who want to be really secret set up a chain of these anon mail forwarding systems.
Theoretically, the easiest way is to use a sub address (more commonly/colloquially known as email aliases or plus addresses, they're described in RFC 5233). You should be able to add a separator character (usually a plus, sometimes other characters instead/in addition) and arbitrary text to your email address, i.e. "myemail+somecompany@example.com" should route to "myemail@example.com"
In practice, this works about 95-99% of the time. Some websites will refuse the + as an invalid special character, and the worst of the worst will silently strip it before persisting it, and may or may not strip it when you input your email another time (such as when you're logging in or recovering your password).
I also suspect spammers strip out subaddresses frequently, very little of the spam I receive includes the subaddress.
So the only 100% reliable way is to use your own domain, but you don't need to run your own custom mail server
Proton let's me bring my own subdomain for those random emails and does a pretty good job of tracking which email is given to whom, and also supports hiding your email even if you want to initiate the email contact, not just reply (plus scheme in mail address doesn't allow this). Otherwise you can also use their domain too, to stay fully anonymous.
If you’re on Gmail, there’s “plus addressing” - this allows you to append any term after your email - and then sort accordingly.
So if your Gmail is foo.bar@gmail.com you can use foo.bar+servicename@gmail.com and the mail will still end up in your mailbox. Then you can create a rule that sorts incoming mails accordingly.
ipaddr|10 days ago
mihaaly|9 days ago
The throwaway email was for the ""reliable"" ones. The trusted names. Or those without over-reaching data collection (one big name, Cheffin, one of the reported one, had over-reaching habit).
Having a throwaway alias proved benefitial. From zero spam to my email suddenly spam started to arrive with about 4 / week frequency. Kept coming until the alias got disabled. Cannot tell which was the culprit, only have a shortlist based on timing. But that never ever elsewhere used email somehow got to fraudster elements from the few UK property agent organizations I contacted. In very shor time (few weeks).
kwanbix|10 days ago
Alive-in-2025|10 days ago
blah1381812301.318719@somedomain.com would never be guessed.
herzzolf|10 days ago
kolinko|10 days ago
maximus-decimus|9 days ago
zipping1549|9 days ago
vaylian|10 days ago
nicce|10 days ago
Alive-in-2025|10 days ago
Or you can have a catchall email address on your own domain, where anything sent to any alias on your domain gets forwarded to your own address. Then hamburger@myDomain.com and mcdonalds@myDomain.com goes to your real private address. you don't have to set it up. Anytime you join a new service, say reddit, you tell them your address is "reddit@myDomain.com".
All of these have a level of pain associated with them. And they aren't that private. The government could no doubt get a court order to pierce the obscured email addresses.
There's proton email and many others. All of these are too painful for most people.
I have wondered if people who want to be really secret set up a chain of these anon mail forwarding systems.
everybodyknows|10 days ago
flaminHotSpeedo|9 days ago
In practice, this works about 95-99% of the time. Some websites will refuse the + as an invalid special character, and the worst of the worst will silently strip it before persisting it, and may or may not strip it when you input your email another time (such as when you're logging in or recovering your password).
I also suspect spammers strip out subaddresses frequently, very little of the spam I receive includes the subaddress.
So the only 100% reliable way is to use your own domain, but you don't need to run your own custom mail server
hks0|9 days ago
So far I've been happy. I hope I'll stay happy.
zeeed|10 days ago
So if your Gmail is foo.bar@gmail.com you can use foo.bar+servicename@gmail.com and the mail will still end up in your mailbox. Then you can create a rule that sorts incoming mails accordingly.
Lord_Zero|10 days ago