1. "Gmail has a wildcard for the + sign as it doesn't recognize it nor any characters that follow it."
This wrong. It is well documented and called aliasing within Google. There is even a support page for it: https://support.google.com/mail/answer/12096?hl=en
Not everyone knows everything. I knew all of this, but lots of people don't.
If there's one thing I think I could change about HN, it would be that we'd be easier on people who don't know things. Many times I'll read an article about the new version of PolyDoopWerks, and be told that it's the Uber-of-OOD-builders, and have no idea what's going on.
Also called sub-addressing in RFC 5233[0] or Address Tags. Gmail is not the only one of the email providers that enables this. Yahoo, Apple, Outlook, Fastmail and others also support this. More information at Wikipedia: http://en.wikipedia.org/wiki/Email_address#Address_tags
I highly recommend Sneakemail.com and have been using them for over a decade. They let you set up keywords, like "foo", and then you can mail [email protected] (or snkmail.com, since a few sites block the former domain) and it creates an alias. On the Sneakemail web UI you can enable/disable aliases and see recent mail. An alias can forward up to 5 people or so, and when someone sends you mail, if you reply you'll reply through Sneakemail.
Of course it's also worth mentioning Mailinator.com (one-off throwaway aliases, but public) and 10minutemail.com (super-disposable temporary email addresses).
I've also been using sneakemail for at least twelve years. They also let you set up addresses with a bunch of randomly generated letters/numbers that are opaquely mapped to you, but you have to log in to do that.
The only problem is that some sites ban their domains - in particular Adafruit does this (they banned existing use of it, not just new sign ups), and their support said basically "we won't whitelist your address even though you've been ordering stuff from us for over five years".
Assuming you are trying to prevent people from creating multiple accounts on your service... keep in mind they could create e-mail forwarders at other domains, this just stops a very easy method.
Also, more importantly, this would have to only apply to a set a whitelisted domains, plenty of non-gmail systems would treat these variations as distinct addresses. So without a set of domains to apply this logic too, you could end up stopping users from registering with their own normal/actual address.
Easier to just get a custom domain and set up a catch-all account to forward to your gmail.
This way you can do [sender]@domain.com, [company]@domain.com, john1, john2, [email protected] and never run out of options. If one starts spamming you can just stop a particular [company]@domain from forwarding.
Keep in mind that catch-all accounts usually get a lot of random spam. If you're using this domain to signup for various services, at some point, spammers will become aware of it. And, they'll start sending a lot of spam to (random string that spammer comes up with)@your-domain.com.
I'm sorry, but I've grown to hate this feature. I keep receiving emails from accounts I didn't sign up for, only to discover the person (with a similar name) used an email address like "[email protected]" or "senordevelopez" and the site itself defaults to "gmail.com". These are not off-the-wall websites, I've had long conversations with Netflix and a satellite TV service. You'd be surprised how many website do not authenticate the email account given.
I have found a few sites reject the + in gmail addresses. I also suspect most DB (or wannabe spammners) would know about this and remove anything after the + sign. Same goes for the "." trick. Still good to know though.
I'm now using Blur (https://www.abine.com/index.html). Very effective so far at creating aliases pointing to my real email. Only worried on how they'll fund their operations long term.
I have an application set up with Devise handling authentication for me and Devise allows me to create multiple accounts with the same email address. Considering how commonly used Devise is for setting up a site with Ruby on Rails, this is a huge open hole for a lot of websites who might not appreciate multiple user accounts tied to the same email.
It kinda bugs me when people describe +foo as a "gmail trick". That type of addressing predates gmail, and exists outside of it still. In fact the plus is not the only form of this. qmail uses the dash, and postfix allows you to configure anything as a separator.
I'm using the '+' for automating email tests - using that and Gmail's API I can set up asynchronous tests against unique email addresses, and test them as they arrive. This is a crucial part of integration testing with partner companies.
I've run into a situation where I was able to sign up using the + in the e-mail, but not login (or unsubscribe from their newletter) with the same address.
I just use mailinator. No charge, no hassle, you don't have to set it up first. Half the time I don't even end up checking it. So far I don't really have a use case for plus addressing.
I never understood why people rely on the + trick to determine the source of new spam. Wouldn't a smart spammer / list-seller simply strip the suffix from all @gmail.com addresses?
I've thought the same thing since I encountered this trick a few years back. My guess is that most email providers don't allow the use of a "+" in the address and as a result its viewed as a fringe case and not accounted for.
[+] [-] PinguTS|11 years ago|reply
1. "Gmail has a wildcard for the + sign as it doesn't recognize it nor any characters that follow it." This wrong. It is well documented and called aliasing within Google. There is even a support page for it: https://support.google.com/mail/answer/12096?hl=en
2. Even that is documented: https://support.google.com/mail/answer/8158?hl=en
3. Even that is documented: https://support.google.com/mail/answer/159001?hl=en There are also a lot of ccTLDs that Google has for Gmail. Also those will work.
[+] [-] danielweber|11 years ago|reply
If there's one thing I think I could change about HN, it would be that we'd be easier on people who don't know things. Many times I'll read an article about the new version of PolyDoopWerks, and be told that it's the Uber-of-OOD-builders, and have no idea what's going on.
[+] [-] pyderman|11 years ago|reply
[+] [-] joezydeco|11 years ago|reply
[+] [-] jfoutz|11 years ago|reply
[+] [-] diggan|11 years ago|reply
[0] https://tools.ietf.org/html/rfc5233
[+] [-] pyderman|11 years ago|reply
[+] [-] aiurtourist|11 years ago|reply
Of course it's also worth mentioning Mailinator.com (one-off throwaway aliases, but public) and 10minutemail.com (super-disposable temporary email addresses).
[+] [-] ryan-c|11 years ago|reply
The only problem is that some sites ban their domains - in particular Adafruit does this (they banned existing use of it, not just new sign ups), and their support said basically "we won't whitelist your address even though you've been ordering stuff from us for over five years".
[+] [-] darkstar999|11 years ago|reply
[+] [-] pyderman|11 years ago|reply
[+] [-] dkopi|11 years ago|reply
[+] [-] voidlogic|11 years ago|reply
Also, more importantly, this would have to only apply to a set a whitelisted domains, plenty of non-gmail systems would treat these variations as distinct addresses. So without a set of domains to apply this logic too, you could end up stopping users from registering with their own normal/actual address.
[+] [-] ch4s3|11 years ago|reply
[+] [-] maxmcd|11 years ago|reply
[+] [-] SippinLean|11 years ago|reply
This way you can do [sender]@domain.com, [company]@domain.com, john1, john2, [email protected] and never run out of options. If one starts spamming you can just stop a particular [company]@domain from forwarding.
[+] [-] sinatra|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] jj00|11 years ago|reply
[+] [-] kevin_thibedeau|11 years ago|reply
[+] [-] pi-err|11 years ago|reply
I'm now using Blur (https://www.abine.com/index.html). Very effective so far at creating aliases pointing to my real email. Only worried on how they'll fund their operations long term.
[+] [-] palehose|11 years ago|reply
[+] [-] thrownaway2424|11 years ago|reply
[+] [-] penguat|11 years ago|reply
[+] [-] gohrt|11 years ago|reply
If only we stuck to a few good ideas instead of overwhelming ourselves and each other with bad ideas.
[+] [-] amouat|11 years ago|reply
[+] [-] lost_name|11 years ago|reply
[+] [-] cfontes|11 years ago|reply
[+] [-] sp332|11 years ago|reply
[+] [-] sethrin|11 years ago|reply
[+] [-] pyderman|11 years ago|reply
[+] [-] paulrr|11 years ago|reply
[+] [-] mbertrand|11 years ago|reply
[+] [-] danielweber|11 years ago|reply
There are researchers who make brand-new addresses and put them in various places as a tripwire for spam.
[+] [-] jpalomaki|11 years ago|reply
[+] [-] tzury|11 years ago|reply
However, I Noticed spammers have learned the trick and omit the "+..".
[+] [-] kps|11 years ago|reply
1. Configure a different character, e.g. ‘-’, as your subaddress separator.
2. Set up ‘[email protected]’ as a spam trap.
3. Set up ‘[email protected]’ as an email address.
4. Provide ‘[email protected]’ externally.
[+] [-] rMBP|11 years ago|reply
[+] [-] Thesaurus|11 years ago|reply
[deleted]