if you use catchall and later run into spam issues, it gets much harder to get rid of it, as you cannot turn off the catchall if you don’t even have a list of aliases to still let through.
If the forwarding/aliasing service automatically creates an alias when the first email is received, then that skirts this problem, right?
I forward those emails to an address which is random. For example:
udhxhdjeiwk@example.com.
Can you elaborate on the benefit of using a random string for your secret/true inbox? Is it so that if it’s ever compromised you can just spin up a new random string as your new inbox, point all your aliases to the new one, and burn the old one?
Each alias looks like this:
company_name-[eight random character/numbers]@example.com.
Same question, how do the random characters after the company name benefit you? Is it so that if you want (or need) to continue using that particular service after a data leak, then at least you can update your profile to company_name-[different set of random characters]?
This is very helpful - thanks a lot!
Makes sense. Follow-up question: Is there any particular reason why you use the email+hfu2sb5d@example.com or email+ebay@example.com as opposed to just hfu2sb5d@example.com or ebay@example.com?
If I understand correctly, the plus sign helps you see which organization has compromised your info, but the drawback of the plus sign is that a savvy spammer can figure out what your true email address is (the part before the plus sign), whereas aliases such as hfu2sb5d@example.com or ebay@example.com conceal your true email address.
Am I thinking about this correctly?
ETA I’ve also encountered sites where a plus sign in the email address is disallowed, which is another downside of the plus sign approach.
Okay, I think I’m following, thanks for the detailed explanation.
mail-eage
Nice!
Gotcha, so then without a catch-all, is it still possible to make up something on the fly or will I need to predetermine my aliases before I give them out? I guess it’s kinda rare, but I’m thinking about the odd circumstance where I need to come up with something on the spot and I’m away from my computer.
I’ve seen this approach mentioned in other threads. Where does one configure catch-all, is that in the settings for the mail provider or the domain registrar?
Going forward, this approach checks out, but I’m also looking to unfuck my existing accounts. Beginning to think a custom domain is the way to achieve that.
I see the problem now; however, if the aliasing tool has regex matching (and the matching pattern is hard to guess), then I believe that solves the problem of keeping spam out while enabling automatic creation, would you agree?