this post was submitted on 28 Jun 2024
23 points (89.7% liked)

Privacy

31823 readers
103 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I've been looking at using email aliases services, and right now I'm thinking of using Simplelogin for all my online accounts and accounts where I can change my email easily, and getting my own domain to share with people and where I can't easily update my email. It seems like I shouldn't use my own domain for online services because it would be unique and can be tracked.

I did lots of reading about this and am still wondering why someone would want to opt for catch-all domains over aliases. Catch-alls seem highly susceptible to spam and while I haven't actually done any email aliasing yet, it doesn't seem to take much effort to make a new alias if you have a plan with unlimited aliases.

all 16 comments
sorted by: hot top controversial new old
[–] [email protected] 8 points 4 months ago

I have basically the same thoughts as you. The reasons I can think of is:

  • Convenience (but SL is pretty convenient)
  • Less of a lock-in to one vendor.
  • Avoiding filters on sites not allowing aliasing domains (often incorrectly under the label "temporary email addresses")
[–] [email protected] 6 points 4 months ago* (last edited 4 months ago)

Custom domains mean that if the alias provider enshittifies, you can switch to any other provider near-instantly. As long as you never use the domains to host illegal or dodgy shit it's extremely unlikely you'll ever lose them — far less likely than losing a gmail or whatever.

With SL you can avoid spam by using the "beta" (been beta for 3+ years lol) "auto create" option instead of a catch-all, meaning that you can direct emails to different inboxes (or do nothing) based on specific regex strings you control — up to 100 of them. I had a catch-all regex (.*) as my # 100 and it took 2 years to receive catch-all fishing spam. Then I removed it and now have only random strings (e.g. .*fgyu.*) so new emails must have them if they want to get somewhere. Everything else bounces. All previous emails continue to work until you disable them individually.

I use a mix:

  • SL-domains: anything I don't give a shit about.
  • Non-PII domain: anything I would want to persist if I changed provider, but don't need my identity, or can give out a unique email in-person.
  • PII-domain: banks and all other services tied to my identity.
  • Top-Secret-PII-domain: critical services that could compromise all others (password manager, email/OS accounts, domain name registrar).
[–] [email protected] 3 points 4 months ago

I did lots of reading about this and am still wondering why someone would want to opt for catch-all domains over aliases. Catch-alls seem highly susceptible to spam and while I haven’t actually done any email aliasing yet,

I'm using catch-all since years and no spammer has ever made up a new email alias to spam me.

it doesn’t seem to take much effort to make a new alias if you have a plan with unlimited aliases.

That depends. The moment you are in a shop without your phone/email and they really want an email address you can simply write down their_company_name@your_email_domain_name for them without having to compromise anything.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago) (1 children)

Part of the reason I prefer having a catch-all on my own domain is that I can change providers without changing any email addresses. For example at the moment I run my own server, but in the future if that becomes too time consuming I can easily start paying for a service.

ETA: also I’ve never gotten any spam to a email I haven’t given out, people don’t really send emails to random names at a domain as far as I can tell

[–] [email protected] 3 points 4 months ago (1 children)

This depends if you have a website on your domain and it appears on search engines. I do and had to modify Rspamd as bots were spamming addresses like abuse@ and other dictionary words.

[–] [email protected] 3 points 4 months ago* (last edited 4 months ago) (1 children)

I use a subdomain for aliases, while my real address is at the base domain, which I suppose negates this issue.

[–] [email protected] 1 points 4 months ago (1 children)

Something like [email protected]? I have never seen an address containing a subdomain, but cool if it's actually possible!

[–] [email protected] 1 points 4 months ago* (last edited 4 months ago)

Yes, exactly. I haven’t really had any issues with any website taking the email, some people do actually have subdomains in an email for work, I know some of my teachers in school had an email like [email protected].

It also has the advantage of letting you have multiple users on your server, a couple of my family members also have their own subdomain catch-all that redirects to their own base domain address.

[–] [email protected] 2 points 4 months ago (1 children)

Both are fine choices depending on your requirements. The thing with external alias services, you are not in control of the addresses/domain. Catch-all addresses are essentially aliases you manage, but something like Simplelogin does have the benefit of hiding your domain name.

Spam is not a big deal on catch-all. A couple of times a year I do get a spam mail to some arbirtary address, but that's more or less it.

[–] [email protected] 1 points 4 months ago (1 children)

Same experience

Oh , that's cute this spammer thinks there must be an [email protected] etc

Only other downside I could think if is when my catch all cant be used to send a mail or reply.

So I do use them a lot for suppliers en services, but for registering initially and password reset. But I can't use it to contact support by mail.

Mostly I rely on forms or self service portals when I need it as a customer.

[–] [email protected] 3 points 4 months ago* (last edited 4 months ago)

Only other downside I could think if is when my catch all cant be used to send a mail or reply.

On Protonmail, I just create a new address if I need to send email from that address. Afterwards I just delete it, freeing up the address slot.

[–] [email protected] 1 points 4 months ago (1 children)

What i wanna know is why when ive linked my domaie email to outlook, does it send my emails into people's spam box

[–] [email protected] 3 points 4 months ago (2 children)

Probably related to the low quality of your communications

[–] [email protected] 1 points 4 months ago

I send the usual emails, family, images, files etc. Ive even checked with 3rd party email checkers

[–] [email protected] 0 points 4 months ago