Email aliases strategy for privacy?
I have my own domain name and the regular mailbox.org domain. All in all that gives me 75 email aliases available. I probably don’t need all of them, especially counting on the temporary ones.
Nevertheless, I’m trying to figure out what’s the best strategy to protect my privacy using email aliases. Right now, this is what I’m thinking, but I’m not convinced:
Have a name.surname@mydomain for my primary one. By primary, I may mean only personal for family and friends. Have another one nickname@mydomain for signups on website and forums I trust like Fediverse, etc. Finally, one for junk signups something like notme@mailbox.org. Indeed, for that one, I don’t want it tied to my domain name.
Then comes the question of the other ones. For example, bank accounts. I don’t trust them, but they already have my name, address, phone number and so on, and most likely "share with their partners to enhance their services" (lol). So I don’t want to give my primary one, neither my pseudo one, nor my junk one as they will be able to correlate my notme@mailbox.org with my name, and then my notme@mailbox.org is no longer anonymous… So I need another one. Maybe banks@mailbox.org (if it exists or something like that). But then come all the other signups of this type (public services accounts, public transports accounts, etc.). Should I have one for each type? How to best segregate them?
So what’s your strategy or the one you think would work best to protect your privacy using email aliases?
I’m curious.
The answer to your question depends on what specific problem you are trying to solve. From your examples I understand that you would like to know if someone (willingly or not) passed your e-mail address to a third party. Also there is the issue of correlating various login credentials, at least the e-mail as a username.
One solution would be to use mail extensions. You can add a "+" to your local part and a unique string after that. For example, use "notme+facebook.duck549@mydomain". It contains a random part so the login cannot be guessed. However, spammers know about mail extensions and can easily remove everything after the "+".
Another solution is to activate catch-all for your domain. That enables you to use the address "facebook.duck549@mydomain". Increased spam on your domain may be a downside, though.
My personal current solution for this is to use Addy.io. You can generate aliases with a single click or limit the catch-all of your domain to a regular expression. Answering an e-mail to one of the aliases hides your real e-mail address and uses the alias instead.
The answer to your question depends on what specific problem you are trying to solve. From your examples I understand that you would like to know if someone (willingly or not) passed your e-mail address to a third party. Also there is the issue of correlating various login credentials, at least the e-mail as a username.
One solution would be to use mail extensions. You can add a "+" to your local part and a unique string after that. For example, use "notme+facebook.duck549@mydomain". It contains a random part so the login cannot be guessed. However, spammers know about mail extensions and can easily remove everything after the "+".
Another solution is to activate catch-all for your domain. That enables you to use the address "facebook.duck549@mydomain". Increased spam on your domain may be a downside, though.
My personal current solution for this is to use Addy.io. You can generate aliases with a single click or limit the catch-all of your domain to a regular expression. Answering an e-mail to one of the aliases hides your real e-mail address and uses the alias instead.
I've used a combination of catch-all email addresses and sieve filters for 4+ years. I haven't (yet) seen any unexpected or increased spam.
I've also used Addy.io (currently 40% off the first year with the code on their home page) and SimpleLogin (now a Proton service), but there are other options like Firefox Relay and Spamgourmet (that last one works a little differently).
I've used a combination of catch-all email addresses and sieve filters for 4+ years. I haven't (yet) seen any unexpected or increased spam.
I've also used Addy.io (currently 40% off the first year with the code on their home page) and SimpleLogin (now a Proton service), but there are other options like Firefox Relay and Spamgourmet (that last one works a little differently).
Replies have been locked on this page!