this post was submitted on 23 Nov 2023
162 points (96.6% liked)

Technology

59597 readers
3907 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] Engywuck@lemm.ee 5 points 1 year ago (3 children)

I have a catch-all address with a personal domain. Infinite aliases for free.

[โ€“] b000urns@lemmy.world 3 points 1 year ago (2 children)

Hmm๐Ÿค” I use Migadu and could probably set this up -- is this actually a good idea?

[โ€“] lemmyvore@feddit.nl 4 points 1 year ago* (last edited 1 year ago) (1 children)

A catch-all is not a good idea. But Migadu lets you do something called pattern rewrites which are aliases that can contain wildcards. So you can set up a pattern like shop-*@yourdomain.tld and use addresses like shop-amazon@, shop-etsy@ etc.

It doesn't have to be "shop" you can use anything you want and make up the pattern in any way you want ("ama.shop.zon@" or whatever you can think of).

It's better than plus addresses ("realaddress+amazon@") because it doesn't have to include your real address, and you can make a pattern that nobody can guess, but still retain the ability to use one address per site so you know who's spamming you, and you can make them up on the fly.

In fact I no longer use my "real" address for anything except logging into IMAP and SMTP, I use aliases or patterns for everything else.

Edit: If you want to also be able to send email from these addresses make sure to enable "wildcard sender" for the associated mailbox.

These addresses do have one downside similar to catch-all: if one of them starts getting spam you have to make an explicit deny rule for it. Some people contend that this is a messy approach and they'd rather make regular (non-wildcard) aliases and deny everything else. The downside with that however is that you can no longer make up addresses on the fly, you have to go to the Migadu admin to create the alias every time.

[โ€“] b000urns@lemmy.world 1 points 1 year ago

Hmm ๐Ÿค” interesting, I appreciate the qualified suggestions

[โ€“] Engywuck@lemm.ee 0 points 1 year ago* (last edited 1 year ago)

"It works for me" (C)

[โ€“] db0@lemmy.dbzer0.com 2 points 1 year ago (2 children)

Don't you also get infinite spam?

[โ€“] lemmyvore@feddit.nl 1 points 1 year ago* (last edited 1 year ago)

Spammers don't bother scanning domains as much nowadays. They used to watch domain registration then spam addresses like admin@, contact@, office@ etc. but nowadays most people aren't dumb enough to use those anymore. So spammers would rather buy a list of millions of addresses that someone else obtained by breaking into sites like Yahoo or LinkedIn, which are much more likely to be valid addresses.

You can get bitten by catch all if someone who knows you and knows your domain and knows you have a catch all has it in for you and subscribes addresses at your domain to mailing lists and other spammy places. ๐Ÿ˜Š

[โ€“] Engywuck@lemm.ee 0 points 1 year ago

Actually (and surprisingly), I don't. Maybe it's due to WHOIS privacy.

[โ€“] smeg@feddit.uk 1 points 1 year ago (1 children)

If they're all attached to the same personal domain then that's just as personally identifiable though

[โ€“] Engywuck@lemm.ee 0 points 1 year ago (1 children)

Not if whois privacy is in place.

[โ€“] smeg@feddit.uk 2 points 1 year ago (1 children)

True, signing up for several accounts using the same personal domain will create a link between those accounts though (whereas if they're all @simplelogin.com or similar then you're hiding asking the crowd)

[โ€“] Engywuck@lemm.ee 2 points 1 year ago

Maybe. However, as long as they don't know my real name/identity I don't really care. Fact is that is much easier for companies to just block known email alias services than unknown random domain. Some of them do this already. Neither method is perfect, obviously.