Do you want more control over which mails end up in your inbox? Then every time you give out your email address at a site, use an alias specific for that url. It helps you to track where (and by whom) mail addresses are being used, and lets you filter or block unnecessary mails. Here’s how:
How to generate a limitless number of email aliases
There are two common ways to do this:
- If you have your own domain: use a catchall – this a mailbox that will “catch all” of the email addressed to @yourdomain.com, so any email address at the domain that doesn’t belong to another mailbox will end up in this default mailbox. Create email addresses like email@example.com.
- Use the “+” trick in Gmail: Gmail.com has the weird feature that firstname.lastname@example.org ends up at email@example.com (the plus is really a “+”). Create email addresses like firstname.lastname@example.org.
Greasemonkey userscripts to generate url-specific aliases with one keystroke
- Email Address Generator for your domain: inserts an email address like “email@example.com” when your press “F9”. You’re prompted for your own domain name the first time you use the script. Install the script.
- Email Address Generator for Gmail: inserts an email address like “firstname.lastname@example.org” when your press “F9”. You’re prompted for your Gmail account name (NOT your password ;-) !) the first time you use the script. Install the script.
So what will it bring you?
Some examples of how this habit has helped me so far:
- Filter newsletters, notifications, updates (BACN) into folders or labels (or the trash bin) even if sender and subject change
- Find out from which marketing stunt some publisher got your mail address
- See which startup had its database end up somewhere it doesn’t belong
- Be able to prove that a trainee copied the customer database to start his own web shop (happened to a Belgian non-profit organisation)
- Block comment notifications when a blog post you commented at succumbs to comment spam (sometimes blog posts do not offer comment feeds but just email notification – I even go as far as making an email alias per posting then, e.g. by inserting a date: email@example.com)
- Protect my mailbox: I was once stupid enough to include a contact email address in a php script, that got included in the popular Joomla software at some point in time, and got downloaded to hundreds of (virus-infected) computers… In the end, I had to ask my hosting provider to have the mails for this alias sent to the system trash immediately because I was flooded with virus mails…
Some more tips and caveats
- Don’t forget that even if you were BCC-ed in an email, you can find out via which alias it was sent to you by having a look at the email headers.
- The “Gmail trick” won’t work everywhere – some sites will refuse an email with “+” sign (or will refuse any Gmail address).
- The catchall solution is more powerful than the Gmail trick for yet another reason – you can create an actual account called firstname.lastname@example.org:
- It will block these mails even from entering your Catch-all mailbox (make it bounce when the mailbox is full, or have the mails sent to trash… such as in the virus mails example)
- And it works also when you’re in BCC (see first remark in this list)
- Forget about a catch-all solution when you do not have an adequate spam filter (from SpamHuntress). I forward my Catch-all mail to Gmail, which has great spam filtering. Leave a comment if you have other solutions that work for you.
- With email addresses constructed this way, spoofing a sender is dead easy of course. As far as I know, it hasn’t ever happened to me (why would anyone do that?) but if you’re careful as Michael Boyd Clark is, you might use a email@example.com instead of firstname.lastname@example.org.
I don’t use it because you’d need to calculate the generated address every time you want to query for it (with the “from:” operator in Gmail e.g.). And if you – like Michael does – use a hash (from which you cannot derive the originating domain name) you’d need to do some bookkeeping to make sure who’s address this was. Nevertheless, I might consider to rewrite the script so that it produces email@example.com (making it both recognizable and impossible to make up).
Have more tips or ideas? Share them in the comments…