Great LPT. I would add to this by recommending to use an email alias instead of this
https://simplelogin.io and https://anonaddy.com are brilliant options. They can also be self hosted!
Edit: typed anondaddy by mistake lol
Regarding the usage of [email protected], in the event that your email leaks or the website you're using your email at is breached (and most of them if not all do no encrypt emails), it would be pretty easy to get your main email just by removing anything between the + and the @.
Some websites, when sending emails or when signing up, straight up don't accept or ignore the plus sign when submitting it to their database.
I would highly recommend, as I have made the switch a few days ago, to use real alias emails through SimpleLogin.io or AnonAddy.com (both open-source and can be self-hosted) where you create aliases there either through your own domain name (easier if you decide to switch services later) or theirs. If the email ever leaks or starts getting spammed, you would easily disable it.
There are other services similar to those two but most are not open source, cannot be self hosted (Firefox Relay for example) and with limitations.
I suggest you take a look at services like that and see what may fit your needs in additions to other features that may be interesting.
I have been using anonaddy.com ( r/AnonAddy) successfully precisely for these objective now for about a year and a half. I create a new email address using a variety of domains (I have a couple of domains I own personally linked to the account too, as well as the native domains) which are available. I have found it to be exceptionally reliable.
Each time I create a new account at some website or another I create a unique email address and a unique password. If I notice that a company starts to spam me, or it appears that they've sold my email address, or the site becomes compromised, then I just switch off the email address and that is the end of the matter. I am not bothered by it any longer.
It works well, I'd recommend it.
I'm sure your talking about SimpleLogin and AnonAddy. There is no username in the aliases unless you put it yourself. They can be custom names or randomly generated and after the @ its only the domain not username then domain.
Disabling that functionality wouldn't help one bit, unfortunately.
You can create essentially unlimited accounts with one gmail account by using plus aliases. and both go to the same inbox. Quicker than going into twitch and enabling that feature too.
But okay, let's counter that google plus alias trick on twitch's end and treat and as the same email address and disallow creating more than one.
Great! Except, you can just use an email forwarding service like simplelogin or anonaddy. They let you create a brand new unique email address to sign up to twitch right in a browser extension in a second that just forwards to .
Okay crap, let's disable signup on all known email fowarding/proxy services like simplelogin an anonaddy then.
Awesome, we did it! Well, unless your troll has 99c to buy a .xyz domain and use that in conjunction with simplelogin or just use the catchall address feature. , and so on would just go to the same inbox.
I hope I made my point. Preventing account creation for someone who is determined enough to fuck with people on twitch (or any other website) is very hard and there are countless of ways around most of the systems you could come up with to put stones in their way.
From their website security page. Link.
>All information you provide to us is stored on our secure servers in the Netherlands (UpCloud). Sensitive data in our database such as your recipient email addresses are encrypted using OpenSSL and the AES-256-CBC cipher. Furthermore, all encrypted values are signed with a message authentication code (MAC) to detect any modifications to the encrypted string.
And if you wanted to make sure that even AnonAddy could read it they have a whole guide on how to self-host it. Self-Host. As well as the github repo. Repo
One thing I did when going through this process of changing the email registered with services was to create separate email addresses for each one. I use anonaddy.com, but I'm sure there are other services. I am hoping that I will be able to tell which <expletive deleted> service companies are selling my address to the spammers.
Have you read the following articles on replying and sending from aliases?
Each free account is permitted 1 reply or send from an alias in order to test how it works, after this you will receive a notification asking you to upgrade if you'd like to send more.
The send from address as you call it is not a new special type of alias, it is simply a construction of one of your own aliases including a plus extension which informs the system where it should be directed to. (See the image at the top of both links above).
Say I had the alias "" and wanted to send an email to "", then I would construct an address like this:
This address can be used as many times as you like to send replies/messages.
You do not need to edit the send from you just construct a new one if you want to send an email to someone else. e.g. to "" would be:
AnonAddy supports easy to create a "send from" address: https://anonaddy.com/help/sending-email-from-an-alias.
With SimpleLogin you have to create a "reverse email address" from the dashboard.
With AA your "send from" goes through your domain (@example.com). With SL, it goes through SL's domain (@simplelogin.co) even if you have a custom domain.
This is a huge thing for me cause I can more easily/quickly send an email address to someone. I can, right from my mail client on my computer or phone, send an email to someone and on the fly create an alias without having to go to some dashboard. For example, right from my Gmail on my phone I can type [email protected] and it will send an email to [email protected] and make it look like it came from my AA alias [email protected].
Delete the email and ignore them. I suggest you read this article about 'Sextortion'. Sometime they even know a real password you've used before which has been leaked/hacked.
Consider using different emails for different purposes, especially if you sign up for many websites. A service like Anon Addy will create many 'aliases' which protects your real email from others.
Just make an acct at either 33mail or anonaddy and it's self explanatory. You set your target email address and if your 33mail or anonaddy name is ohthatsharm, you would send an email from say asshole warehouse to , then all those emails would just show up in your target inbox. You make them up on the spot, if you started getting emails at that address from anybody other than asshole warehouse you know that's who sold you out. Then if wanted you can just pause or delete that forwarder.
Not really. I'm sure lots of open source software/services are maintained by one person. The only thing I think is necessary is to have a contingency plan, especially once there is a large user base.
AnonAddy has this covered: https://anonaddy.com/faq/#what-happens-to-anonaddy-if-you-die
Yes I've written a short article on it here - anonaddy.com/help/adding-a-custom-domain/.
Make sure to read the bit about changing the host values for a subdomain, e.g. for the TXT DMARC record: from_dmarc
to _dmarc.mail
if mail.yourdomain.com
was your subdomain.
Hopefully it will be live by the end of this week, it was a premium domain so I'm currently waiting for it to be transferred to my account before I can start adding records.
Do the kids need access to the inbox or will you be controlling the inboxes?
You could use AnonAddy, and create emails for the students like such: timmy[at]anonaddy.com, susan[at]anonaddy.com and set your email address as where they're all forwarded.
Use the premium version for like $12 a year and you can use your own domain say mrsoandsosclass.com, and have custom emails (susan[at]mrsoandsosclass.com).
When you're done with them, just delete them.
Understand what you want to protect and hide. Then be very aggressive about it.
Compartmentalize everything (definitely have more than 1 email).
Work, personal (strictly personal, nothing else) and signing up for stuff.
Get an anonaddy.com account for aliases and link it to your 'signing up' email. Use that for spam and non important stuff. Don't use it for important stuff.
Yahoo definitely doesn't delete anything. They keep everything. Try deleting those emails if possible. Otherwise move on.
Like I said, it depends on your threat model (what you want to hide, what you want to give).
Be shamelessly private from now on. Give info on a need only basis, and delete/encrypt stuff as far as possible
It's all right for you to do anything you'd like - privacy is as strong as how the user sets it to be! You're free to do that, but just in case you'd like to mask your ProtonMail address, you can use publicly-recommended and open-sourced e-mail aliasing services (like SimpleLogin and AnonAddy)!
When I was on a free plan, I think I remember I was able to send from an alias, or reply, once. Then it was over, and I was warned that sending or replying was a paid feature.
The service has been enhanced considerably since, so how it worked then is probably not how it works now. I am on a paid plan presently, so I cannot try and reproduce what you did.
The pricing table says anonymous replies and sends are for paid plans only. This is ambiguous. It might mean you could reply with a free plan, but your real address would be revealed.
Let's hope the Anonaddy developer will chime in, and tell us how it is.
Email is email... it's a communication tool that's standardized across the internet. In my view, I don't think it matters if you use SL or your Tutanota email. Everything gets delivered the same way.
I use SL for 99% of everything; the only caveat that I have is, I use my own domain at SL. That way if something ever happens to SL, I still have control over where my email goes (just route it to another service like AnonAddy, etc.).
when it comes to anonymous email services, I would recommend https://anonaddy.com .
I use their self-hosted version of it myself for many reasons, but their free version is great for things like this, you can create an alias get what you need, then delete it and never get a email from them again.
One solution is to have a custom domain (either private VPS+DNS or brought from a mail provider) with an alias system. The issue is that there are at most a handful of users on your domain and tracking companies know it. They can easily detect that your email is a custom domain instead of an email provider's and track only that part. That's still way better than nothing though.
The only full proof method is to use the shared domain function of a service like anonaddy. This allows you to create different aliases for every service you suscribe to while having a service provider domain name like @anonaddy.me.
None of these options is free but they cost a few dollars a month. The most expensive being a self hosted mail service with a self hosted SimpleLogin since the VPS+DNS will cost you at least 5$ a month.
...I'm guessing from my attempts to piece together this jumbled up mess that you opened up 8 different gmail accounts to segregate what email address different services have (so you can figure out who sold your data if you get spammed?)... Am I correct?
First off, this subreddit is dedicated to ProtonMail. So your question would probably be better served posted in r/gmail or r/google.
Secondly, if you're planning on sticking with gmail, I would suggest adding a + followed by an identifier when you give different services your email address (example worldwyde+example @ gmail .com). This will allow you to see what service sold your data if you get spammed by looking at what a spam email says in the To field.
Either that, or use a forwarding service like Anonaddy.
Going forward, you might want to look at something like anonaddy.com or a similar service which is a good way to keep your inbox from getting flooded with persistent unwanted emails that build up over time. It essentially makes fake emails for you, masking your real email, and forwards them to you. You can cut them off at any time. Anytime you have to give your email online for something, just use that instead. As you may know, unsubscribe doesn't always work.
You can also delete your Google data.
ProtonMail is the best player in the privacy game. What you might lack in UI aesthetics is more than made up for in privacy.
For storage, there are solid options, such as pCloud and Sync which cost but are true end-to-end encrypted. For free options, Mega gives you 15GB (same as Google) and is also end-to-end encrypted.
I just finished his book, and it goes way further in depth. It's worth every penny if you're into this stuff.
In answer to your specific questions: look into email forwarding services like AnonAddy and SimpleLogin. He relies on services like that heavily for email masking, but he says you shouldn't use it for important services. Having said that, breaking up your profile across multiple emails is also pretty smart. You could do things such as using one email for banking, one for social media, one for work, one for personal, etc.
For using social media, you can use it but that means you'll never have total privacy. There's a few things you can do to reduce exposure though. Never have the apps on your phone, always login via the browser from a VPN/Tor, fill out as little information as possible, post as little personal or revealing information as possible, and use Firefox Containers to isolate each account. Maybe even consider using a VPN, but that might be overkill.
Du kannst dafür auch E-Mail Anonymisierungsdienste wie Anonaddy oder SimpleLogin verwenden. Apple und Firefox haben vergleichbare Services im Angebot. Bei Anonaddy werden z.B. auch Aliase automatisch erstellt, wenn du dich mit irgendwo registrierst.
Important limitations of the free plan :
Apart from that, check the paid features on the pricing page.
Anonaddy can be linked to your own custom domain. I don't know what you call professional aliases. If you don't like the look of anonaddy.com, there's a much blander domain available with the 12 $/year plan. 33mail.com is a good name.
Time to get new addresses, I’d say. I use a remailing service for most things to limit my real email being out there. It generates a temp email address that you can use to sign up for things, etc and it will forward any emails sent to that address to your real one. This is the one I use: https://anonaddy.com/
If you use an email that enables you to generate aliases, you can do that as well. It doesn’t stop people from stealing/fraud but you can see who’s been selling your information as any spam mails will com addressed to the alias you assign. Gmail is able to do this.
Don’t use debit cards online, only credit cards. Look into privacy.com for online buying. You can generate a virtual card that will lock to the merchant so it can’t be used anywhere else. You can lock them at any time, or you can make each one a one time use only. You can indicate a max amount per charge as well.
Use a service like AnonAddy or SimpleLogin to create an address. Make a Google account via an factory reset Android device or an Android emulator (otherwise they may ask for a phone number). Use that account for your Nest stuff.
>My main reason for Firefox Relay is/was that it has a bigger organization behind it, what gives me more hope for long time support of the product.
Mozilla has a long track record of launching new, shiny services, then killing them shortly afterwards because it changed its mind.
In fact, I would wander that Anonaddy has far more chances of staying around than Firefox Relay. The Firefox browser itself is in free fall. It went from a 30% market share to 3% in just over a decade.
Anonaddy allows you to export your alias database. You can also link it to your custom domain. The developer has put a plan in place so that the service can go on if he dies.
It depends on the service. Some will have your email out in the open, others will only have it revealed after a leak. If you want to defend yourself against these types of attacks, try AnonAddyor SimpleLogin.
> The easy one: What does "AnonAddy support" mean?
Some of our users wish to use the https://anonaddy.com/ services. However, they are receiving illegible emails.
> The hard one: Can you clarify what "autocrypt" is? I'm under the impression that it means if we send an email to a non-CTemplar user, you'll automatically scan known key databases to see if they have a public key and use it if available.
Autocrypt works differently from WKD, which is what you mention by ("(...) automatically scan known key databases to see if they have a public key and use it if available"). (We have a blog post about it.)[https://ctemplar.com/what-is-autocrypt-and-why-ctemplar-adopted-it/]. In sum, Autocrypt does it's best to attempt message encryption, but always prefers readability over encryption, which is why some messages in sent with Autocrypt enabled might not be encrypted.
Wikipedia also explains this: Autocrypt-capable email clients transparently negotiate encryption capabilities and preferences and exchange keys between users alongside sending regular emails. (...) When a message is encrypted to a group of receivers, keys are also automatically sent to all receivers in this group. This ensures that a reply to a message can be encrypted without any further complications or work by the user.
It makes it more "difficult" to recognize where you used the alias.
And in context to this topic this article might be interesting:
https://anonaddy.com/faq/#how-do-i-send-email-from-an-alias
the bottom part regarding 'catch-all'
get a digital scale. most recipes are in metric - so make sure it does grams as well as oz
www.whisknyc.com/ is great - it used to be in williamsburg (weep), now it's in downtown brooklyn
crate and barrel, target, sur le table, macys, williams sonoma are other options
if you go to bed bath and beyond, sign up for their email list ahead of time (use a throwaway email) and then you'll get a 20% off coupon
That's correct, you might have read it here.
> where 2,3 and 4 are keys that map to your recipients (separated by periods "."). You can find the key for each recipient on the recipients page when you are logged in.
I'll add better documentation for this soon.
> Fürs nächste Mal solltest du dir einfach eine Müll-E-Mail-Adresse (Alias) zulegen
https://anonaddy.com/ oder https://simplelogin.io/ sind dafür übrigens super wenn man sich gerne mal für newsletter anmeldet um Coupon codes oder so zu bekommen. (Benutze selbst simplelogin und bin sehr zufrieden damit)
Wenn man keinen Bock hat emails von xyz Anbieter zu bekommen kann man einfach den Alias löschen und die mails gehen in die Leere.
Kostet zwar was aber ist, meiner Meinung nach, effektiver als der gute alte gmail + Alias Trick.
I'm using Anonaddy to create Email aliases. I never use my real email adress anywhere. If your account gets leaked somewhere only your alias is public. You can then simply disable the alias when you get spam.
I don't think Tutanota supports subaddressing (RFC 5233), so that will most likely not work.
I can recommend to use SimpleLogin in front, though. Which will allow you to add unlimited number of aliases which are redirected to a single (or more) destination addresses - which doesn't even need to be in Tutanota. I'm using this service on a few sub-domains of my own. Another alternative is AnonAddy.
So remember that the registrar is not necessarily the party hosting your email. Let's say you use Google Domains to register your domain but use ProtonMail for your actual email. Google as your registrar does not get access to your email.
For your catch-all email take a look at AnonAddy as a service. You can use their hosted offering to deliver to your inbox or host yourself if you decide to later.
Back to looking for email hosting, do you have any actual requirements there? How much email do you plan to keep on the server? 5 GB? 50 GB? Do you need a mobile client? Webmail? IMAP or POP3 support? Desktop Outlook (or other client) as your MUA?
If SL goes out of service you can, for example, create an account at Zoho Mail (or any other mail service), point your domain MX to there and create a catchall email account.
Lets say you created a email called [email protected] at Zoho. Then you activate the catchall to that account - and it will mean:
*@mydomain.com goes to [email protected].
Tha's it.
Well, than you run to anonaddy.com or other service like Simplelogin and start over with the alias stuff.
You should sign up for a private email service that allows you to create fake aliases that you can turn on and off to prevent things like this in the future. I built one called Telios, but there are others like Anon Addy and Simple Login.
I'm not sure about that. Up to now, I stood by the following statement by Anonaddy :
How does that combine with the ability to disable catch-all (which is a paid feature) ?
After all, the whole point of the service is the ability to nuke an alias and prevent anyone from sending to it, if it gets in the hands of spammers.
If any website can bypass that by sending to an alias it had previously been given, thus re-creating it, Anonaddy becomes useless.
I'd love Mr. Addy to chime in on that in order to set the matter straight.
> I went with SimpleLogin because you can actually reply to email sent to your aliases and it's seamless.
You can do this on AnonAddy too, and I think it's actually easier on AnonAddy. With SimpleLogin, you have to login to your account or open up the app to get a "reply to" link. With AnonAddy, you just have to memorize this formula and you don't have to leave your email service. You'll know the formula by heart after using it twice:
https://anonaddy.com/help/replying-to-email-using-an-alias/
> While you are on the free trial you can also create a more custom alias with a "keyword".
Here is the information directly from their site:
Directory allows you to create aliases on the fly.
1️⃣ Pick a name for your directory, says my_directory
2️⃣ Quickly use one of the following formats to create an alias on-the-fly without creating this alias beforehand
my_directory/ or
or
my_directory#
anything is any string composed of lowercase characters.
You can find more info on directory on our blog post.
You can use this feature on the following domains:
aleeas.com
slmail.me
simplelogin.co
simplelogin.fr
ℹ️ The alias will be created the first time it receives an email.
Keep using your ProtonMail address and consider using aliasing services like AnonDaddy or SimpleLogin.
I also agree that using a self hosted email server is way too complicated for what it's worth, especially considering if your threat model isn't super crazy (which it doesn't sound like it is)
Yeah no worries. Both ProtonMail and Anonaddy have some decent documentation for setting up custom domains
https://protonmail.com/support/knowledge-base/set-up-a-custom-domain/ (Not a lot of info, but the setup wizard is pretty good)
https://anonaddy.com/help/adding-a-custom-domain/ (Note the bottom of the page for subdomains)
It's good practice to never give out your real email address to any website, especially dodgy ones.
Use an anonymous email service like https://anonaddy.com or https://simplelogin.co which lets you create throwaway emails to use which forward to your main email address. This is also a good way to see which website sold your email info, as it would be clear from which email the spam emails are coming from.
Or, you take a little more systematic approach and use a unique address per service. Easy to track spam and block a single address. Upside: they can’t track you with that stuff either. Especially if you don’t use your real name. Combine that with a password manager such as bitwarden and you’re set and getting an account/service hacked isn’t such a big deal anymore.
E-mail service I’ve been using and like to plug for everyone’s benefit: https://anonaddy.com
The person you reply to only sees your alias. He cannot know your "real" email address. That's the whole point.
About the banner added by Anonaddy inside the email, the FAQ says you have to remove it manually before sending the reply. However, I just made a test, and it appears this is obsolete : Anonaddy now removes it automatically.
Anyway, even if it did not, and your correspondent could see the banner, this would not be a problem : there is no confidential information there (especially not your "real" email address), and the recipient would not be able to use the link, contrary to you.
The point of a catch-all alias is to receive all mail sent to a domain name (i.e., mail to [email protected]
and [email protected]
and so on will be delivered to your inbox), so you'll need your own domain. See https://kb.mailbox.org/display/MBOKBEN/Using+catch-all+alias+with+own+domain
Bascally, you set up some address like [email protected]
as your primary mailbox.org email address (verifying that you own yourdomain.example
), and then you'll be able to add @yourdomain.example
as a catch-all alias.
Of course, this all uses your own domain name, so a cursory examination will be able to link all your addresses together (but automated systems are unlikely to do so). If you want aliases that cannot be directly linked to your main address (except by the provider), you're probably looking for a service like https://anonaddy.com/ instead.
Yes ! Let me count... they have a team of... 1.
What happens to AnonAddy if you die ?
I couldn't find an answer to my question, how can I contact you ?
For every online account I have a different email address. I use simplelogin to give me different emails that forward to my main protonmail email. So that way my main email never gets revealed and if there is a data breach I can just delete the email and add a new one.
Simplelogin can have up to 15 emails that send and receive. For unlimited its $3 monthly. If you want unlimited free I recommended anonaddy but it can't send only receive.
I highly recommended watching this video by Techlore that explains this better then me.
On a side note's side note, I discovered https://anonaddy.com some time ago when I absolutely did not want to give out my real email credentials to some service.
You register there and instead of a single address, you get your own ending, i.e. @yourusername.anonaddy.com which transports the mail to your real email box. Then you can give out arbitrary addresses which all work, such as without them having any way to mangle the address (e.g. stripping off the + part) or knowing your real identity. There's also a possibility to deactivate certain recipient addresses from redirecting if they get onto spammers' lists.
I'm not affiliated with them (other than just a user), but I found the service very useful in the spam age.
There is no way to do this, as far as I know.
I assume you want a specific person to receive that warning, not all your correspondents.
If your email provider or email client allow this, you could write an automatic answer for that person alone. But anyone with a minimum of technical knowledge would see it is fake : since it would come from your email address, it would be obvious the incoming mail has, indeed, arrived.
You could, however, write an automatic answer saying the message has not been read, and has been deleted upon arrival ; and it could even be true, if you create a rule to that effect.
But unless I'm mistaken, there's no way to fake the actual technical message that the sender receives when the destination address does not exist, for instance, or if the server rejects it for another, technical reason.
Maybe you can fake it if you have your own custom domain, and your host allows it, I don't know.
There is, however, a workaround, but you would need to set it up in advance.
Open an account at the alias provider and remailer Anonaddy. Link it to your main email account. Only give Anonaddy aliases to persons, or sites, which you want to be able to block in the future.
If one particular sender annoys you, you can either "deactivate" his alias, and you won't receive his emails, without him being warned of it ; or, you can "delete" it, you won't receive his emails, and he'll be warned they did not arrive (I think the actual error message says the address does not exist).
So-called "deleted" aliases can be undeleted later, if you so wish.
You should check out AnonAddy. I create aliases with my custom domain and have them forwarded to my throwaway ProtonMail account. The beauty of it is -- I can jump ship incredibly easy from one provider to another seamlessly with this setup, and strongly recommend more people use it.
Self host it? I use AnonAddy but there are many other options
You can use your custom domain / subdomain too, so you don't have to worry about being tied in to a single provider.
It makes such a difference to be able to view and control who can email you, and keep your real address private. Whenever I start getting spam, I know exactly who leaked my email, and I can just block that alias.
If you can't be bothered to create another email, use SimpleLogin or AnonAddy. Those services gives email aliases.
Another way is to buy a cheap domain, and set-up a catch-all in that domain to your main email address.
Not sure if you are referring to a subdomain from your own custom domain… Or additional username/subdomain under annonaddy… But for both there is a good explanation in the FAQ: (*mail.example.com)
The privacy benefit mentioned is that maybe you are concerned all your email can be identified and connected by your username/subdomain.. so you have alternate subdomains to use as well.
Also It helps just if you want to keep things organized and split /segregate your aliases into groups…(such work related vs. personal, vs spam-signups, etc.. )
Yes, I have a different email address for every account.I use AnonAddy.https://anonaddy.com/ Dashboard makes it easy to see all your creations in one place. They forward to another email inbox.
I use my own domains and have different ones for different things. For instance, all my OSINT stuff are emails on the same domain. Other things are emails on another domain.
I also have completely different emails for work, and personal stuff.
I use anonaddy to create separate email addresses that all get forwarded to my main email address. They allow you to disable aliases so if one gets pwned you can just delete it. Another option is SimpleLogin it does the same thing as anonaddy.
just make the account for them with a burner email, set up the home screen, and then change the associated email to their email address.
my process:
it's a few extra steps, but it takes maybe 3 minutes. and if you're sharing with folks you like/are cool then it's worth it.
I like the user defined RegEx feature idea, this could potentially be added to the rules system.
Regarding the remaining points you mentioned, there is obviously a limit as to what AnonAddy is able to filter out from any reply/send from an alias, for example if you attached an image to the email with the text "my real email is "" then AnonAddy cannot be expected to remove this.
The information banner "This email was sent to..." that is included on forwarded emails (if enabled) would not be present when using the "send from" feature since it would be a new email. I've mentioned that this is not automatically stripped out in the FAQ - https://anonaddy.com/faq/#does-anonaddy-strip-out-the-banner-information-when-i-reply-to-an-email
Although the banner information would let the receiver of the email know that you are using AnonAddy it would NOT reveal your true email address.
You are correct, you should not attach any file or public key that reveals your real email address as this is part of the email body and will be forwarded in any reply/send from.
The current format for the "From:" header on AnonAddy is to show the original display from with the original sender's email.
I've written more details in this blog post.
You get the reply all option because the "From:" and "To:" headers are different. The "To:" header is the alias and the "From:" header is the address used for replying to an email. Just click "reply" and not "reply-all" for replying to an email.
You can update your settings to use the old email headers and then you won't see the reply all option.
I'll add an option to update the "From:" header display format so you can choose what it shows.
You can use email alias for every new account you create and delete the alias afterwards when you no longer need the account. And you can also use these for creating temporary accounts. Two good email aliasing services:
You could make it close to your real name so that it's not possible to get the real name unless the receiver knows it.
For example, if you name was John Smith, the email could be . That way it's still somewhat professional but private
Another possibility is to use email forwarding services like Simplelogin or Anonaddy for everything else other than real world stuff. That way your email name can be anything personal but online services will just get the alias.
Personally i use both options, my email is my name shortened so that it's private, and i forward everything else other than personal/real world stuff through Simplelogin.
I don't quite understand what you mean.
As a potential user, this proposed service doesn't really solve the problem you've described.
First, I would still be coupled to the service provider. I don't own example.com
so my subdomain could be revoked at any point and I lose access to my email. Technically speaking, that's the same problem I have when I register example.com
(I don't own com.
) but I trust the registrar won't revoke my access or go out of business or fall off the grid more than I trust anyone below them.
Second, this isn't really anonymous. It is anonymous at first, but as soon as I use the same domain for more services then I gradually lose anonymity. Personally, I'm a bigger fan of the way AnonAddy [1] handles it. I am issued email addresses of the form <UUID>@anonaddy.me
so I share the domain with all their users. This is gives me anonymity because the email addresses can't be linked together.
Third, as a technical concern, free anonymous emails like this is going to be a good way to get your domain blocked by larger email providers. It would be a great way to create spam accounts if implemented naively, so think carefully about how you implement this.
P.S. AnonAddy actually handles this scenario kinda like you do. I can issue unlimited email addresses under <anything>@<username>.anonaddy.me
. Although they don't allow me to update the DNS records of my subdomain at all, and require that I trust them not to be malicious, which your proposal would solve.
I understand your concern, I do have someone who can keep the service running if any unfortunate event involves myself.
This topic is briefly covered in the sites terms and conditions.
>simplelogin
>
>Protect your privacy with email aliases
>
>With email aliases , you can finally create a different identity for each website. Defend against spams, phishing and data breach. Open-source.
Or
>anonaddy
>
>Create unlimited aliases for free. Protect your email from spam using disposable addresses. Encrypt forwarded emails with PGP encryption using this service.
I've never heard about it until now. It seems to be a competitor to AnonAddy (which I use and have been happy with), along with SimpleLogin. These services are great; my concern is longevity (AnonAddy is 1 dev. in the UK) and privacy (logs, etc.).
I'll dig into the Forwardemail stuff and try it out.
I honestly don't doubt that. I signed up earlier and the service seems sleek and effective.
For me it comes down to anonymity vs privacy. It seems as though AnonAddy is, as the name implies, geared towards providing anonymity. For most of what I'm doing, privacy is more important. For instance, if my bank emails me, then since they've done KYC checks then they know who I am - it's more important that their emails reach me securely and without anyone else seeing them than it is for me to use an anonymous email address.
Now, when it comes to signing up to some random website / forum / newsletter / etc, anonymity may be more valuable to me. However, for my purposes I'm not sure there's much benefit in using <alias>@<anonaddyusername>.anonaddy.me instead of dave+<alias>@example.com
While the anonaddy.com email address is great in that it doesn't reveal my identity, it would still allow someone to correlate my accounts between providers using my AnonAddy username. I think the solution to this is to use their <uuid>@anonaddy.com email addresses, but I'm limited to just 20 of these on the free tier.
So no complaints whatsoever about AnonAddy, just that it solves a problem that personally, I don't often have. Referring back to my original post, my two goals are to facilitate mail filtering / rules and to provide transparency as to the source in case my email address is leaked.
I wasn't explicit in my original post, but I should have clarified that in most situations, I wish to do this without exposing the content of my emails to 3rd parties. I'm not for a second claiming that AnonAddy would read my emails, but they have the ability which means that even if they don't, someone else could if they get breached.
The short answer is yes. The longer answer is even though AnonAddy could technically see your emails, they are generally regarded as a trusted service. Moreover, their code is open source, and it is possible to self-host.
so you only use the main anonaddy.com for support and you do that in protonmail (added your domain as custom domain) , right ?
the other domains used in your service are used in your own servers using webmail server app (are you in liberty to say which one ) ?
and a side note : can you enable end to end encryption in your service ?
Hi,
I’m not an expert at all but I think first of all check your privacy settings in every account (for example google), enable 2FA wherever possible and try giving the least personal information you can.
Secondly, use a password manager, ad blocker (DNS ad blocker is better I think). Try out services such as AnonAddy or SimpleLogin
Signal is considered much more private than WhatsApp and Telegram.
I think iOS is better than android in terms of privacy, you can also disable Siri and iCloud.
You can switch to ProtonMail, regardless I highly recommend AnonAddy basically you can create many “email addresses” that will forward to your real address. You just choose a username and then you can create addresses like this:
I have my ProtonMail Plus account and I use ForwardEmail as my "main" E-Mail. You get multiple hostnames and then you can create a unique alias for it. e.g.
On top of that I have 33Mail and AnonAddy linked to those Forwardemail aliases. So when AnonAddy or 33Mail doesnt work I still can use ForwardEmail and it will work.
And if that doesn't work I can still create an alias with @protonmail.
I know it's unnecessary to do it that way, but it works for me
I'm not sure I fully understand the question.
Do you mean, how do you send an email from an alias? If so I've written an article about this here - https://anonaddy.com/help/sending-email-from-an-alias/
Or if replying - https://anonaddy.com/help/replying-to-email-using-an-alias/
At the moment you cannot use the API to send/forward email.
You could use https://anonaddy.com/ (can be self hosted) as an intermediary and then continue using your current mailserver as the final destination. Anonaddy can encrypt all incoming mail. (The sending part would then still be missing, though)
I found links in your comment that were not hyperlinked:
I did the honors for you.
^delete ^| ^information ^| ^<3
own domain catch-all is exactly not ideal because you will be the only one using that domain. tadaa now your accounts are still easily linked together. best is using a service that masks emails and send them through to your real email account. i personally use anonaddy.com.
Take a look at https://anonaddy.com/
I basically use anon addy to register in about anything online that's not 100% important (Netflix and other services that actually need real personal information I consider 100% important, so they get my real email). If the service has very low importance (or if I'll just use it once or twice) I'll just use Guerrilla Mail or 10Minute Mail.
Anyways, the Rule to follow is: if you don't want your email inbox to look like a boomer's inbox, try not distributing your real email unless it's extremely necessary.
In terms of connections, instead of cutting them off completely, you can consider e-mail aliasing services like SimpleLogin and AnonAddy (phew my past comments are just these, but they're helpful!) to mask your ProtonMail address. You'll also be able to disable or remove aliases if you don't need them/use the service anymore!
In terms of de-Googling, I think there's a sub-reddit (r/degoogle) where you can get more help in de-Googling. All the best, you're doing a great job so far!
There's nothing stopping you from that, so sure. Besides what u/Wigglystoff suggested (which is a strong suggestion!), maybe you'd also want to consider using an e-mail aliasing service (like SimpleLogin and AnonAddy) to help mask your real email.
My preference is to use purpose specific email addresses so that:
1) If the site concerned starts spamming me I am able to a) identify which one is the offender and b) block the email address.
2) If there's a data breach the miscreant obtains only one email identity.
and, 3) It makes it more difficult for shadowy data miners to profile me.
For these reasons, whilst I have a custom domain pointed at Protonmail, after having implemented that, I then registered a second custom domain and pointed it at anonaddy.com, which enables me to created site specific email addresses and then direct the mail where ever I want it to go, either protonmail or some other email service provider.
Hope that helps.
It's an email address that essentially forwards to your real address so you don't fill up a bunch of databases with a real email (and if one does misbehave, you can turn it off).
Services like: https://simplelogin.io/ or https://anonaddy.com/
You can have one of either Protonmail or Tutanota, and then use either AnonAddy or SimpleLogin to create a unique alias for each website. (I wouldn't recommend using these burner emails for financial websites though.)
Sounds like the perfect use-case for AnonAddy. I use it and I 100% recommend it. Explanation of how it works:
Register Your Username. Let's say your username is johndoe. You can now use *@johndoe.anonaddy.com as your email. Where * denotes any valid email address.
Create Aliases. Next time you are signing up on a website, simply make up a new alias and enter that instead of your real email address. For example, if you are on vuejs.org and you want to sign up to their newsletter you could simply enter . We'll automatically create the alias in your dashboard as soon as it receives its first email. You can reply to emails and send from aliases anonymously too!
Manage Aliases. Let's say a spammer gets hold of one of your aliases and starts sending unsolicited email to it. You can simply toggle a switch in your dashboard and deactivate that alias. Our system will then silently discard any further emails and you won't be forwarded anything else for that alias.
For those looking for a similar service, I landed on anonaddy.com and it's been great!! It has flawlessly worked as far as emails and the website control panel is both useful and beautiful. I've also interacted a bit with support and I get email replies within a day or less.
information the site requires: username, password, forwarding email address
function (with free account): generate alias email addresses (up to 20 with the @anonaddy.me domain, and unlimited @username.anonaddy.com domain)
the free version only allows addresses with uuid(v4), sample address (1s and 0s replaced by randomly generated chars and #s
more info here: https://anonaddy.com/faq/
oh yes, the website is AnonAddy.com. For a small fee of $1/Month, you get a random email address that can be forwarded to multiple recipients. It's actually free but the free model gives you a complicated UUID, and the paid one uses words. Check it out, you'll love it!
I've been using it for a very very long time and never had a single problem (apart from some websites not allowing their domain as an email address). The owner and maintainer is a very privacy-focused guy. you can also self host it which yeah...I tried but also abandoned.
edit: reddit's stupid markdown editor...
I don't say that you use the to reply.
by example you signup to TONS of sites like:
etc.
ALL those are "fake" addresses that working due the catch-all, I mean receive all those emails from that companies.
so by example contact you, receive the email, and you need to reply, of course you want reply from NOT from another domain.
So you need create a temp addresses to reply.
that's the issue.
I need if proton can reply like this: https://anonaddy.com/help/replying-to-email-using-an-alias/
one BIG question for you:
HOW do you reply from that domain that receive everything with catch-all? I mean everytime that you need reply you need create a new address? create and delete, create and delete... ?
if you sign up to and you need contact that site with the address, so you need create a new amazon@mydomain address to reply.
I mean on the pro plan by example you are limited to 5 address, so you need create and delete everytime that you reply?
or there's any way to reply with proton, like this: https://anonaddy.com/help/replying-to-email-using-an-alias/ PLEASE TELL that YES, if not is very annoying create and delete address just for reply.
thanks, I want do this:
(my main address just used to my work, family, friends)
(for sign up to tons of sites), like by example
etc. etc.
the "goal" is use ONE email per sign up.
again I discuss a lot about, just check my username on proton reddit, I can't find a real 100% solution, and catch-all is not the solution but for now! if many like you reply to this like "hey! take it easy, there's not too much spam with a custom domain + catch-all" so I go for it and forget for now services like https://anonaddy.com/ I prefer all mails go direct to proton without pass for https://anonaddy.com/ or others.
It allows you to create unlimited email aliases. The emails you receive will be forwarded to your main email account, without the sender knowing your real email address. If you receive spam on one email address, you can easily disable that email address on their website and you know which website leaked your details. They also have a browser extension which lets you generate a random alias whenever you sign up to a new service.
Have a look at their website since it is explained better over there than I'm able to:
https://anonaddy.com/
You can use AnonAddy !! It creates essentially a proxy email that points back to whatever email you’d like. I currently have about 6 emails, but you can create more if you’d like.
I'm using Tutanota because they also have an encrypted calendar, their subject line can also be encrypted. That in conjunction with AnonAddy to create aliases on different sites to help prevent spam on my main if the site is breached or sells my info.
This is the first I've heard about this happening, I'm surprised they would delete the account outright.
Would you be able to drop me an email with further details? (It's on the website here)
Using the same email address everywhere, regardless of provider, will eventually become tied to a person, whether real or alias.
If you don't want a profile built around a specific email, you can use something like Blur or AnonAddy to generate an email that forwards to your real one on the fly. That way, you aren't giving any service your real email address and your email account isn't being harvested by anti privacy giants. This is what I do.
If you don't mind companies knowing OdanUrr uses [email protected]
, you are still protecting the content of your emails from the prying eyes of Google and Microsoft.
For some, that's enough to make them happy. For others, they prefer to take the extra 30 or so seconds to generate an email address on the fly to use so there's no easy linkage between accounts, in terms of email accounts.
Using a singular privacy provider still curbs the overwhelming majority of privacy concerns when it comes to email. The problem isn't so much that X company knows you use Posteo, it's that Google/Microsoft/Yahoo/Apple scan everything in your inbox and have it directly tied to you.
sounds like you want anonaddy.com - I use it for email forwards. lets me create new accounts on the fly at mydomain.anonaddy.com or I can pre-create random one at @anonaddy.com. it's the same concept as an email forwarder on your domain, but you don't have to pre-create one and don't need a catch all domain that'll be exposed to tons of spam. when you want a certain address to stop forwarding just delete it from your anonaddy list.
Here you go. You can self host since it is open source and upload your pgp key. You can also just use the service, but of course you have to trust that it is running the source that they publish.
Have you looked at simplelogin.io or anonaddy.com ? I had attempted to set up my aliases similar to what you have listed, but I realized that I couldn't categorize all my needs into 5 aliases. Somewhere I think in a similar thread, maybe in this sub or in r/selfhosted, someone suggested using email forwarding and assigning unique emails for whatever services you want. So now for my low/medium (I've been contemplating high) I use a forwarded alias for each service, and I can disable it if it ever gets compromised or I start receiving spam. I reserve 1 PM alias for the recipient of the forwards (you can opt for multiple if you prefer). To help organize, I created a sieve filter that uses address book groups to categorize each received email to an alias into appropriate folders/labels. It's working really well so far.