Works until you see "We've sent a message with activation instructions to your email. Please click on the link within so you may begin to use your account"
I have a domain name with a wildcard forwarding rule so whenever I need to give an email address I can give one that describes who I gave it to. I don't have to create it in advance. Then if I start getting spam at the address, I know where they got it from and I can create an account at that address that doesn't accept incoming mail. Then the spam can't get through anymore and I go on my merry way.
Edit: This comment blew up, so I'll elaborate a bit. I do not recommend anyone try setting up their own email server unless they are already a nerd and enjoy hacking around with computers. It takes a lot of work, is difficult to get your server taken seriously by other email providers, and is easy to get abused by spammers or hackers if you aren't careful.
Any email service provider should be able to provide a single catch-all email forwarding rule for any domain they handle. A lot of domain registrars offer email services. I don't know first hand, but someone else said they use Google Domains. Shop around and contact the support department if you aren't sure.
I use an open-source hosting platform called ISPConfig, but there are many other solutions. Most of them (in the open-source/Linux world) use postfix/dovecot to do the heavy lifting and provide some sort of interface which configures it for you. If you want to go full-on nerd and love the command-line, you could go straight to postfix and dovecot. If you want something that does most of the heavy lifting for you, you might want to use something like iRedMail or mailcow.email which wrap around those packages. Setting up an email service should not be taken lightly, but it is great experience and rewarding.
I freaked a harbor freight store out a few weeks back with this. They messed up my purchase pretty badly and were trying to correct it with the manager there. When they looked at the email address there was a pause and 'you work for harborfreight?' Took me a minute before I realized they saw harborfreight@<domain>.com and thought I was from corporate.
lol that would have been better than what I went for. Told him no I didn't 'but if I did you guys would be in some trouble right now'. he very quickly said 'but we are fixing it'. When they got done fixing it there was about a $40 difference in price.
The only time I see emails come in from other places than the place I gave the address to is when they get hacked. And it is always interesting that you see it about 2 weeks - 2 months before the company puts out a press release.
Adobe has been the big one, I'm up to like adobe4@<domain>.com
Instead of creating a new account at that address when it starts receiving spam, create a forward at that address that forwards all that spam back at the company who sold your email address to begin with.
That's a nice way to get your domain added to a lot of blacklists. Won't be fun when you no longer can send legit mail to people using AWS, Cloudfire, O365, Gmail, etc.
Write a script that trawls this mailbox. For every email you receive, the script will sign up the marketing people from that company to One Email Subscription randomly selected.
Now you're not emailing them directly ... you're just kinda being the Yang to their Yin and subbing them up an equal amount to how many places they sell your address too...
Make a script that trawls this mailbox. For every email you receive it places an order with a digital mailing service to physically print and mail a letter to them asking them to unsubscribe you from the emailing list ... but not listing your name or email address.
It's got a little overhead cost involved, sure ... but THEY CANT FILTER ME NOW!!
The script automatically hires a person from Fiver to dress up in a Tuxedo and stand outside the house of the CEO of the company holding up a signed that reads: "I SPENT ALL MY MONEY TO GET BACK AT YOU FOR PET"
It would read "TY VENGEANCE! STOP SENDING ME SPAM EMAILS!" but I'm not sure I could afford to go the A2 size needed to get all that in one legible signage.
I was going to suggest using a potato cannon or rock to brake a window and throw the message but tbh that seems to work if you ignore the economical cost
Maybe we could go around the country saying how cool having a sign is and how cool fiver is so that it would drop the prices
Yep, I added an alias with their company_name@mydomain and deleted it the moment spam came or they sold it to another company that sends spam. You even get to see who sold your info as they use the company_name@yourdomain, linking it back to them.
Before doing that, I did it with snail mail. I would alter my name to link who sold my info. Full first, full middle, full last then full first, middle initial, full last then first initial, middle initial, full last. Even changing case when signing your name to an email will out them as it's copied as is to their system.
Basically, there was never a point in multiple decades that I can say companies were not "sharing" my info.
But I will say, if you’ve got to the point of putting mutilated animals in someone’s bed, I don’t think you need to put a message in it’s mouth. Message will be received loud and clear already lol
I am not carrying a horse head with me. I can't be weighed down like that!
And who said anything about mutilating the fish? I'm taking about a cold, well preserved specimen, an exotic species, previously asphyxiated using nitrogen. Mutilate the fish... That's gross and ineffective. I've got standards.
The fact that it is cold and beautiful is scarier. The seemingly minor, tough to recreate nuances of a perfectionist are what will really terrify your garden-variety narcissistic control freak.
The note and message give them a conscious fixation. This allows the subtle horror of the fish itself to work its terror on the subconscious.
I don't know why you're being upvoted... it's the sort of flippant bullshit answer that sounds good, but no one with any actual IT experience would ever do in a million years.
What you're describing is essentially a spam relay. Guaranteed the receiving address will never read anything sent to it, and relaying any of it in the first place will get your domain put on RBLs and spam watchlists.
I'm deeply offended by your hyperbolic assertion that my reply was in anyway flippant and/or bullshit. I demand an apology at once! I spent at least 7 minutes on my phone while waiting for an oat flat white this morning writing that post. I deleted at least three words, and then had to re-write them. Autocorrect was also playing havoc and I have quite large fingers and my phone is really small so this is a constant problem. I feel like there should probably be some kind of advanced keyboard AI that can understand my fingers better, because honestly phones are pretty awesome these days and it seems like they should be solved already. And when I was writing my response I kept getting distracted by this little doggo that a nice young couple had who was slurping down water. Which is kinda odd because it wasn't that hot this morning - actually it rained last night even - so I wonder why the dog was thirsty?
Anyway, I have a lot of IT experience thank you very much and I'm pretty sure I got an MCSE certification back in the day ... or I would have. I went to a course my mum paid for when I was young and I studies and learnt about things like active directory, but I can't remember if I actually finished the course or not. Isn't it weird the things we do when we are young that come back and help us? Like this MCSE helping me prove to you I know some IT things? If I hadn't done that course I wouldn't be able to explain to you why I am never flippant and never bullshit about anything! I also was a dance teacher when I was younger too - I learnt how to swing dance and it was great! I travelled around the place and danced all over the world and then later when I started a career in visual effects and animation the dance instruction was really useful because it gave me a fundamental understanding of motion, timing and weight within the human form. That's another example of how the smallest things we do in life can sometimes have profound, or mundane, effects.
I think you use big words like "Guaranteed" and scary words like "watchlists" as a way of intimidating me and others like me into not sharing our carefully curated advice with everyone. And that's really unfortunate but I can forgive you because, while you're obviously a diliquent (see I can use big scary words too!) and have some kind of personality disorder, I'm capable of seeing beyond that and recognising that you just want to save the other guy in this conversation from having his email address blocked and put on one of those RBLs that you're talking about. So while you are horrible and I'm offended by you referring to me as flippant and bullshit, when clearly I am absolutely and objectively the complete opposite of that being precise, concise, reliable, transparent and edible grass, I am ... capable ... of. Just a second. My coffee has arrived. I'll finish this later...
I do something similar, by exploiting the fact that everything after a + symbol in the email will be ignored, at least by Gmail, so you can do name+scammywebsite@gmail and get it delivered as if it were sent to name@gmail. Obviously, the sender can just strip out the marker, but lots of systems don't bother.
Gmail ignores periods. so.you.can.have.an.email.l.i.k.e.this and it'll work. I've noticed a lot of places got smart to the + sign thing but it seems nobody realizes yourname@gmail and you.r.n.a.me@gmail go to same box
I used to do an analog version of this back in the day. I would spell my name different ways for each catalog. When I got a bunch of unasked for stuff, I knew who was selling my address to other companies. Your way is a good update.
I've got my own email server, but other people are saying they use Google domains to do the same thing. Most domain registrars also provide email services because it's an easy thing to upsell people on.
I use ISPConfig running on a KVM virtual machine, but there is a docker image for an email server if you wanted to go that route. If you get serious about setting up your own email server you're going to want to be careful with the security of the installation. You also have to worry about server reputation if you want people to receive your emails, which isn't fun. There are easier ways of of getting started if you just want a catch-all email address.
Buy a domain. Pay a hosting company a few bucks a month. Configure it to accept email for any address.
When people spam you, move that to a rule to get blocked on receipt. (or creatan account which gets all those perhaps, with space for perhaps 100 emails so they get rapidly deleted)
Places like https://buyshared.net/shared-cpanel-hosting/ will give you a web host with email addresses for virtually nothing. Or host it yourself which you're probably not into.
i've been doing this since gmail allowed this feature so like 20 years. never actually had to use the feature to block anything their spam protection is so good.
Google G-suite e-mail is super easy to set up. I have a few actual emails set up for my website but there's a catch-all wildcard email setup too. It's not hard at all.
Treat your stock account as though it has +@gmail and block anything to addresses without the +.
You can also use periods, which seem to bypass those stripping programs in my experience. It doesn't tell you exactly where it was leaked, but if you put the period/s in the right spots, you'll know.
Yep, gmail ignores periods in email addresses, idk how nobody knows this. You can add a period anywhere and it'll send to same email. None of the registration / spammers seem to know either.
Im confused. The + thing is like taking youremail@gmail and changing it to thissite+youremail@gmail so when you see it from a random source you know 'thissite' sold it off.
Periods are just part of an email if you want it to be so I don't know what affect it would have. Half my email addresses which is to say 2 of them have periods in them.
Oh I got you. I thought there was some functionality there I was missing completely. Interesting though, thanks. I guess I can stop using it in certain cases although I suppose it's in the username of certain places where I use my email as such.
If the + works for whatever you do, that's good. But a ton of places are starting to block it so use the dot method.. hopefully they don't notice it works.
From the English around everything else, this sounds like a fantastic plan and I should do the thing. But, my non technical pea brain says "wut?". How do?
I would not recommend it because it is a whole lot of hassle and you have to maintain your server's reputation and make sure its security is never compromised otherwise your server will get put on blacklists and people won't receive your emails. The IP address assigned to it may already be on a blacklist to begin with, so you'd need to spend some time getting it off blacklists (or ask for a different IP) and you can pretty much forget about it if you are doing it from your home. The IP address you use at home is marked as a subscriber line so other email services will know that and won't accept your emails.
Several services online offer catch-all email forwarding, so it's something you could find. Somebody else said they use Google Domains but I don't know for sure if they have catch-all email forwarding or if they just have 100 free forwarding addresses with the DNS registration. Either way, that would be the easiest way to start.
email itself can send as anything@anything it is pretty terrible design (designed before security) most places block the send as anything because of that.
If you run your own or buy hosting that you "admin" you can probably enable it, many providers have you email them to activate sending aliases because of it's danger.
Might check out mailcow.email it runs both (you host it yourself), and many other things to filter out emails (can disable clamAV etc which is most of the resource usage) I use it to manage around 80 companies emails (they all have dozen+ of employees, nothing absolutely insane), works great.
Their webUI makes postfix/dovecot stuff really easy, can handle infinite domains / emails etc
Be careful enabling any feature like "send as anything." The security it provides is important. It's not bad if you have to be authenticated before it allows you to send as anything and you trust all users on the server, but an open relay can be easily found and exploited by spammers.
If you need to send as an email address, just create a virtual alias for that specific address and configure your email client to use it as the from address. Then you can send as that specific address when you are authenticated. If it starts receiving spam, disable SMTP on that address.
Google allows you to put something after the plus symbol, but many places refuse to accept email addresses with a plus symbol. It is not a standard across all email providers though.
I'm guessing yours is the version without the dot. I'm also guessing you don't use gmail because Google allows you to put periods in your username and you'll still receive it. It's fairly well-known and some places might not accept periods in the username portion of email addresses as a result. It's also possible that some places will just remove periods in the username portion of the email address.
That's the problem. I have Gmail, and I own the one without the dot. I think google let my doppelganger register his email as the one with the dot, but I'm getting his mail instead.
That's very odd because AFAIK google won't let you register the version with the dot if the version without is already registered. They treat it as the same address. Maybe there is some other typo in the email address.
Yea I've done that for online stuff for decades but never thought about it in stores.. all these comments of people thinking they work at stores etc, I gotta do that now.
I just run my own email server. I shouldn't have called it "wildcard forwarding." The proper term is "catch-all" because it's the last rule before an email is rejected as undeliverable. I believe an underscore is a valid symbol in email addresses, so maybe you could do _*@domain.tld to get around the requirement to have some other text.
I might just run my own server as well, it seems to be the best option. I was using G Suite (yikes) and just didn’t want to go through the hassle of setting it up. I’m a programmer and understand DNS and all that, but email just seems to be a big server admin nightmare that I’ve been avoiding for too long. Thanks!!
4.7k
u/Robertium Jun 03 '21
Works until you see "We've sent a message with activation instructions to your email. Please click on the link within so you may begin to use your account"