Email Aliases for Preventing Spam & Identifying Breaches

I have been using email more frequently for last bunch of years, even for naive communication. Nonetheless email can’t compensate for instant messengers but its importance ain’t hidden from anyone.

Email is more like a token to enjoy seamless services on the internet & It is totally safe to assume that every netizen on the planet owns one address, at least.

There might be a dozen of issues associated with email service in general but I would like to focus on two primes.

1. Getting a looot of Spam
2. Becoming a victim of breach

Preventing Spam

Everthing was going well until spam became a thing. Spam have cluttered the mail boxes of majority having no clue how fast things have escalated in the mailverse. There are certain best practices to avoid spam in the first place which is one search away from your search engine.

The solution I’m elaborating on here is known as “aliasing”.

An email alias is an additional email address for an email account, with which a user can send / receive emails or set forwards to. An email alias is like a nickname or a nick email address.

With aliases you can use multiple addresses without the need of maintaining individual mailbox for each address. The key difference between aliasing & email forwarding is the point that aliases never have their own inbox so they always forward the incoming emails to the original email address.

Some mail services that feature creating aliases in free tier:

• Zohomail
• Skiffmail

There are also dedicated email aliasing services like:

• Duck Email Protection
• Firefox Relay
• SimpleLogin

How exactly an alias can help in preventing spam? I’m glad you asked :). The answer is simple – If you need to sign up on a random website do not use your original email, instead use an alias.

The alias will forward the received mail to your original address. If you notice spam being sent over to that alias in future, delete the alias & create new. This way you will not only prevent incoming spam but also keep your original email getting exposed to adversaries.

Identifying Breach Victim

If you ever find your email ended up in breach, the best way to know the victim site from which your email or other credentials got compromised is by having an identifier in the alias used to sign up on the website. This needs to be done prior the breach.

Here is what I mean.

Suppose you need to sign up on amazon, instead of using a regular alias, generate a unique alias for amazon or use an alias with amazon keyword in it for e.g [email protected].

Now if your email ends up in a data breach you will instantly recognize from the identifier which site have been a victim of breach, compromising your credentials & other sensitive details.

If you use Zohomail with custom domain you can utilize catch-all functionality to have unlimited aliases on the go. Same goes true for Cloudflare. Skiffmail allows only 4 aliases in free tier.

Gmail Aliasing

For gmail users there is a basket full of bounties 🤩. The gmail offers email aliasing in two ways:

a) Dot method

For your original address you can generate dozens of emails by putting dot in between the characters, which actually get omitted by the google.

For example all the emails sent to [email protected] will always go to [email protected]

You can use this loophole to create multiple accounts on the same website while maintaining the single inbox underhood. The service you might want to check out – gmail generator.

b) Plus method

This method again specific to gmail enable users to append unique identifier to the original address for aliasing.

For example all the emails sent to [email protected] will be sent to [email protected]. This is especially useful for identifying breached sites. You get the point.

Summary

Aliasing is very helpful in general for any user & setting them up is not any difficult job either. Email aliases help to keep the original email unexposed, aid in spam prevention & identifying breach victim sites. Managing individual alias for each service might be daunting so I would suggest to either opt in for a password manager or employ catch-all feature of zohomail or cloudflare.

If you have any questions, recommendations or want to suggest any corrections feel free to contact.

Reply via mail