What to do now that temp email services are becoming less honored

jinpa

For twenty years I have been happily using Sneakemail, which might have been the first well known disposable email service. I started off using the free version, and then was so happy with it that I transitioned to the paid service. As a cheapskate, there are very few online services I actually pay for. (They eventually did away with the free version, because so many people were so happy with it that they saw no need to progress to the paid version.

I very rarely send an email that's not through sneakemail. This includes even important emails. Some of my email addresses go back almost twenty years. The good thing is that if I start getting too much spam on an address, I can just delete it.

However, as years go by, more and more email providers and websites are refusing to deal with temporary email addresses. There's a couple of reasons why they do so:

• Free websites that want to abuse your email address can't do so if it's a temporary one.

• Some major email service providers are too stupid or lazy to distinguish between domains that are used by spammers and domains that are given to spammers as a spam control measure.

For the latter, the mishandling is completely silent. For example, Gmail will receive sneakemail emails, but will not reply to them. But the Gmail user replying to the sneakemail is not given any notification that the email was not sent. It is moved to the Sent folder and for all appearances appears to have been sent. Adding the sneakemail sender to one's contacts does not resolve the problem.

I coordinate volunteers for a non-profit so this is a question that has some importance to me.

So my question is:

If I'm losing the ability to use sneakemail (or other temporary email services), what are the alternatives for spam control? How do other people deal with the problem. Have the spammers won?

This is a post that straddles the border between a strict help request and a regular post that allows for discussion. I do not mind if it leads to general discussion, but to maintain the purity of the category, general discussion of the matter should probably be forked off to a new thread.

izzion

@jinpa said in What to do now that temp email services are becoming less honored:

For twenty years I have been happily using Sneakemail, which might have been the first well known disposable email service. I started off using the free version, and then was so happy with it that I transitioned to the paid service. As a cheapskate, there are very few online services I actually pay for. (They eventually did away with the free version, because so many people were so happy with it that they saw no need to progress to the paid version.

I very rarely send an email that's not through sneakemail. This includes even important emails. Some of my email addresses go back almost twenty years. The good thing is that if I start getting too much spam on an address, I can just delete it.

However, as years go by, more and more email providers and websites are refusing to deal with temporary email addresses. There's a couple of reasons why they do so:

• Free websites that want to abuse your email address can't do so if it's a temporary one.

• Some major email service providers are too stupid or lazy to distinguish between domains that are used by spammers and domains that are given to spammers as a spam control measure.

For the latter, the mishandling is completely silent. For example, Gmail will receive sneakemail emails, but will not reply to them. But the Gmail user replying to the sneakemail is not given any notification that the email was not sent. It is moved to the Sent folder and for all appearances appears to have been sent. Adding the sneakemail sender to one's contacts does not resolve the problem.

I coordinate volunteers for a non-profit so this is a question that has some importance to me.

So my question is:

If I'm losing the ability to use sneakemail (or other temporary email services), what are the alternatives for spam control? How do other people deal with the problem. Have the spammers won?

This is a post that straddles the border between a strict help request and a regular post that allows for discussion. I do not mind if it leads to general discussion, but to maintain the purity of the category, general discussion of the matter should probably be forked off to a new thread.

One option might be to leverage plus addressing and label / rules functionality to shunt the resold email address spam off to the bit bucket.

So you could have actualaddress@gmail.com that you use for actual mail, and when you have to sign up for something you can sign up with actualaddress+servicename@gmail.com. And then when the service resells your mail, you know who to name and shame. And Gmail will automatically apply a label based on that plus address, which you can filter on.

jinpa

@izzion said in What to do now that temp email services are becoming less honored:

@jinpa said in What to do now that temp email services are becoming less honored:

For twenty years I have been happily using Sneakemail, which might have been the first well known disposable email service. I started off using the free version, and then was so happy with it that I transitioned to the paid service. As a cheapskate, there are very few online services I actually pay for. (They eventually did away with the free version, because so many people were so happy with it that they saw no need to progress to the paid version.

I very rarely send an email that's not through sneakemail. This includes even important emails. Some of my email addresses go back almost twenty years. The good thing is that if I start getting too much spam on an address, I can just delete it.

However, as years go by, more and more email providers and websites are refusing to deal with temporary email addresses. There's a couple of reasons why they do so:

• Free websites that want to abuse your email address can't do so if it's a temporary one.

• Some major email service providers are too stupid or lazy to distinguish between domains that are used by spammers and domains that are given to spammers as a spam control measure.

For the latter, the mishandling is completely silent. For example, Gmail will receive sneakemail emails, but will not reply to them. But the Gmail user replying to the sneakemail is not given any notification that the email was not sent. It is moved to the Sent folder and for all appearances appears to have been sent. Adding the sneakemail sender to one's contacts does not resolve the problem.

I coordinate volunteers for a non-profit so this is a question that has some importance to me.

So my question is:

If I'm losing the ability to use sneakemail (or other temporary email services), what are the alternatives for spam control? How do other people deal with the problem. Have the spammers won?

This is a post that straddles the border between a strict help request and a regular post that allows for discussion. I do not mind if it leads to general discussion, but to maintain the purity of the category, general discussion of the matter should probably be forked off to a new thread.

One option might be to leverage plus addressing and label / rules functionality to shunt the resold email address spam off to the bit bucket.

So you could have actualaddress@gmail.com that you use for actual mail, and when you have to sign up for something you can sign up with actualaddress+servicename@gmail.com. And then when the service resells your mail, you know who to name and shame. And Gmail will automatically apply a label based on that plus address, which you can filter on.

I think the subject of plus addressing came up at work for some reason, and so I looked it up on Wikipedia, and it looks like not all email service providers honor it.

PleegWat

@izzion said in What to do now that temp email services are becoming less honored:

So you could have actualaddress@gmail.com that you use for actual mail, and when you have to sign up for something you can sign up with actualaddress+servicename@gmail.com. And then when the service resells your mail, you know who to name and shame. And Gmail will automatically apply a label based on that plus address, which you can filter on.

I'd recommend not using the non-plussed address at all, as it's only a matter of time for companies to 'find out' and discard the plussed part when forwarding the address to the spam department.

Gurth

@izzion said in What to do now that temp email services are becoming less honored:

you could have actualaddress@gmail.com that you use for actual mail, and when you have to sign up for something you can sign up with actualaddress+servicename@gmail.com. And then when the service resells your mail, you know who to name and shame.

What I always wonder about with that method, is what is stopping anyone with bad intentions from just stripping the + and everything after from the first part of the address. Because if somebody tells you to mail them at actualaddress+servicename@gmail.com, then you know that actualaddress@gmail.com also exists — so just add the latter to your list of addresses to spam/sell/etc. and nobody will ever be the wiser where you got it from.

I don’t think you can do the old trick of having nospam@example.org as your address with the plus-addresses, either, can you?

Parody

@jinpa said in What to do now that temp email services are becoming less honored:

If I'm losing the ability to use sneakemail (or other temporary email services), what are the alternatives for spam control? How do other people deal with the problem. Have the spammers won?

I've used the same email address for over 20 years. It gets spammed. I mark spam that get through the spam filters as spam. Actual email rarely gets caught in the spam filters, but when it does I unmark it as spam. Life goes on.

You could do your own disposable email service by paying for a domain and hosting. The one I'm on lets me make as many email accounts and forwarding addresses as I want. Make one for email you never want back and a few for legit accounts that rarely email you and you'll probably be fine.

loopback0

@jinpa said in What to do now that temp email services are becoming less honored:

If I'm losing the ability to use sneakemail (or other temporary email services), what are the alternatives for spam control? How do other people deal with the problem. Have the spammers won?

Just use Gmail. Gmail's spam protection is very good.

jinpa

@loopback0 said in What to do now that temp email services are becoming less honored:

@jinpa said in What to do now that temp email services are becoming less honored:

If I'm losing the ability to use sneakemail (or other temporary email services), what are the alternatives for spam control? How do other people deal with the problem. Have the spammers won?

Just use Gmail. Gmail's spam protection is very good.

I have an account I rarely use but it gets a lot of spam. But if I checked it every day and used your other tips, maybe it would be very low.

loopback0

@jinpa very little spam makes it into my Gmail inbox, and there's plenty in the spam folder. I do have to occasionally check the spam folder for something that's been incorrectly flagged to mark it as not spam.
Gmail is pretty good at learning. Flag the mistakes either way and it gets better.

topspin

@loopback0 said in What to do now that temp email services are becoming less honored:

@jinpa said in What to do now that temp email services are becoming less honored:

If I'm losing the ability to use sneakemail (or other temporary email services), what are the alternatives for spam control? How do other people deal with the problem. Have the spammers won?

Just use Gmail. Gmail's spam protection is very good.

I have gmail, personally.

1. I’ve previously had problems with forwarding other mail to it where gmail went hurr durr something or other isn’t configured correctly and it flat out dropped some of the mails that should’ve been forwarded to it. Not in the spam folder, no bounce to the original mail, just dropped.
2. I’m 1.5 decades older and none the wiser, but nowadays I wouldn’t recommend to anyone giving google more data.

loopback0

@topspin said in What to do now that temp email services are becoming less honored:

2. I’m 1.5 decades older and none the wiser, but nowadays I wouldn’t recommend to anyone giving google more data.

It doesn't cost me money so I consider that the cost for how well it works. The alternative is paying another company and trusting they aren't doing the same, or setting up my own and managing the spam protection myself.

HardwareGeek

@Parody said in What to do now that temp email services are becoming less honored:

You could do your own disposable email service by paying for a domain and hosting. The one I'm on lets me make as many email accounts and forwarding addresses as I want.

I do something similar. I have a catch-all inbox, so any random-junk@my-domain.com email goes there. This allows me to just invent single-purpose addresses on the spur of the moment. It's a valid address; I can decide later whether I want to keep or filter whatever I get at that address. Generally, the local part contains initials or other hint of who I gave that address to. For example, on the rare occasions I get spam with a To: address ending in "ad", I know the spammer got the address from the Adobe data breach a decade or so ago. Similarly for "li"; it came from LinkedIn. (Unfortunately, this doesn't work as well as I'd like it to, because too many people, including spammers, already have my real address.)

Gern_Blaanston

20+ years ago I registered a domain name consisting of my initials and last name (e.g., jmsmith.com) and signed up with an e-mail hosting company. It was really nice being able to have any name I wanted on my e-mail. Everything was fine till a couple of years ago when they started raising their prices by a large amount.

I tried a couple of other e-mail hosting companies but they all sucked and were just terrible. I even tried going back to the company I was originally with, figuring that I would just pay the higher price, but they seem to have completely gone to shit just like everyone else.

So I switched over to a Gmail account that I setup years ago but rarely ever used.

As much as I really want to hate Google, everything has gone smoothly, everything works reliably and I have very few instances of things being incorrectly flagged as spam (something that seems to be a huge problem with a lot of other e-mail hosting companies).

And it is free. Even if Google started charging for Gmail I would probably pay for it as long as they maintain the same level of service. I still own my domain name, just in case, but I probably will never use it.

jinpa

@Parody said in What to do now that temp email services are becoming less honored:

You could do your own disposable email service by paying for a domain and hosting. The one I'm on lets me make as many email accounts and forwarding addresses as I want.

What domain/hosting service do you have? Are you happy with it? Were there any surprises?

Parody

@jinpa said in What to do now that temp email services are becoming less honored:

@Parody said in What to do now that temp email services are becoming less honored:

You could do your own disposable email service by paying for a domain and hosting. The one I'm on lets me make as many email accounts and forwarding addresses as I want.

What domain/hosting service do you have? Are you happy with it? Were there any surprises?

I use A2Hosting to host my personal website along with one for a club. I pay about $100 a year. I haven't had any problems with them but I'm also not trying to do anything exciting. (Look, Ma: PHP! A PWA that doesn't use an online database! Umm...fonts?)

They have spam filters on the server that I ended up turning off. IIRC, they were eating two-factor emails they hadn't seen before, but you can probably adjust the filter to be less aggressive instead. Alternatively, set up a GMail that reads your other email addresses and let it filter everything, if you don't mind Google reading your mail.

LaoC

@Gurth said in What to do now that temp email services are becoming less honored:

@izzion said in What to do now that temp email services are becoming less honored:

you could have actualaddress@gmail.com that you use for actual mail, and when you have to sign up for something you can sign up with actualaddress+servicename@gmail.com. And then when the service resells your mail, you know who to name and shame.

What I always wonder about with that method, is what is stopping anyone with bad intentions from just stripping the + and everything after from the first part of the address. Because if somebody tells you to mail them at actualaddress+servicename@gmail.com, then you know that actualaddress@gmail.com also exists — so just add the latter to your list of addresses to spam/sell/etc. and nobody will ever be the wiser where you got it from.

You need to do what @PleegWat said and never use the "bare" address at all, then you can just filter anything that reaches it to spam and, spam filter permitting, automatically blacklist the sender.
The biggest problem with plus-addressing is the amount of morons who use mail "validation" regexes copied from SO and keep telling you an address with a plus can't possibly be a valid email address. So I've got Postfix configured to accept either + or - as a separator, and one of those always works.

I don’t think you can do the old trick of having nospam@example.org as your address with the plus-addresses, either, can you?

Removing nospam is really easily automated so I suppose that's why nobody does it any more. You could use blah+nospam@foo.org or something but the chance people will fuck it up and not be able to communicate with you is even higher than with the original method.

HardwareGeek

@LaoC said in What to do now that temp email services are becoming less honored:

either + or - as a separator, and one of those always works

Back in the day, I tried to register an account with Sun. I never succeeded, because it would not accept a hyphen in either the local part or the domain, even though it's legal in both.

LaoC

@HardwareGeek said in What to do now that temp email services are becoming less honored:

@LaoC said in What to do now that temp email services are becoming less honored:

either + or - as a separator, and one of those always works

Back in the day, I tried to register an account with Sun. I never succeeded, because it would not accept a hyphen in either the local part or the domain, even though it's legal in both.

Yeah, Sun. Checks out.

BernieTheBernie

@loopback0 said in What to do now that temp email services are becoming less honored:

managing the spam protection myself

The spam filter of gmx.de is also quite good.

BernieTheBernie

@HardwareGeek said in What to do now that temp email services are becoming less honored:

@LaoC said in What to do now that temp email services are becoming less honored:

either + or - as a separator, and one of those always works

Back in the day, I tried to register an account with Sun. I never succeeded, because it would not accept a hyphen in either the local part or the domain, even though it's legal in both.

Try that with Yahoo!

Gurth

@LaoC said in What to do now that temp email services are becoming less honored:

I don’t think you can do the old trick of having nospam@example.org as your address with the plus-addresses, either, can you?

Removing nospam is really easily automated so I suppose that's why nobody does it any more.

Yes. That’s not the point — the point is to have an email address that becomes invalid (or at least non-existent) once the obvious anti-spam text is removed. If my actual email address were gurthnospam@example.org, and there is no gurth@example.org (or somebody else than me uses that address, anyway), good luck spamming me after your nospam-remover does its thing — let alone if my entire address is nospam@example.org. (Of course, I would still get spam from those who don’t bother to remove the nospam, or just send to both, but you can’t win them all.)

dcon

@Gern_Blaanston said in What to do now that temp email services are becoming less honored:

20+ years ago I registered a domain name consisting of my initials and last name (e.g., jmsmith.com) and signed up with an e-mail hosting company. It was really nice being able to have any name I wanted on my e-mail. Everything was fine till a couple of years ago when they started raising their prices by a large amount.

That's what I did too. Well, my domain is named after the open software I developed/distributed back in 2002, not after myself. I started with Yahoo then moved to GreenGeeks - been pretty happy with them. (Can't remember any really large price increases...)

PleegWat

@Gurth I read years ago that spammers will try all kinds of addresses. Like, if they have a confirmed entry for gurth@gmail.com they will go ahead and add gurth@hotmail.com to their lists as an unconfirmed address. So I'm sure they'll do the with-and-without-nospam thing as well.

Gurth

@PleegWat Probably. Which is why I’d say the only one worth trying that trick with, is plain nospam@domainyouo.wn.

HardwareGeek

@PleegWat said in What to do now that temp email services are becoming less honored:

I read years ago that spammers will try all kinds of addresses. Like, if they have a confirmed entry for gurth@gmail.com they will go ahead and add gurth@hotmail.com to their lists as an unconfirmed address.

Years ago, I created an account with Yahoo!, because . Within minutes of creating the account, never having given the address to anyone (except Yahoo! itself, to create the account, of course), I started getting spam.

dangeRuss

@jinpa use Google apps. I get almost zero spam.

jinpa

@dangeRuss said in What to do now that temp email services are becoming less honored:

@jinpa use Google apps. I get almost zero spam.

Google apps looks like it's a general category, not just email.

dangeRuss

@jinpa said in What to do now that temp email services are becoming less honored:

@dangeRuss said in What to do now that temp email services are becoming less honored:

@jinpa use Google apps. I get almost zero spam.

Google apps looks like it's a general category, not just email.

Well you put your domain on it and you get email, etc. Was more worth it when it was free back in the day, but if you're willing go pay, you could probably just pay for a single account with a catchall.

DogsB

@BernieTheBernie said in What to do now that temp email services are becoming less honored:

@HardwareGeek said in What to do now that temp email services are becoming less honored:

@LaoC said in What to do now that temp email services are becoming less honored:

either + or - as a separator, and one of those always works

Back in the day, I tried to register an account with Sun. I never succeeded, because it would not accept a hyphen in either the local part or the domain, even though it's legal in both.

Try that with Yahoo!

God, does anyone remember it took them a decade to confirm they were compromised. Anyone who created a new account and started receiving phishing attempts immediately could have put two and two together.

*edit by @HardwareGeek .

DogsB

@dangeRuss said in What to do now that temp email services are becoming less honored:

@jinpa said in What to do now that temp email services are becoming less honored:

@dangeRuss said in What to do now that temp email services are becoming less honored:

@jinpa use Google apps. I get almost zero spam.

Google apps looks like it's a general category, not just email.

Well you put your domain on it and you get email, etc. Was more worth it when it was free back in the day, but if you're willing go pay, you could probably just pay for a single account with a catchall.

That’s what I ended up doing. I went with hover for the domain and soverin.net for the mail hosting. Probably selling my details to the russians.

Keep a gmail for recruiters though.

I also have burner phones for sites that I don’t want to give my number out to. If eSim uptake was better this would be easier but I have to settle with cheap dual sim phones.