I’m looking into getting some domains for email, so I don’t need to use the same few addresses for everything. In doing this, the domain name itself becomes the identity, but it’s also entirely arbitrary.
What is a good method to choose domain names so that they look more or less normal? Catch all addresses can of course be detected in SMTP, but the idea is just to not look suspicious. Would anyone be comfortable sharing the constructions they use? (though not the domains themselves, for obvious reasons) Should I use subdomains for the things that can safely be correlated, (as spam defense) or is it better to only use different mailboxes on one domain?
You must log in or # to comment.
I’m looking into getting some domains for email, so I don’t need to use the same few addresses for everything.
Getting a custom domain for email is smart. It’s a necessary step given how data is treated these days. The domain becomes your identifier, but it’s essentially arbitrary. I switched from sharing a single email address (which predictably led to breaches and spam) to creating dedicated emails for each service. Now, when an account gets compromised, I just redirect that email to oblivion. It’s a clean break, and a strangely revealing look at how online identities get resold and repurposed. Worth considering.
I set up my postfix server so that anything after a hyphen (“-”) becomes a wildcard. It like Gmail’s “plus addressing”, but the hyphen is more subtle. It means multiple users can make infinite aliases on one domain.
So, “user@domain.com” has the same mailbox as “user-somesuffix@domain.com”.
How did you do that?
I’m not OP but I use mailcow to host my mail and it comes with the + aliases by default. So mail+google@example.org goes to mail@example.org.
You can also do fully random aliases on demand, both time limited and permanently. Useful for those few services that do not accept + in their email fields.
Plus adressing is not only gmail but part of the E-Mail standard btw.
Something you can remember…
Catch alls are most useful when you are away and you need to give an email out. If you can’t remember the domain that becomes a pain.
Use an email alias. Domains are not connected to you. Shared with thousands of other people.
I just use a single catch-all account in my existing domain. If you send an email to my primary address it just goes to my primary box. If you send an email to my secondary address it goes to my secondary box. If you send an email to anything else it goes to my catch-all box.
Rumba@mycustomdomain.com Skips the catch only goes right to me.
Intel@mycustomdomain.com Go straight to the catch-all
I don’t have to pre-make them I simply use anything that doesn’t exist.
Look into https://simplelogin.io/
They make creating random aliases for custom domains like this easy.
As for the domain name itself, anything that already looks like a mail service is good. “examplemail.com” or “mailexample.com”
I went to expireddomains.net and searched for ones ending in “__mail.net”. Found a good, short domain that was once a regional ISP and email provider 15-20 years ago. (I still get spam for some of their old subscribers.).
I do not use subdomains for this one. Generally, I combine a simple name with a number for the mailbox name. Like “johnathan2715@zzzmail.net” if I think it needs to look like a real name, or some other word like “giraffe1238” or something like that.
It’s working great.
Finding previously existing services is a great idea, thanks for the link. Here’s hoping I don’t get too much spam as a result. (but at least I can block individual customers addresses)
All of me and my family’s domains have a subdomain for signing up to stuff. They all have a catchall and we just signup with service.tld@subdomain.example.com. Anything that gets misused gets blocked.
