erebion

Probably, but building all that takes far more effort than adding an alias. Or many.

No, it cannot know for sure whether the first email is spam.

Can you elaborate on the benefit of using a random string for your secret/true inbox?

Something obvious like “inbox@” or “hello@” would get a lot of spam, a random string does not receive spam as spammers usually do not send anything to my random string. :)

Is it so that if it’s ever compromised you can just spin up a new random string as your new inbox, point all your aliases to the new one, and burn the old one?

I doubt it’ll ever get compromised, as I don’t use this emailadress anywhere. It’s just internal for my emailserver. I could also have it drop that all in a specific folder of my personal emailadress, but that’s how I’ve set it up. Should I ever receive spam there, I’d set up a new random string and fix my aliases to point there.

But again, highly unlikely that this should become necessary.

Same question, how do the random characters after the company name benefit you? Is it so that if you want (or need) to continue using that particular service after a data leak, then at least you can update your profile to company_name-[different set of random characters]?

No, it’s just so that I receive less spam. Imagine you use corp@example.com at a website, that gets leaked. Someone could have the idea, looking at this, that they could use this to find out where you have accounts by seeing whether emails get rejected from the mailserver or not and they could also just flood you more easily by just sending thousands of emails to every $companyname@example.com.

For a short while, I had it without, but this way I got some spam, which is solved now.

I’m pretty sure it was a general GrapheneOS room, but as said it’s been a while, so idk.

At least asking the question did not seem wrong.

I’ve once enabled a catchall in addition just to test and got spam, then I turned it off again. Seems you got lucky. Overall if you use catchall and later run into spam issues, it gets much harder to get rid of it, as you cannot turn off the catchall if you don’t even have a list of aliases to still let through.

Well, in my case I just add an alias to my mailserver each time. Your mail-eage may vary.

I don’t want to use plus signs as that always let’s anyone kow what the real address is.

I forward those emails to an address which is random. For example: udhxhdjeiwk@example.com

This address is never used anywhere. So I know all emails appearing there aren’t spam but from the original sender.

Each alias looks like this: company_name-[eight random character/numbers]@example.com.

If I ever get spam, I simply delete my account at the company, as they had leaks (I often know way before Have I Been Pwned) and delete the alias. This way I have no spam (only on my personal address, which I hand out).

I also feel concerned about GrapheneOS. Here’s why.

I got banned from the GrapheneOS Matrix chat simply for asking a question, it was worded similar to this:

“Hey there! GrapheneOS is cool. I noticed CalyxOS added support for eSIM, are you planning to add that as well?”

The post got deleted, I thought I had not sent it and posted it again. It was deleted again. I asked something along the lines of “Wait, where has my question regading eSIM support and doing the same as CalyxOS gone? Seems to have disappeared, lol”.

THAT was also deleted.

Then I posted something along the lines of “Huh, my questions seem to be disappearing”.

That was NOT deleted.

Then I asked something like “Anyway, are there plans to add eSIM support just like CalyxOS? :)”.

That was ALSO deleted.

I got a private message from a mod saying I was banned.

That was alle the interaction I ever had with the GrapheneOS project. I might have started contributing, but I could not even ask a simple question. It seems that they don’t like it if you mention any other custom ROM, I guess.

(This has been a while ago, so I don’t remember my precise wording)

I host email using Stalwart, in case anyone is looking for something that is really easy to set up and maintain.

Don’t use Catchall, this can lead to a lot of spam, as ANY address on your domain will be accepted, making it even easier for spammers guessing valid addresses.

I only ever had had a website reject my domain once, in around 15 years of using my own domains for email. I just signed up at another website providing the same service.

Forgot to mention that it needs really low resources. Meanwhile Matrix feels sluggish even on pretty recent hardware. Seems to be a fundamental issue with how it’s designed.

I thought I know all chat systems by now, but that one is new to me. :D

Does it use some open protocol and has different clients to choose from?

It always depends strongly on the use case, so I don’t mean the following as “use this”. Matrix has got me back into XMPP. And I was suprised how much that has improved. Ten years ago it wasn’t usable on mobile devices and people used OTR (I can re ommend trying it again to everyone who’s used it years ago and hasn’t tried it since), now I just use it for my day to day communication with family and friends. My family does not know the term “XMPP”, but they know they have to use an app called Snikket to reach me and they’re pretty happy with the reliability. However, people have different neeeds and threat models, so I am not recommending it blindly.

Looking at all the issues Matrix has had for years and is still struggling with, I’m not suprised people prefer to use something else. I’ve been using Matrix since 2017 and I feel like things don’t improve much, unfortunately.

The only winning move is not to play.