Profile photo

from miller import blake

Hello, I'm a Seattle-based site reliabililty engineer, I get paid to do what I love, I like Python, I'm in an abusive relationship with JavaScript, I'm a fan of good design, and I don't think things always have to be so stupid.
You can follow me @bltmiller, subscribe via RSS, and email me.

Regain Control Over Your Inbox by Rejecting Email with a Custom Domain, Wildcard, and Aliases

Your email inbox is under daily active assault from every business out to make money off of your identity. Some large email providers popularized methods to reclaim agency over your own inbox with clever tricks like appending +companyname to your email handle (e.g. blakemiller+transunion@gmail.com), but as the war escalates companies routinely deny any email addresses that include a plus symbol, or simply strip it out unbeknownst to would-be victims. Luckily, there are still a couple options available to combat the spam overload.

Foreword

We need to acknowledge that any company denying emails addresses with a plus symbol in it are breaking RFC2822. Nearly anything is considered a valid email address. Some examples:

  • hello@world.com
  • " "@fake.domain.com
  • blake........miller@compuserve.net
  • johnson&johnson@j.j
  • "boots@pants"@edm.disco
  • #@3
  • yep+this+one+too@why.not

So why is anyone denying business just because they don’t like their email address?

Caveats

The next bastion for those looking to reclaim some agency over their inbox is a combination of two things: a custom domain name and paying for an email service. Indubitably, it’s a big trade-off from relying on the free-tier of providers like Yahoo! or Gmail, but there’s tremendous upside when you aren’t the product.

By virtue of these tactics, this approach requires a basic understanding of domain registrars, DNS, and records, which is not covered here. Proceed at your own risk, the worst that will happen is you’ll silently lose email if you misconfigure your setup.

An additional callout is that instead of managing 1 email address, you’ll (arguably) be managing N email addresses. In practice this isn’t setback, and we’ll cover the reason for that at the end of this post.

Suggested Domain Registrars and DNS Providers

Providers listed here qualified for inclusion due to:

  • competitive pricing
  • domain privacy controls
  • TLD availability
  • DNS record control
  • decent UI/UX

While the specific companies I list are providers that I personally use, any other registrar that meets the aforementioned qualifications should do just fine.

I use both Namecheap and Google Domains for purchasing domain names as well as hosting DNS. While both offer low costs, Google Domains includes domain privacy at no extra cost. However, any provider that offers domain privacy and control over DNS records will suffice. Expect to pay roughly $20/year, depending on the domain name chosen, etc.

If you like what Namecheap offers (and want to help this blog), but want free WHOIS privacy protection, get it for free by using this link or get 19% off of a .com domain purchase with this link

Or, if you prefer Google Domains, help yourself (and this blog!) out by using this link to get a discount on G Suite services.

Suggested Email Providers

Providers listed here qualified for inclusion due to support for:

  • custom domains
  • wildcard alias
  • arbitrary aliases
  • recipient-based email rejection

While the specific companies I list are providers that I could find with support, any other provider that meets the aforementioned qualifications should do just fine.

At time of writing, Fastmail, ProtonMail, Zoho Mail, and G Suite include support for bringing your own domain name. I chose Fastmail because they support other nice-to-haves like Push-IMAP and two-factor authentication (2FA), and email is their core competency. A quick word of caution when selecting an email provider: be sure that your country of residence doesn’t perform any blocking of your selected provider, as has been known to happen. Expect to pay between $5/month and $10/month.

If you like what Fastmail offers but want to limit your spend, help yourself (and this blog!) out by using this 10% discount on your first year of Fastmail.

Or if you prefer G Suite, help yourself (and this blog!) out by using this link to get a discount on G Suite services.

Workflow

Once you have your DNS records pointing to your new email provider, be sure to set up your wildcard/catch-all alias support; follow the guides for ProtonMail, Fastmail, or G Suite.

Just like that, you’ve restored your ability to tag specific companies in your email address. Instead of sharing blakemiller+transunion@gmail.com, use transunion@yourdomain.tld. This works only because we’re using an email provider with wildcard support.

Fight back

The real killer feature of this method is the decision you make once the email is leaked or appears to you as spam. First off, we must address the reality that spam happens and there’s not much we can do to permanently banish it, but we can make life more painful for would-be spammers. After all, having a list of valid email addresses is the most valuable thing to a spammer which is why services like SenderScore exist.

So TransUnion sold your email address and now unrelated marketers are spamming you? Do not mark the email as spam! Instead, create an alias explicitly for transunion@yourdomain.tld (remember: heretofore emails sent to transunion@yourdomain.tld were being delivered thanks to the wildcard alias) and set your new alias to reject the message. The sender has no recourse; there’s no +transunion to strip, there’s no way to for TransUnion to tweak their email to slip past spam filters, and their reputation just got penalized by ISPs and validators.

Conclusion

As mentioned earlier in the caveats, you are now essentially managing N email addresses where you were formerly responsible for only 1. This seems like a huge drawback, but in practice:

  • you’re capable of receiving any email addressed to @yourdomain.tld
  • everything ends up in the same inbox (by default)
  • you control your sender identity so that customer service rep from TransUnion you’re emailing never sees your personal address personal@yourdomain.tld, they only see transunion@yourdomain.tld
  • when one email gets leaked or sold, you blacklist it and create a new one

So is less than $100 a year worth some extra privacy?


comments powered by Disqus

Copyright © 2020, Blake Miller. All rights reserved. | Sitemap · RSS