nixers
The new promise I made to myself - Printable Version
+- nixers (https://nixers.net)
+-- Forum: General (https://nixers.net/forumdisplay.php?fid=3)
+--- Forum: Psychology, Philosophy, and Licenses (https://nixers.net/forumdisplay.php?fid=28)
+--- Thread: The new promise I made to myself (/showthread.php?tid=437)
Pages: 1 2


RE: The new promise I made to myself - robotchaos - 06-04-2017

Yeah, I came up with it to help weed out spam and unnecessary accounts. Stale accounts seem to be just as dangerous ( in terms of spam ) as posting your address on the web. So I wanted an alias scheme that I could use to help battle both.

Glad you guys like it. It has helped me a lot. So I wanted to share.


RE: The new promise I made to myself - robotchaos - 06-04-2017

Thought of a modification as well. Combining both. I used to use the different aliases for different types of accounts: games for game accounts, media for media accounts, apps for buying/downloading apps, etc. This way I never had to remember an address, I could tell by the site/service I was attempting to use. For instance, if I forgot my netflix login, I could ask myself, which email would I have used for this? Duh -- media.

So in order to combine the yearly and keep the addresses separate, you substitute the x in the year alias, x7e1, for the initial or word for the account. g7e1 or games7e1 ( i prefer less typing ), m7e1 or media7e1, a7e1 or apps7e1.

I think I may very implement the initialed account-based alias idea instead of the generic x7e1.

Thoughts?


RE: The new promise I made to myself - z3bra - 12-01-2019

I'm bumping this thread because this is the exact question I'm asking myself right now.
I just finished setting up my new email server because my provider dropped. It means I can have as many aliases I want, for whatever I want. I know that in order to fight spam, I'll use multiple email accounts, so when an address is leaked, I can simply know who leaked it, blacklist it, and switch the email from the original service

I'm stil undecided though, between the following ideas:

* One email for online account, one for mails: login@ / z3bra@
* One email per service name: amazon@, nixers@, suckless@
* One email per service type: shop@, forum@, news@
* The above, with +addressing: login+nixers || z3bra+amazon@ || z3bra+news, ...

The plus addressing is nice in that I don't have to use a "catchall" address for my domains, or setup new aliases each time I need one, as they all end up automatically in the z3bra@ mailbox.

The main problem I have with all the above, is that I'm affraid to forget which email I used for a service, and having to somehow manage a list of aliases I use.

What do you guys think?


RE: The new promise I made to myself - venam - 12-01-2019

(12-01-2019, 06:02 AM)z3bra Wrote: The main problem I have with all the above, is that I'm affraid to forget which email I used for a service, and having to somehow manage a list of aliases I use.

The advantage of owning your own server is that if you ever need to recreate an alias you can simply do so without any issue. As for remembering the aliases you can search through your inbox filtering by "to".


RE: The new promise I made to myself - gaak - 14-01-2019

(12-01-2019, 06:02 AM)z3bra Wrote: * One email for online account, one for mails: login@ / z3bra@
* One email per service name: amazon@, nixers@, suckless@
* One email per service type: shop@, forum@, news@
* The above, with +addressing: login+nixers || z3bra+amazon@ || z3bra+news, ...

Anti-spam does not seem like a good place for zero-config -- the less individuated the anti-spam measures, the more monoculture the overall system.

Procmail + catchall has lots of flexibility to:
* allow time-delimited emails as per robotchaos
* create non-brute-force-able emails, e.g. a hash
* enforce notification windows (too many emails, too few)

The more non-standard our mail systems, the better off we all are in this war against spam.


RE: The new promise I made to myself - z3bra - 15-01-2019

I finally decided to go with <service>@domain.tld.
In the end, I think that trying to receive zero spam is a lost cause, that can only be achieved by not having an email address.
In this case, if an email leak, I can know who leaked and fill a report against that website.

If I start receiving spam I can blacklist the domain if it's a single one, or train spamassassin by putting it in junk.

I'll also subscribe to a bunch of blacklist amd setup a BGP peering to retrieve a dynamic blacklist and block them with pf directly.

Finally, I added a spamtrap/honeypot on my website so I get spammers to send mails to that address first and greylist them right away, which has the added benefit to waste their resources (thank you spamd!)

Thanks everyone for your advices :)


RE: The new promise I made to myself - venam - 15-01-2020

An update on this.
I've been doing the aliasing per year idea for the past 3 years so far.
I've noticed that I do not receive random spam emails anymore, however I receive spams from services I explicitly know I've subscribed to and I can't find a solution to that as even if I change the alias I want those services to contact me for other things.

So this more or less is all about promotional emails from shopping websites. Kind of annoying but you get over it.
Anybody has a similar story?


RE: The new promise I made to myself - z3bra - 15-01-2020

I started using aliasing last year too. To be fair, I lost myself on the way…
At first I was creating a new alias for each service (think facebook@, tinder@, youporn@, …). It worked great until I started forgetting the alias name (was is "tom-tom-sport", "tomtom-sport", "tomtomsport", …?). After that I started using categories (shop@, porn@, …), which effectively blurred the line even more.

Add to that all the "real life" emails that are not really tied to a service (insurance-car@ or electricity-bills@), and you get the cluster fuck that my email system now is:

Code:
$ grep -hrE "Delivered-To: .*@${domain}"  ~/.cache/mail | sort | uniq | wc -l
38

Hopefully, I can still get an exhaustive list of my aliases by doing, and try to clean things up.

Over a year, none of the services I subscribed to leaked my address as I never received a spam on any of these aliases (which thus makes me totally reconsider the use of aliases as a spam protection…).
This however has the advantage of making it easy to sort emails, based on the To: address.

Regarding the spam themselves, they keep happening. All the "legitimate" spam (as in, offers from services like netflix) tend to include an unsubscribe link that I use whenever I receive such spam. Sometimes, they stop sending me offers :)
For "illegitimate" spam (grow your dick, ransoms for videos of me masturbating, …), spamassassin does a pretty good job at catching them, and move them to my "junk" folder. The fact I set up a spamtrap also helps blacklisting crawlers.

The thing I have the most difficulties with are "legitimate" emails addressed to the previous owner of the domain. As I use a catchall to redirect ALL mails to my main one, I regularly receive reminders that all beer orders must be passed before end of month, or stuff like that, sent to something like fjkldqjfmsd@domain.tld.
I tried to report it to the company (for which the website is ALL icelandic btw…), and never got an answer. I also receive offers from a supermarket in iceland, and I could not find the "unsubscribe" link in there.

So overall, I'd say using multiple aliases is not a great measure against spam, but can be a good organisation method for you if you can commit to it efficiently. Be aware that it requires a lot of discipline though.