this post was submitted on 04 Nov 2023
179 points (92.4% liked)
DeGoogle Yourself
7743 readers
54 users here now
A community for those that would like to get away from Google.
Here you may post anything related to DeGoogling, why we should do it or good software alternatives!
Rules
-
Be respectful even in disagreement
-
No advertising unless it is very relevent and justified. Do not do this excessively.
-
No low value posts / memes. We or you need to learn, or discuss something.
Related communities
[email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That’s what I was doing when I came up with this idea. It works well, but you have to create a filter every time you sign up somewhere. Also with mine you can screen senders (when someone new emails a label with screening, it will email them back a link to click to prove they’re human before the email is delivered).
I think Fastmail already handles this gracefully, and has all the right integrations. Why should I use your service over Fastmail?
For example, the integration with Bitwarden can generate a new username for every site you go on.
I think to an attacker, your naming allows for identification of the pattern.
Also, 100% spam identification… nothing in the world is 100%. Unless you count the verification for someone to send you an email, which I don’t know if I consider spam identification.
I’ve never used Fastmail, so I don’t know what it’s like. You’re welcome to try mine out, and if there’s something you would like me to add, I’m open to suggestions. :)
So the 100% spam block rate is talking about the prototype, which is what I was doing with ProtonMail and my Gmail account (which is where I prototyped the screening system). I’ve never gotten spam in my inbox in those places since I set up these systems. I’m not saying it’s impervious to spam, but I am saying spamming it is not really easy. If you start to get spam in a label, you can just block that label and change your address to a new label’s address for whatever account that is.
This is where I think the flaw is in your system. You wouldn’t necessarily want to give your friends [email protected]. Because once you start getting spam to it, you can’t nuke the email, because more then one person has it.
This is why one address per recipient or service makes the most sense. Not user defined, but completely random or maybe what the Fastmail automated emails do.
I suggest doing some market research before building your product/service so you are designing something that has the best fit for your consumer, and I think Fastmail handles things better than your service would right now, based upon what you’ve shared.
That’s why you’d use screening on [email protected]. Spam mail generally doesn’t have a valid Return-Path, and if it does, it’s probably not a monitored mailbox, so the spammer wouldn’t even receive the screening email, let alone follow the instructions in it.
(By not valid, I mean a return path that leads to an actual mailbox. It can be a valid email address, just a bogus or spoofed one.)
I think you are misconstruing spam in this context.
While you are right about "spam" mail not meeting valid header details or authentication, a lot of "spammy" content does - marketing emails.
fastmails aliased emails allow for users to generate unique email addresses for each individual service they sign up for. What this enables is that when that service inevitably sells that email address to another spammy, potentially legitimate, but still spammy provider. They can then unsubscribe from that alias email entirely.
What you are describing seems less focused on protecting one address from being sold and shared. I think you need to accommodate for the fact that businesses sell lists of email addresses against their users wishes. That use case doesn't seem to be met yet
You can block a label in Port87. So, if some place sells the address you gave them, you can block that label, and that address will start rejecting emails. The error response that is returned to their server is “that mailbox doesn’t exist”, so if they look at the bounce message (which they almost definitely won’t do), it will look like that email address was deleted.
Yeah but your pattern is to re use labels (eg: [email protected]). If you suggest users reuse the labels they lose their effectiveness in working as aliases.
You are designing for a different feature set, I see this, however I think you may have some blind spots with what other email inbox providers offer and what users are looking for.
Good luck on the journey, your product already seems quite feature rich :)
Yes, you would reuse a label like “friends” to give out to all your friends, but you’d also enable screening on that label, so any automated sender (spam is almost always sent by automated senders) wouldn’t pass the screening challenge, and their email wouldn’t be delivered.
So there are basically two different types of labels, one for bots and one for people. The bot ones should be single sender, something like “netflix”, and the people ones can be single sender like “davesmith” or multiple like “bookclub”, and you can enable screening on them.