this post was submitted on 31 Dec 2023
99 points (91.6% liked)

Selfhosted

40439 readers
699 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Started to move off Google's services to proton:

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 26 points 11 months ago (3 children)

If you have Proton Premium point your domain to SimpleLogin and use it. Its included with Proton Premium. Its helped me root out 2 places so far that have sold my email address or were compromised and failed to disclosure.

[–] [email protected] 11 points 11 months ago (2 children)

i also use proton, but i just use a custom address with every unique vendor/account. i know almost immediately who sold my address. it also prevents hacked systems from matching addresses in other systems.

[–] erev 4 points 11 months ago (2 children)

For anyone who wants to do this easily: afaik (ymmv) most mail systems will accept aliases to your account if you put a + after your email username. for example, if you're [email protected], then [email protected] would still route to your inbox but you'd be able to see that it was sent to a different address than your own. i do this for any email i put into a website I don't trust (which is most) and if you use the company name it's a really easy way to see who sold your data

[–] [email protected] 21 points 11 months ago* (last edited 11 months ago)

For a spammer it literally takes less than ten seconds to clean a list of one million addresses from "plus addresses" and get back the original one without the source. Only amateur spammers use raw lists without any sanitization

[–] [email protected] 15 points 11 months ago

Just be aware that it’s not guaranteed - I’ve had services remove everything after the ‘+something’ on my email address. Some will also not see that as a valid email address, depending on how they do their input validation.

[–] [email protected] 3 points 11 months ago (1 children)

Yes that's what SimpleLogin does and its part of the Proton umbrella. You can use your own custom domain or a SimpleLogin domain to create email addresses. It also enables you to send from the custom addresses so the end user never learns your true email address. SimpleLogin also has mobile apps so you can create addresses very easily.

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago)

yeah, its like what i do, but with more steps. i guess it makes reply addressing slightly easier, but ive found i rarely need send to most of my vendor addressing

[–] [email protected] 3 points 11 months ago (2 children)

Serious question, why SimpleLogin vs Proton aliases?

[–] [email protected] 9 points 11 months ago (2 children)

You cannot turn off the proton aliases, one of my aliases (those with +) got compromised and I’m still getting phishing emails on that one. You can create a rule for that mail but you cannot completely disable it. There is also Proton Pass which does the same as SimpleLogin and also stores Passwords. You should check it out as well.

[–] [email protected] 1 points 11 months ago

Ahh, okay, that makes some sense. Thanks!

[–] [email protected] 5 points 11 months ago (1 children)

if youre running a full domain, you dont even need to manually create alias' unless you need to reply/send as.

i've found i rarely need to do that, so you can literally just use an email address literally off the top of your head, have it all forwarded to a catch all and youre done. none of this extra service stuff. again, unless you require 'send as/aliasing'.

[–] [email protected] 2 points 11 months ago

Yeah, my bad, that's what I do - so I just wasn't sure what the benefit of SimpleLogin was...fully open to admit maybe I'm missing something though.

I basically create an email alias for every service I use and when leaks happen I know exactly who the offender is - which is nice...I guess.