The Catch-All Email Address | One Benefit Of Having Your Own Domain

avatar
(Edited)

The Problem:

Every time you use your primary email address to sign up for a website or service, you are either giving that service permission to regularly email you or worse yet, leak your email address to spammers.  You are also using the same login address for every service.

 

The Solution:

What if there was a way to create a unique email address for every site you visit, without having to create a unique account on a mail service like Gmail?  You would then be able to identify who the culprit was that leaked your email address and more easily create filters to stop it.  The answer is a catch-all or wildcard email address.

 

What you need to do:

 

1. Register a domain name. 

There are a lot of sites where you can register a domain name.  I personal use Ionos to host my website and domains, and they make editing your DNS records easy.  Upon registering your domain, you should be given a DNS configuration panel where you can add the MX (DNS Mail Records) for your domain.

Once you have a kickass domain name, like website.com, you then need to:


2.  Sign up for an email service that allows wildcard address. 

Google GSuite does have this functionality, but I prefer a more privacy and security-focused email service like Protonmail.

Protonmail makes the process very easy.  First you create an email address (it can be either a primary or a backup address) and point the DNS of your DNS Registrar/hosting provider to Protonmail.com.


3.  Set the MX record for your domain to point to that email service.


The MX records as appearing in IONOS.
Here are the MX records as recognized by Protonmail.

4.  Configure a new email address to be used for the wildcard or catch-all.


Under your Settings - Domains, you simply check the box next to the address you'd like to be the catch-all address.

For more information on setting up a Catch-All or Wildcard address in Protonmail, go to:

https://protonmail.com/support/knowledge-base/catch-all/


5. Create emails as you go  

Whenever you sign up to a new site, simply create an email address for that site on the fly.  Some examples include:

You will not need to create these email addresses via your email service.  You simply make them up at the time you sign up for the website.  With the catch all set, any emails to a wildcard address will simply show up in your designated inbox.


6.  Some pitfalls and suggestions

  • You may get some emails destined for wildcards you didn't create, so pay attention to the destination address. 
  • It is a good idea to make a record of each wildcard you create, so you can verify it is valid.
  • Never click on a link or open an attachment sent to a wildcard unless you've verified its validity to avoid phishing and other forms of attacks.
  • Use a password manager to track your multiple login IDs.


Posted from my blog with SteemPress : https://joshman.com/the-catch-all-email-address-one-benefit-of-having-your-own-domain


0
0
0.000
16 comments
avatar

Congratulations @joshman! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

You distributed more than 25000 upvotes. Your next target is to reach 26000 upvotes.

You can view your badges on your Steem Board and compare to others on the Steem Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

To support your work, I also upvoted your post!

You can upvote this notification to help all Steem users. Learn how here!

0
0
0.000
avatar

Yup, that's perfect with ProtonMail. I was planning to do the same and now your demo made things even easier for me :)

0
0
0.000
avatar

Awesome, let me know if you run into any problems!

0
0
0.000
avatar

Good info! But what if you only need to use an email address so they can ‘confirm’ it before they send you the info you really want from them, but never care to hear from them again? I use a service like trashmail.com. It creates a temporary email address that lives for only so many uses or some long a time, after which it just goes away! Once you get the info you need, you never have to worry about it again. Problem solved! There are even similar apps for your phone and tablet. So let’s start filling those spammer databases with useless addresses :)

0
0
0.000
avatar

Thanks, I will check it out! That sounds like a great solution for those cases that don't require any persistence in maintaining of the account, and where you don't wish to interact with them ever again.

0
0
0.000
avatar
(Edited)

Other things I do is have one email for personal business, gmail with an obscure name for newsletters and such, google voice set on ‘do not disturb’ for when they want a phone number but I don’t want them to have my cell yet may want texts. I also have a number that always says “We’re sorry but all circuits are busy now. Please try your call again later.” It’s a telco number that every local central office has for linemen to test lines (remember those?). If they insist on having a number, I give them that one :). You can find it by dialing xxx-9999 where xxx is the same as your local telco business office number. Then try the next few numbers down - 9998, 9997, etc. This was an old ALT-2600 hack.c

0
0
0.000
avatar

One small pitfall is when you must reply from the wildcard address. Some password recovery schemes do not expect replies from email addresses other than the one they have on record. But this is not usually an issue because well written recovery schemes just use recovery links, not reply emails.

Another small pitfall is when sites use gravatar. You have to jump through a few hoops with wildcards, but it’s not too bad.

0
0
0.000
avatar

That is an excellent point! I strive to have at least one free email account open for that or any other possibility. In that case I could temporarily create the reply from account and then delete it after I am done.

I've never used Gravatar, but that definitely might be of interest to folks that do.

Thanks for your input!

0
0
0.000
avatar

Interesting concept. If you reply what email address is used?

Posted using Partiko Android

0
0
0.000
avatar

Thanks, it would originate from whatever the catch-all address was.

0
0
0.000
avatar


This post has been voted on by the SteemSTEM curation team and voting trail. It is elligible for support from @curie.

If you appreciate the work we are doing, then consider supporting our witness stem.witness. Additional witness support to the curie witness would be appreciated as well.

For additional information please join us on the SteemSTEM discord and to get to know the rest of the community!

0
0
0.000
avatar

For Step 1, are there any good options that accept cryptos? (I've been ejected from the legacy banking system completely.)

0
0
0.000
avatar

Greetings friend @joshman.

This is a rather ingenious option. I wonder how you came to this conclusion?
I would never have thought so, the process seems somewhat complicated although with your explanations I think I can dare to do it.

Did you have many unpleasant experiences with these unwanted emails?

Thanks for sharing.

All best, Piotr.

0
0
0.000
avatar

I have been in IT a long time and it's one of those nifty things you just pick up.

The point is you can direct unwanted emails to an inbox of your choosing, and the best part, it's easy to figure out who leaked your email address in the first place. Additionally, if you use a unique sign in email for each account, it's harder to figure out what the account name is to hack. When using your primary email, it's easy.

Posted using Partiko Android

0
0
0.000