Welp I guess this is the perfect example of companies not deleting your credentials and account info when asking for it… I deleted my Notion account several years ago. And completely randomly today got an email from them about data retention, assuming this is one of those “important” emails they have to send out. Sadly, years ago I wasnt using email-aliases like I am today, so still stuck with them having my email. Fuck I hate this so much. Thought I’d just share this lesson, use alises my friends!
Back when I used self hosted mail, I wrote an extension that requested a new alias based on the domain of the website.
Like [email protected]
If the site got compromised I would update the random characters.
I still have 800+ aliases left over from this. But after moving to hosted mail I never updated the extension.
Surprisingly little known fact, email addresses actually have the concept of aliases built in (and it’s relatively well supported despite being a bit niche):
[email protected]
Will end up in the inbox of
[email protected]
But will retain the alias in the To field
The downside is that if a sender is particularly shitty it could detect this and remove the alias again.
This is what I use today. However spammers can easily remove the plus address to send email normally so isn’t quite so effective.
What frustrates me is so many websites strip the ‘+’ from the address, either as inline JavaScript or even worse, after submission.
Note: not every provider supports this.
Also, gmail addresses ignore periods. [email protected] and [email protected] will end up in the same inbox