mstdn.io admin @admin

Recent searches

Search options

Only available when logged in.

**Ryan Castellucci** @ryanc@infosec.exchange · Nov 20, 2024

Nov 20, 2024

Ryan Castellucci @ryanc@infosec.exchange

2021: Techbro cold emails me about his startup using a unique email address generated on my website.
2024: Getting spammed at that specific address.

I report it. Email provider abuse dept says they're investigating, as they require opt in.

I sent them the 2021 email and web logs from bro's visit.

**deutrino** @deutrino · Nov 20, 2024

Nov 20, 2024

deutrino @deutrino

@ryanc get his ass

**dilbert 1** @sun@shitposter.world · Nov 20, 2024

Nov 20, 2024

dilbert 1 @sun@shitposter.world

@deutrino @ryanc this happened to me from some shitbag whose tool I signed up for from hacker news. I use a unique email for every signup

deutrino @deutrino@mstdn.io

@sun do you use plus-addressing for uniqueness or do you have a better solution? @ryanc

Nov 20, 2024, 09:30 PM·

0boosts·0favorites

**dilbert 1** @sun@shitposter.world · Nov 20, 2024

Nov 20, 2024

dilbert 1 @sun@shitposter.world

@deutrino @ryanc I run my own domain and it's a catchall so anything to my domain goes to the same box. so I do like:

google.com@mydomain.tld

and I give it to google

then if they abuse it I See it

**deutrino** @deutrino · Nov 21, 2024

Nov 21, 2024

deutrino @deutrino

@sun @ryanc kinda thinking I should get a domain solely for email and do exactly this, I don't have a catch-all currently so I use plus addressing which is not great

**dilbert 1** @sun@shitposter.world · Nov 21, 2024

Nov 21, 2024

dilbert 1 @sun@shitposter.world

@deutrino @ryanc i pay for fastmail behind it bc running your own mail is like owning a pit bull, you tell everybody how its not bad at all and then one day it rips the face off your baby

**deutrino** @deutrino · Nov 21, 2024 *

Nov 21, 2024 *

deutrino @deutrino

@sun @ryanc Fastmail is good, I do the same with a provider with no servers in Five Eyes countries, but I was with Fastmail before that. I just never had figured out / changed my custom to do what you describe. I don't have catchall turned on for any domains, but my provider can do it. and yeah... zero desire to run my own email infra

edit: I usually do a unique plus address but tons of sites break on inclusion of a + in an email address

**Ryan Castellucci** @ryanc@infosec.exchange · Nov 21, 2024

Nov 21, 2024

Ryan Castellucci @ryanc@infosec.exchange

@deutrino @sun@shitposter.world running an actual catch-all will trigger anti-fraud systems sometimes, and yes they can and will check.

**fiat voluntas tua** @scathach@stereophonic.space · Nov 21, 2024

Nov 21, 2024

fiat voluntas tua @scathach@stereophonic.space

@sun @ryanc @deutrino I have a setup just like this with Migadu, it's fantastic and 100% the best way to do email

**Eliot Lash** @Eliot_L@social.coop · Nov 20, 2024

Nov 20, 2024

Eliot Lash @Eliot_L@social.coop

@deutrino @sun @ryanc There is a free service for making burner self-destructing forwarding emails at https://www.spamgourmet.com that's been around for a long time. I use it sometimes but honestly Gmail spam filtering is so good nowadays I haven't bothered much unless it's something sketchy.

www.spamgourmet.comspamgourmetspamgourmet provides email addresses that get created automatically the first time they are used, forward messages, and then automatically expire.

**Nudhul** @Nudhul@shitposter.world · Nov 20, 2024

Nov 20, 2024

Nudhul @Nudhul@shitposter.world

@Eliot_L @deutrino @sun @ryanc yeah its real swell...

**dilbert 1** @sun@shitposter.world · Nov 20, 2024

Nov 20, 2024

dilbert 1 @sun@shitposter.world

@Eliot_L @deutrino @ryanc I want to know who signed me up for the spam so someone can mail a pipe bomb to their headquarters. I don't condone violence but I still need to know.

**Eliot Lash** @Eliot_L@social.coop · Nov 20, 2024

Nov 20, 2024

Eliot Lash @Eliot_L@social.coop

@deutrino @sun @ryanc Also I should mention this works like a + alias, you don't need to log in to their site more than once ever to use it. If I were to write an email address like myalias.1.myusername@spamgourmet.com it will forward one email to me and then shut down. You can allow up to 20 emails this way, or log into their dashboard to add a sender to an allow-list so their emails won't increment the counter.

**deutrino** @deutrino · Nov 21, 2024

Nov 21, 2024

deutrino @deutrino

@Eliot_L that's a pretty cool service, do they have a bunch of domains or just the one? @sun @ryanc

**Eliot Lash** @Eliot_L@social.coop · Nov 21, 2024

Nov 21, 2024

Eliot Lash @Eliot_L@social.coop

@deutrino @sun @ryanc I'm only aware of the one domain. It's an old service that's been operating continuously since the year 2000, I don't know if multiple domains were really trendy back then.

**Ryan Castellucci** @ryanc@infosec.exchange · Nov 21, 2024

Nov 21, 2024

Ryan Castellucci @ryanc@infosec.exchange

@Eliot_L @deutrino @sun@shitposter.world I have a similar feature set to what spamgormet offers configured on my own mail server.

I also have support for + addressing in some cases, but I can implement whatever I want.

I do not in most cases use + addressing because the extension can be stripped/altered.

For most things, I use aliases that include a random value to prevent my email addresses from being guessed.

**chbug** @chbug@defcon.social · Nov 20, 2024

Nov 20, 2024

chbug @chbug@defcon.social

@deutrino addy.io is a very nice service for that.

Drag & drop to upload

Recent searches

Search options

Administered by:

Server stats:

Recent searches

Search options

Administered by:

Server stats:

Back