How many email addresses do you use?

Quentin Sonrel on September 13, 2018

I've always had multiple email addresses, right now I have 6: One "private": let's say it's the main one, used for everything except for the thin... [Read Full]
markdown guide
 

One, but I use the built-in aliasing.

GMail for instance you can have an email like myname@gmail.com and when you sign up on a site you can do myname+nameofwebsite@gmail.com

Emails they send you will still go to myname@gmail.com and you can use the +nameofwebsite part to see who it was who maybe sold your email or had a breach. Can also use it for rules and labelling things.

SOME terrible devs out there don't allow + in email addresses even though it is wholly valid to have that character. Lots of devs screw up email name validation. Don't be like those devs if you ever have to validate emails.

GMail also allows for any number of dots in your name. So you can also use my.name@gmail.com or m.y.n.a.m.e@gmail.com if you want. I do this sometimes to re-sign up for trials if the service doesn't allow for the + trick mentioned above.

 

Yes, not allowing for + in emails is terrible practice. I wish I bookmarked it but I read a great article a few years ago all about email validation and how futile it pretty much is - the conclusion was to just check for the presence of an '@' character. Email validation is best done by sending an email to the address and seeing if the user opens it/goes to some link within it.

Everything before the '@' is entirely ruled by the mailserver, so any validation rules you apply to this are effectively an assumption on the rules your user's mailserver use. I guess you could validate the post-'@' characters but with how many new TLDs are coming out this seems like more hassle than it's worth. Trust your users to know their emails (but make sure you're still encoding the input so as to avoid nasty SQL injection etc!)

 

Hopefully doing more than just encoding/escaping -- never place user data directly into a SQL statement! Always use placeholders like ? or whatever your flavor of DB allows. And if it doesn't allow for that, really think hard about why you're using that db (or db sdk)!

Fair, I just wanted to throw in something about security after making the questionably phrased statement of 'trust user input' :D

 

GMail for instance you can have an email like myname@gmail.com and when you sign up on a site you can do myname+nameofwebsite@gmail.com

Sadly, spammers and site-attackers know this trick.

  • Spammers, after they've harvested such an address, know that if they see "+", they can peel off the "extra" to spam you to your main mailbox
  • Attckers, if you've used a predictable "+", can predict what your other addresses might be on other sites ...so you still want to use unique passwords per site

GMail for instance you can have an email like myname@gmail.com and when you sign up on a site you can do myname+nameofwebsite@gmail.com

Heh... And has been valid for over 20 years — at least that's when Sendmail added it. You'd think over two decades would be enough time for people to get the drift. :p

GMail also allows for any number of dots in your name.

Sadly, support for that in gSuite seems to be lacking. Probably because they know a lot of companies like to assign .@. So, if you have a legacy Apps account for your personal domain, you can't use that trick to work past the fifty free aliases limit. :(

 

I always forget about these tricks. Thanks for the reminder!

 

I have a personal one, for general day-to-day things, this is generally as secure as I can make it with a good password, two-factor auth etc. A "professional one", which security isn't as important as it's just for job searching, etc. A private one, which really is just a store of information for myself, I don't email it and to other people from it, just store things in it. This is another secure one.

 

Aren't there better solutions than a mail account for the last use case?

 

Google mail accounts are great for archiving. Even without buying extra space, you can store years (decades?) worth of content. Can do it with either an auto-forwarding rule or, if you're just setting it up, a simple IMAP-based copy.

Aren't there better solutions than a mail account for the last use case?

The beauty is it's kept in a portable, easy to access structure (its original format) and usually stays accessible via its former methods. Can't really say the same for things like PSTs and some purpose-built mail-archival solutions.

 

Quite likely, but I'll be honest I don't care too much about it. It's stuff like passphrases for websites I don't quite care enough about.

I am looking at investing in a Password Manager though, and there are solutions out there like LastPass that may be a better solutions to that.

I started using a password manager recently and that's honestly life changing. You should take a look at Bitwarden: it's free, open-source and self-hostable (but not only, they provide a public instance). You can store passwords/credentials (obviously), credit cards, identity and secured notes (chunks of text, you can put whatever you want in it).

 

I usually make a new mail alias for any service which I join. I currently have 126 aliases if I'm not mistaken. Plus four regular inboxes.

 

Similar here, all via my own vanity domain (ashbysoft.com) and front-end relay service so where my email is really hosted never gets revealed, and I can change ISP or email provider to suit me without anyone else being affected.

Has turned out to be interesting when checking on haveibeenpwned.com. Worst offender for selling my data, /then/ having an undisclosed breach was a Mac parts reseller back in '09.

 
 

Additionally:

  • Makes setting up auto-sorting or -forwarding filters dead-easy
  • If a given site decides to ignore previously-set email preferences and spamming you, rather than relying on an "unsubscribe", you just nuke the alias and they start getting 550s for their trouble
  • Combined with a password-manager, every site you visit has both a unique password and address. Marginally more security than only having one or the other unique

...and it's not just data breaches you need to worry about, it's sites selling your address. When you get an email from the "wrong source" for a given destination, you can send site you actually gave the address to an email asking "did you sell my address or get hacked and not bother to tell me." Either way: a good way to know who you should continue doing business with.

Yeah, all those things made me consider doing the same (if I'm not too lazy to do so, ahah), that's actually pretty awesome, I can't believe I never thought of it.

 

If any of those services has a data breach, I know which one it was, and changing the address for this one service is probably notably easier than for a dozen of services.

 

I used to have an account in almost every email provider (Yahoo!, Microsoft, Google, Apple) but I felt the need to have everything in one place. Five or six years ago I started to approach emails like Anthony, with two exceptions:

  • I have an email account for college, because I have to;
  • I have a Gmail account for trials, using aliasing in my favor; that way I don't need to create fake throwaway addresses.

For services that I really do not care (and don't do email verification), I make up something along the lines of no@no.nope.

 

One for work, one for personal use. One for gmail because while my personal one used to be a Google Apps account, that had to change so I'm now just redirecting it to a generic gmail address.

For anything else I use services like guerillamail to create throwaway addresses.

I also have the domain notareal.email and use addresses like norepy@ or throwaway@ on that domain when talking to people like recruitment agents, because I am clearly the funniest man alive.

 

I am clearly the funniest man alive.

Can't argue with that!

 

Only 2: personal and work.

Once in a blue moon, I will create an email alias which forwards to my personal account. For example, when I am trying to find out more information about a product and the only facility the site provides is a request form. Which almost certainly adds me to a spam list. Then when I'm done with the alias, I delete it. Spammers deserve bounces.

 

I actually never thought about using aliases as a security/privacy measure but it seems to be quite common (just had to read the replies here).

 

I have 3 on permanent sites and another 2 that are volatile addresses, so naturally either don't check some very often or could spend an entire day just reading emails. Worth mentioning that in one outlook account I have 4 different alias with their respective 'inboxes'.

 

6, gmail and gSuite: one that’s personal, two I just dump stuff in I rarely look at that I’ve had for the past 9 years, two for my blogs, one for “business”. A bunch of aliases for my gSuite accounts.

 

I managed to get down to 2(ish) email addresses;

  • @outlook.com is my primary. I have an alias on this account for sign-up's and stuff I probably won't read. It's filtered and often end's up in Trash rather than Archive
  • @mywork.com is my work account. I've also made a big attempt to not sync this account with any of my devices apart from my office workstation, it's harder than it sounds!
 

I'd actually like to reduce to 2-3 addresses too.

Especially since a lot of the answers to this thread made me realize how useful aliases are and how it could replace my many different addresses.

I've also made a big attempt to not sync this account with any of my devices apart from my office workstation

I actually done the opposite: I don't use mails very much for my job but I still have to keep an eye on this address if I don't want to miss out important things. So it's synced with my personal smartphone, to ensure I'll check it from time to time.

 

Personal address: I've had it since 1997. That said, I've got a bajillion aliases that all point to the one mailbox: advantage of hosting your own email ...and why I can never (cost-effectively) move my personal mail to gApps (et. al.). Only give my unaliased personal address to family and friends.

Work address: Changes with job, obviously. When signing up for work-related web-sites, still use personal aliases so my work address doesn't get spammed (and set up auto-forwarding rules to my work account and auto-foldering rules on my work account for those auto-forwarded emails).

"Backup" address: usually gmail - where I send things when the sender's email system is poorly set up (the spam controls on my personal address are pretty freaking aggressive ...necessary when your email address is old enough to drink).

 

Personal: An outlook.com email that I've used for many years. I use this to sign up for most online personal accounts.

Professional personal: My own domain email hosted through ProtonMail. I use this for most professional correspondence with employers and other developers.

Personal Gmail: Used for Google services mostly.

Professional Personal Gmail: Before I had my own domains, I used this one for professional personal things. It's still used for a few Google services.

Old university account: A .edu that I now have forwarding to the personal Gmail.

There are a few other inexplicable ones I don't use but still have access to: A Yahoo email, a few other outlook.com emails, etc.

 
  • Work-issued email address: Purpose/reason for existence is likely self-explanatory.
  • Work-oriented , "self-issued" email address (gmail): for when I need to open a conversation with a vendor but don't want my work email address to get spammed but w/don't have time to gen-up a throw-away address. This is used for things like conventions or where a given site won't allow me to add +VENDOR to my work email address.
  • Personal email address (self-hosted on a VPS) ...with a few hundred alias addresses piled on: All the aliases allow for easy auto-sorting of incoming email as well as easily shutting off a problematic sender (or ID'ing that said sender has bad security/confidentiality practices ...as seen when a given per-sender alias starts being used by third-parties for spamming or scamming purposes)
  • Personal-oriented email address (gmail): primarily for when a site's email system wants to think that my self-hosted personal email address isn't usable for some reason or another (or, my self-hosted personal email system thinks that a given site's too spammy and blackholes everything from them)
 

11, but 5 of those are client addresses, and as the blah+myname@google, is circumvented very easily, and all spammers know the trick, I have a throwaway address (spam magnet that one). So no, 6 isn't a lot.

 

<service_name>@defman.me. It forwards everything to my private Gmail account.

 
 

Mine's probably not the recommended way, but I use my main Google account everywhere and use Live whenever I want to make another account on a service, for example, creating another Steam account. But for answering this post, here's a list of my email addresses:

  • Google, two emails (standard and G Suite)
  • Microsoft, also two (Live and Outlook)
  • Yahoo, one email
  • iCloud, one
  • ProtonMail, one

And there are forgotten ones where I have no idea why I signed up in the first place:

 

My Gmail account used to be my main email... one day I decided I did not want to rely on Google for that kind of things and I switched to GMX (previously know as CaraMail)... dumbest move ever, ahah!

I can totally relate on the "forgotten ones", I have a few too (ProtonMail, Live and Hotmail (ah, the memories...) and probably a few more).

 

Ever so often I think about creating a "personal" email account and only providing that to family and friends, but I can't remember the last time of of them sent me an email. It's all IM's these days.

I kinda like the idea of creating a "dev" account separate from my "personal" account. I did do that for my Digital Ocean account - then forgot I did it and deleted the email account from the server.

Of course, I have an email account from my employer, used for work related messaging only.

 

I use one and see no reason to have multiple email addresses.

 

I have 4, but I'm only using 2 of them:

  • my private one @protonmail
  • one for work
  • one at my internet provider (no choice)
  • my "dirty" one @gmail
 

I just realized that I also have an internet provider mail... I'm not even sure I've ever checked it, haha!

 
 
 

4, and then a catch-all for my domain, to see what un-important sites I use that leak/sell my info.

 

2

Personal gmail and work.

I use the myemail+tag@gmail trick to filter most things

I should make a purely junk email address for things like rewards cards and such

code of conduct - report abuse