How to reclaim agency over your precious email inbox
Your email inbox is under daily active assault from every business out to make money off of your identity. Some large email providers popularized methods to reclaim agency over your own inbox with clever tricks like appending
+companyname to your email handle (e.g.
email@example.com), but as the war escalates companies routinely deny any email addresses that include a plus symbol, or simply strip it out unbeknownst to would-be victims. Luckily, there are still a couple options available to combat the spam overload.
We need to acknowledge that any company denying emails addresses with a plus symbol in it are breaking RFC2822. Nearly anything is considered a valid email address. Some examples:
So why is anyone denying business just because they don’t like their email address?
The next bastion for those looking to reclaim some agency over their inbox is a combination of two things: a custom domain name and paying for an email service. Indubitably, it’s a big trade-off from relying on the free-tier of providers like Yahoo! or Gmail, but there’s tremendous upside when you aren’t the product.
By virtue of these tactics, this approach requires a basic understanding of domain registrars, DNS, and records, which is not covered here. Proceed at your own risk, the worst that will happen is you’ll silently lose email if you misconfigure your setup.
An additional callout is that instead of managing 1 email address, you’ll (arguably) be managing N email addresses. In practice this isn’t setback, and we’ll cover the reason for that at the end of this post.
Suggested Domain Registrars and DNS Providers
Providers listed here qualified for inclusion due to:
- competitive pricing
- domain privacy controls
- TLD availability
- DNS record control
- decent UI/UX
While the specific companies I list are providers that I personally use, any other registrar that meets the aforementioned qualifications should do just fine.
I use both Namecheap and Google Domains for purchasing domain names as well as hosting DNS. While both offer low costs, Google Domains includes domain privacy at no extra cost. However, any provider that offers domain privacy and control over DNS records will suffice. Expect to pay roughly $20/year, depending on the domain name chosen, etc.
Suggested Email Providers
Providers listed here qualified for inclusion due to support for:
- custom domains
- wildcard alias
- arbitrary aliases
- recipient-based email rejection
While the specific companies I list are providers that I could find with support, any other provider that meets the aforementioned qualifications should do just fine.
At time of writing, Fastmail, ProtonMail, and G Suite include support for bringing your own domain name. I chose Fastmail because they support other nice-to-haves like Push-IMAP and two-factor authentication (2FA), and email is their core competency. A quick word of caution when selecting an email provider: be sure that your country of residence doesn’t perform any blocking of your selected provider, as has been known to happen. Expect to pay between $5/month and $10/month.
Once you have your DNS records pointing to your new email provider, be sure to set up your wildcard/catch-all alias support; follow the guides for ProtonMail, Fastmail, or G Suite.
Just like that, you’ve restored your ability to tag specific companies in your email address. Instead of sharing
firstname.lastname@example.org. This works only because we’re using an email provider with wildcard support.
The real killer feature of this method is the decision you make once the email is leaked or appears to you as spam. First off, we must address the reality that spam happens and there’s not much we can do to permanently banish it, but we can make life more painful for would-be spammers. After all, having a list of valid email addresses is the most valuable thing to a spammer which is why services like SenderScore exist.
So TransUnion sold your email address and now unrelated marketers are spamming you? Do not mark the email as spam! Instead, create an alias explicitly for
email@example.com (remember: heretofore emails sent to
firstname.lastname@example.org were being delivered thanks to the wildcard alias) and set your new alias to reject the message. The sender has no recourse; there’s no
+transunion to strip, there’s no way to for TransUnion to tweak their email to slip past spam filters, and their reputation just got penalized by ISPs and validators.
As mentioned earlier in the caveats, you are now essentially managing N email addresses where you were formerly responsible for only 1. This seems like a huge drawback, but in practice:
- you’re capable of receiving any email addressed to
- everything ends up in the same inbox (by default)
- you control your sender identity so that customer service rep from TransUnion you’re emailing never sees your personal address
email@example.com, they only see
- when one email gets leaked or sold, you blacklist it and create a new one
So is less than $100 a year worth some extra privacy?