[sylpheed:37288] Re: Microsoft dumping app passwords and basic authentication by September 16th, 2024: OAuth, Sylpheed 8 beta 1 and Windows 7, ¿works?

[k0 at trixtar.org]

Wed, 10 Jul 2024 00:46:51 -0700
"G.A. L.F." <the.real.galf at gmail.com> :

> > What is wildcard-domain aliasing?
> 
> Suppose you have your own domain, let's just say by way of example it's "
> foobar.com".  Now suppose you configure your mailbox at your provider to
> use the main inbox user account as "craig at foobar.com".
> 
> Now let's say that your mail provider supports wildcard aliasing, you
> configure the alias so that in effect "*@foobar.com" is directed to "
> craig at foobar.com".
> 
> Now let's say (by furthering the example) that you sign up for coupons from
> your local "Ralph's" grocery store.  When they ask you for your email
> address you give them "ralphs-grocery at foobar.com".
> 
> When email comes into "ralphs-grocery at foobar.com" it's directed to the
> inbox of "craig at foobar.com".
> 
> It's wise at this point not to ever disclose to anyone that "
> craig at foobar.com" is the target real email address.
> 
> When you see unwanted messages (e.g., spam, whatever) going to the "
> ralphs-grocery at foobar.com" recipient address -- and the messages are not
> originating from Ralphs Grocery -- then that means that Ralphs could have
> sold your email address to third party marketers, or they could have
> experienced a security breach, or who knows what.  If you have really good
> control of your inbox you can configure a mail rule, or alias to filter (or
> "/dev/null") all email sent to that alias.
> 
> It's a method that I started using to take control of my inbox years ago.
> 
> Regular google mail has a feature that means to accomplish the same thing
> by using the '+' sign in the gmail.com username (e.g. "
> craig+ralphs at gmail.com").
> 
> The upside to aliasing is that you can track mail senders by the target
> recipient address used.  It's advisable in such situations to try and keep
> good records about what aliases you've used over the years.  The downside
> is that once you've invested in an aliasing technique it's difficult to
> abandon it, since (as in my case) I have hundreds of aliases being actively
> used for everything from bills, subscriptions, businesses I've dealt with,
> job applications, IRC, friends, hobbies, etc.

How is that different from 'forwarders'? I've been doing it for twenty
years, the real address is never given out and I also use throways
that I give out on initial contact, as soon as a single spam arrives on
one of these it gets killed. For new accounts I subsequently create
a dedicated forwarder, spam arriving on such addresses tells
me who leaked it. One day I might sue someone for having leaked my
address; it's time for businesses to start taking customer data
protection very seriously or pay dearly for negligence (or worse). I
like the way kijiji makes it impossible (something that mailing
lists should also incorpoorate into the protocol) publishing or in any
other way making available only given handles and no email addresses.


 
-- 
"Morality is above the law, and we must never forget this". Alexandr
Soltsynitsin