Isn't this solution similar to putting "+unique_string" before the @ part in (for example) Gmail addresses?

That's no good. You're still sending your primary address, before the +. They can remove or modify anything after +, and you'll still receive the email.

I'm slowly transitioning for having a random 20 char generated alias email for every service/use and there's no chance anyone will hit a real mailbox by chance. If alias leaks, I can either abandon the service and block it, or change the registered email for the service to a new alias and block the old one.

In addition to that, I have a few easy to remember/type emails to give out to people, that I never use on the internet.

The result being no spam even without a spam blocker. (to the new addresses)

That sounds great, but the problem I see with the n-address approach is when you do actually want to search for a received email but you don't want to remember what inbox it went to. I can see workarounds - like feed them all to a gmail box and filter them into their own folders. Or load them all into a native email client as separate accounts.

I felt that way about using a password manager and generating random passwords (what if I want to log into something and don't want to remember which password I used) but eventually realized that password managers are literally designed to make this as painless as possible and I should relax more. Now I use KeepassXC, random passwords and life is good.

Are email managers a thing, like password managers? How do you solve this problem?

I store aliases (+ info about the service I provided them to) in the database and use simple PHP script to manipulate the db from the web.

On the mail server side, I have postfix set up to read the database and deliver everything for a valid address to a single mailbox.

It should be workable with any service that will allow you to setup aliases for a single mailbox. If they allow to set it using API, that would allow for automation.

On the sending side, given that I haven't yet found a need to communicate too frequently with any of the services I use via email, I have a simple PHP form to send email with the specified alias address set as From on the envelope and inside the email.

Ditto, except that I just use postfix's 'virtual' mechanism. Simple additional hack to simplify address creation; all my legal addresses begin with a particular 4-char sequence, and by default, all email addressed to a uid beginning with these 4 chars gets through unless explicitly blocked. This means I can make up addrs on the fly, without having to add them to the back-end on a per-address basis.

You can configure your MDA to deliver mail for all these different addresses to the same inbox. What I did for a while was have 2 inboxes: personal mail and commercial. All the tagged emails went to the Commercial inbox. Either way my mail client (Mail.app) can easily search accross Inboxes and/or present unified views if I actually want everything together.

Hi Mos- That's basically what getcovert is meant to be. I forward all of your email along to your singular email address (so no multi-mailbox), but the site never sees your real email.

+ is also notoriously unsupported by many sites—either because of horribly naive email address validators, or by their unsubscribe web pages. I can't tell you how many times an unsubscribe page has shown "myuser stuffaftertheplus@example.com"—where the + didn't get escaped and got interpreted by the web server as a space. It's happened to me so many times I have %2b memorized! :-)

My solution was to change my email server setup so that . and _ act the same as +. Someone might guess that they can strip something after a + but nobody is going to strip an address after an _.

Unfortunately no. Any advertiser / marketer worth their salt knows this already and often will just strip it out and bypass it in their marketing platform. Sorry to say, but that's not good at avoiding the issue as outlined above.

Fastmail has a feature where if your email is bob@example.com you can create any email address of the pattern randomsite@bob.example.com and it will deliver it to you. It's very convenient for things like this.

I mean, I run my own mail server and client, so I can deal with the problem in a variety of ways... I've done novelty addresses in the past. My current approach is to call such companies out and hope that nobody ever gives them another email.

In a lot of ways, that doesn't really hurt them hard enough. Unless you use a unique email address on every site, you're inherently leaking information about you.

[1] Advertisers can then use that data to cross-track you between sites more effectively. [2] Marketers can re-target you without any sort of pixel tracking because facebook, google, twitter, etc., all can identify you by that email address you provided. [3] None of us have a loud enough voice to dramatically damage a company in a meaningful way b/c they were a bad actor.

In my mind, by obfuscating the email address, we take away its power. It loses a lot of its value when it's randomized per site, per user. It now is truly only useful for sending you an email, and if you get fed up with how they use that email address, they're shutoff forever (and have no way of tracking you).