1970
Why does my treadmill want my email address? (lemmy.world)
submitted 2 months ago by The_Picard_Maneuver@lemmy.world to c/microblogmemes@lemmy.world
332 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] reimufumo@lemmy.ca 4 points 2 months ago

How's this different from plus aliases?

[-] FlihpFlorp@lemm.ee 11 points 2 months ago

Just chiming in, if you’re using + aliases for privacy some people can just remove the plus and see your email

For example if you sign up with supercoolemail+spoof@beans.com the service can remove everything between the + and the @ and see your real email is supercoolemail@beans.com

[-] algorithmae@lemmy.sdf.org 9 points 2 months ago

It kinda isn't, however I found that some websites refuse to acknowledge that plusses are valid. I see this one uses dashes which might have a similar issue. Only thing I think is universally accepted are periods

[-] hperrin@lemmy.world 2 points 2 months ago

I haven’t found any place that doesn’t accept a dash.

[-] SkaveRat@discuss.tchncs.de 3 points 2 months ago

As a kid I had an email address that started with a dash. Back then I regularly encountered websites that flagged it as invalid (but only if it started with it)

But then again, that was almost 25 years ago

[-] tal@lemmy.today 2 points 2 months ago* (last edited 2 months ago)

I found that some websites refuse to acknowledge that plusses are valid.

I'm not saying that they won't, but they're non-compliant then.

https://en.wikipedia.org/wiki/Email_address#Local-part

The format of an email address is local-part@domain, where the local-part may be up to 64 octets long and the domain may have a maximum of 255 octets.[5] The formal definitions are in RFC 5322 (sections 3.2.3 and 3.4.1) and RFC 5321—with a more readable form given in the informational RFC 3696 (written by J. Klensin, the author of RFC 5321) and the associated errata.

Local-part

The local-part of the email address may be unquoted or may be enclosed in quotation marks.

If unquoted, it may use any of these ASCII characters:

I don't want to try to escape the following for Markdown, so I'm just gonna dump it in a blockquote:

uppercase and lowercase Latin letters A to Z and a to z
digits 0 to 9
printable characters !#$%&'*+-/=?^_`{|}~
dot ., provided that it is not the first or last character and provided also that it does not appear consecutively (e.g., John..Doe@example.com is not allowed).[8]

If quoted, it may contain Space, Horizontal Tab (HT), any ASCII graphic except Backslash and Quote and a quoted-pair consisting of a Backslash followed by HT, Space or any ASCII graphic; it may also be split between lines anywhere that HT or Space appears. In contrast to unquoted local-parts, the addresses ".John.Doe"@example.com, "John.Doe."@example.com and "John..Doe"@example.com are allowed.

[-] algorithmae@lemmy.sdf.org 1 points 2 months ago

Oh I concur, it's super annoying. I want to track who sells my info to spammers dammit

[-] hperrin@lemmy.world 4 points 2 months ago* (last edited 2 months ago)

It is plus aliases*. It’s got additional features for them that other providers don’t have though. Like for each label (alias) you can toggle whether to get notifications, mark as unread, screen new senders, and show them in the “aggbox”. The aggbox is like an inbox, but since you don’t ever use your “bare address”, it just shows the labels you want. Your bare address autoresponds with a list of your public addresses.

* It’s technically subaddressing, using either a dash or a plus as a delimiter.

[-] miau@lemmy.sdf.org 2 points 2 months ago

From what I can tell, not much. They use dashes "-" instead of pluses "+".

But neither of these two options provide you with much privacy. Plus addresses, as others have pointed out, can be automatically stripped (just delete everything after the plus sign) and you get the real email behind it.

This service specifically I dont know the details, but it seems there is a unique prefix per user, but no "real email". So for instance if you use gmail you can have "sunnie@gmail.com" as your real email. You then use "sunnie+lemmy@gmail.com" for your lemmy account. If that email gets leaked out somehow, people can easily tell your real email address is "sunnie@gmail.com"

This service seems to do something very similar with the difference there is no base email, so there isnt a "sunnie@port87.com", there will only be "sunny-lemmy@port87.com". It is worth pointing out you might still be tracked because all your emails will be prefixed with "sunny". So although spammers wont be able to figure out your real email address they can just try something like "something-reddit@port87.com", and if multiple of your addresses leak it will be easy to link them all up to the same person.

This also creates A LOT of lock in. Because if the service shuts down you now have dozens of services for which you don't have means to access the emails anymore.

[-] hperrin@lemmy.world 3 points 2 months ago

Thank you for the feedback. These are all really good points that I’d like to address.

The vendor lock in part I agree is very important. I’m working on adding support for custom domains, which would let you migrate to another provider if Port87 ends up not working for you.

Regarding the privacy part, a long term goal is to let you create private aliases for your labels that are randomized addresses on a different domain. I haven’t started working on that yet, and supporting enterprise features will take priority.

[-] miau@lemmy.sdf.org 2 points 2 months ago

Thats really nice. I appreciate your concerns with privacy and user experience!

Ill be sure to keep my eyes on the project

this post was submitted on 13 Aug 2024
1970 points (98.4% liked)

Microblog Memes

5698 readers
2398 users here now

A place to share screenshots of Microblog posts, whether from Mastodon, tumblr, ~~Twitter~~ X, KBin, Threads or elsewhere.

Created as an evolution of White People Twitter and other tweet-capture subreddits.

Rules:

  1. Please put at least one word relevant to the post in the post title.
  2. Be nice.
  3. No advertising, brand promotion or guerilla marketing.
  4. Posters are encouraged to link to the toot or tweet etc in the description of posts.

Related communities:

founded 1 year ago
MODERATORS
ReadyUser31@lemmy.world
aeronmelon@lemmy.world