Nice idea, but I suspect if it gets any traction, many services will just block maskmail addresses. That's why mailinator uses 100s of different domains and makes it really hard to get a list of all of them.
(co-creator of Maskmail here). That's in our plan for future updates, at the least allowing users to opt in to using many different domains. Many other features in the pipeline too, please feel free to send any ideas you have to support@maskmail.net, or tweet at us @mask_mail
We hadn't considered it, but it's an interesting idea. We'd have to think through how to make it work, there'd be some interesting interplay with routing and mail servers.
Many services block all mailinator domains by simply doing a live MX record lookup and noting the domain is pointed at mailinator (there are SaaS companies that offer this via an API). Another thing I've noticed is blocking email addresses on domains that do catch-all receiving. It's really frustrating.
I've used sneakemail for a very long time, but I've found that it's actually been resulting in worse things than simply having my registration blocked.
* Credit Karma banned my account (that I'd had for eight years)
* HP canceled my order for a laptop AFTER IT SHIPPED, recalling the package
I've had to switch to sneakemail only for things that I wouldn't provide my name to anyway.
I don't really know anything about MX records or email in general, but couldn't maskmail just always point to the forwarder domain (yahho, gmail, etc) instead of their own hostname?
Which also means users can't use them either. Sometimes I want to use a different mailinator domain, but loading the homepage usually only shows the known domains.
That could be interesting, but then what do they need you for? I can already do that with gmail. I just set up a domain on google apps and then tell it to deliver any email address to my main email. In fact I do that already (see my profile).
The convenience factor is definitely there. A browser plugin that automatically creates an email address that you can later turn on/off with a couple clicks instead of going through the domain setup in gmail (or in my case fastmail)? I'd be interested in it.
Price, convenience. Google Apps is not free. For this particular use case you might be able to provide better user experience. Maybe integrate the custom domain registration and automatic DNS config to the UI.
Me and a a colleague discussed this just last week and even considered building something ourselves. Good thing you beat us to it, you seem to have done a marvellous job. The one thing we did some thinking about is how to avoid getting blocked. We run a SaaS and have blocked several hundred domains such as mailinator because of the high rates of fraud. Anyway, good luck!
A bit off topic but does anyone know of an email service that doesn't require a pre-existing email account, doesn't require ID, is TOR friendly and accepts cryptocurrency as payment? It seems like this should be an obvious service but I have a hard time finding one.
Sure, you have a point. But I've noticed that nobody blacklists new domains, so using existing providers would be a waste of time for most of such operations.
Why not just append a unique marker to your mail address? Some services support this.
For gmail i believe you can use "+" as the separator:
I.e. your email address is victim8384@gmail.com and you want to give your email address to a party called "spammer", you give them
victim8384+spammer@gmail.com instead.
Once you start receiving spam to that address, you block it.
Most spammers know about that trick, and their software automatically strips the + and anything after it. Their software has been doing that for about 20 years already, sadly. The + trick really only works with people you trust already. Also, + addressing is in the RFC, so pretty much every mail server supports it.
Gmail also added . (dot) as a non-counted character, so you can put as many of those as you want into the user field, but most spam software is catching onto that too.
My plus addressing with gmail is strictly a whitelist. Anything sent without a plus address is immediately deleted with an automatic filter. The issue I encounter is services that (incorrectly) treat a plus address email as invalid, preventing sign ups.
The reason for this is of course that it's a complete pain to work with the large email providers (say, you want to send an email to gmail) if you have your own service. Email has been far from truly decentralised for a while now.
If you enjoy the administrative work that comes with it (removing yourself from "you exist and you are therefore banned" blocklists, trying to convince gmail/hotmail/etc that you're really a real person, etc) then yes, it's not hard. If you use email, want it to work and don't enjoy extra administrative duties on top of your day job, I'd say it is that bad.
I have also been using mailhero.io since it has first been mentioned on HN.
Lately I do however have issues with mails not being forwarded / blocked at the service. I contacted the developer but as of today no feedback. Obviously this is a free service, which also means that I sadly cant rely on it. I am willing to pay for such a service and will try Maskmail / Othermail, but actually I would prefer an open source solution on an own (micro-)server...
As a spammer, wouldn't it be trivial to just run a regex on email lists looking for that pattern and then harvesting the results? Or is this like the old joke where you don't have to outrun the bear, just your friend?
I try to create an account, put in a username and matching passwords, but the "create account" button gives me a circle-bar "you can't do that" pointer, with no explanation.
Chrome on OSX.
I think it is a good way to only register in sites.
For collaborating is not good, because "reply-to" header is set to the real sender.
This a only one way to `mask` email.
Answering thought masked mail is not possible.
I don't understand one thing: the whole point of a disposable e-mail address it's that you just can use it instantly and never reveal your real e-mail addresses to anyone. That's why Mailinator got so popular. But in order to use Maskmail I have to register - what's the point?
I was thinking I could give it a try because it's new so it will work for a while for sites that for some strange reason block disposable e-mail addresses, but registering simply defeats the purpose.
> the whole point of a disposable e-mail address it's that you just can use it instantly and never reveal your real e-mail addresses to anyone
For you maybe. For others the point might be "never reveal my real e-mail address to the sites I give disposable addresses to, be able to keep receiving e-mails for some of them long-term and not having them publicly exposed to everyone that knows the address".
Why not create a Gmail account for that purpose then? (Or Yahoo/Outlook if you're concerned with data collection.) The amount of hassle is the same. With Mailinator I just type khdgfkasjdhfg in the register field, then then type Ctrl+L "maili" [Enter], paste khdgfkasjdhfg in the (already active) "Check Any Inbox" field and bang! - I'm already there, always. Maybe there's something I don't see here.
If you create a new Gmail account, as many people do, you can still be tracked with that. Using the same email address on multiple sites allows data aggregators to match your profiles from each site to build a very comprehensive picture of you. Of course, you could create hundreds of Gmail accounts, but then you have to manage hundreds of inboxes, which you won't do well leading to you missing lots of emails.
Maskmail essentially does this for you with extreme convenience.
Another approach is a service I built called veropost (dotcom) that is an email paywall so the sender needs to send a tiny tiny bit of Bitcoin in order to reach you.
(I also block TOR. Pure anonymity is not a service I choose to offer, because it is inevitably abused and I don’t have the time or resources to deal with it.)
not OP, but I imagine it might be one of: it's valuable (sellable) information, fraud is more likely to come from anonymous/disposable email address sign-ups for services, tracking is more valuable when tied to a (semi-) verified/verifiable identity, valid email addresses can be enriched via other sources of information people might have access to?