pull down to refresh

How & why to make a new email address for EVERYTHING in your life.
2226 sats \ 35 comments \ @expatriotic 17 Feb tech

Privacy and Security

Email isn't private.
Gmail/Outlook exist to monetize communication, not protect it. Sure Proton Mail uses PGP between users and Tuta uses quantum encryption for contacts, calendar, and archived emails and allows users to password-protect emails. But both fail when emailing non-users. Messages get decrypted and stored indefinitely. Ready to be served up to whatever alphabet agency requests it. Or simply queried by any staffer within Google or Microsoft who has a bone to pick with an ex-girlfriend.
Reusing an email address is insecure.
Attackers gather data from the dark web. Building information from data brokers and then building profiles on potential victims. Just by combining from a few data breaches, a hacker can get a full picture of your life. Your email address, phone number, past passwords, address, passport or ID etc.

The solution:

Stop reusing one to two to three email addresses for ALL of your accounts.
A hodgepodge of free services could be used if you prefer a cheaper approach.
So this would look like using disposable emails by Guerrilla mail or obvious aliases created by using free accounts with Simple Login or addy.io work most of the time, but are inappropriate for some purposes.
E.g., if you want to have access to an email for a long time, a throw-a-way Guerrilla mail wouldn't work. Or maybe you don't want to give someone you know or a business you interact with an obvious (and often not very aesthetically pleasing addy.io or Simple Login alias.
But I'll explain what to do if you want what I consider the top tier approach.

Enter the custom Domain

This requires you to spend some money to acquire the domain, but that can later be used if you ever want to launch a website (e.g., mine is "expatriotic.me" which I've started using for my blog.
I prefer this as a solution because it works for every case. It works for the throw-a-way cases, the mid-term cases and even the long-term cases where you plan to retain this relationship and keep the email address active for a long time.
With this method every account gets its own email address. A custom domain (e.g., you@yourdomain.io) allows you to create yourbank@..., yoursocialmedia@..., to infinity and beyond. And whereas with the hodgepodge approach you need to spin up the alias when needed, using a custom domain allows you to use a "catch-all" function where you can have someone email you or sign up for an account WITHOUT needing to spin up an alias. ANYTHING before the domain is a valid and viable email address. This is represented with an asterisks. So that would mean that *@yourdomain.io are all valid. You can then use the aliasing service to deactivate or delete compromised or frequently spammed addresses instantly. In fact at the top of EVERY received email there is a line at the top that says, "such-and-such alias received this email, would you like to deactivate it"? So no more fighting to unsubscribe from certain places.
One side benefit of the method below is that you can avoid the normal spam box hell that occurs when emails accumulate from entities that do not include an "unsubscribe" url at the bottom of the email. Banks seem to have this problem the most. My doxxed email address still gets emails from old bank accounts that are impossible to unsubscribe from.
So let's get into how to do this 👇🏻

How-to

1. Myprivatenym.io: acquire domain

Go to myprivatenym.io and get a domain.

2. Go to proxysto.re

3. Tuta: acquire an email address

  • Go to Tuta and sign up for a free email.

4. addy.io

Information can be found here, but is summarized below
  1. Sign up for addy.io using your Tuta email
  2. Redeem your gift card and upgrade to Lite.
  3. Go to "Domains" > "Add New Domain"
  4. Paste your Myprivatenym.io domain (e.g., janesmith@privatedomain.io)
  5. Go to the "DNS Management" in Mynymbox.
  6. Back in addy.io, click "Verify Domain" - takes 2-15 minutes. It will look like this in addy.io ⤵️
  7. Then add these four records from addy.io into the Mynymbox DNS manager:
  • You can check the records for your domain using mxtoolbox.com
  • NOTE: DO NOT MARK EMAILS AS SPAM, BUT RATHER DELETE OR DEACTIVATE THE ALIAS!
Can I mark emails forwarded to me by addy.io as spam?
No, you must not mark messages forwarded to you by addy.io as spam as this can damage the reputation of the mail servers and is against the terms and conditions.
If an alias is receiving spam messages then please deactivate it or delete it.
addy.io is signed up to multiple feedback loops (FBLs) that trigger a notification when any messages are marked as spam. Repeatedly marking messages as spam will result in your account being disabled.

Here is what my addy.io dashboard looks like after a few years of use. My spam box is EMPTY.

write
preview
related posts
3 replies \ @anon 20h
You skip the part where you need to sign up for a DNS Only Management Account with MyNymBox. Kinda important.
Use Njalla instead.
And we anons reply anonymously to separated our argument from our person and avoid your ad hominem attacks 😛 or perhaps because we would rather not make yet another account...
Enjoy the sats and have a peppermint tea mate.
reply
21 sats \ 1 reply \ @expatriotic OP 19h
Njalla has a horrible reputation mate...
https://au.trustpilot.com/review/njal.la?page=2
https://bulletproof-domain-abuse-guru.medium.com/whats-wrong-with-njalla-privacy-largest-review-of-bulletproof-domain-registrars-097124fa9758
Not sure what a DNS Only Managaement Account is... I used Njalla but plan to re-up with Mynymbox. (hint: people can buy from where-ever, but privacy preserving is the goal)
reply
0 sats \ 0 replies \ @anon 2h
Tucows will take down your domain if you host illegal shit, and Njalla can't do a thing about it because they're just middleman. Everyone knows that except the teenage morons on trustpilot, and apparently, you?
Njalla is perfect for this use case.
Also dunno why you linked to one off article by an unknown unverifiable brosky who clearly has a chip on his shoulder, but even then, you've only proven my point harder.
reply
0 sats \ 0 replies \ @expatriotic OP 19h
Got an answer from RandomNym on Signal about the DNS thing
You don't need to sign up for our DNS Only Management Account. It's our DNS tool which is free for our customers. It's not baked into our Client Portal as we utilize our Webhosting Panel for it.
You have to open a ticket to get access to it. That's it. A lot of ppl use their own nameservers
https://client.mynymbox.io/knowledgebase/26/DNS-Only-Management-Tool.html
https://github.com/zedeus/nitter/issues/1150#issuecomment-1890812835
The only ad hominems I launch are to @kruw because he is a paid shill who goes on my posts to call me a shitcoiner. Interestingly enough, ad hominem is only a fallacy sometimes. If the position the person holds is that of a doctor, priest, or coordinator of a coinjoin, it is actually relevant.
reply
70 sats \ 1 reply \ @IamSINGLE 18 Feb
Thanks. Another great guide.
myprivatenym.io is inaccessible! Have you done a typo on it?
reply
0 sats \ 0 replies \ @expatriotic OP 18 Feb
That's a relic from my rough draft. The correct one is the hyperlink in step one. https://mynymbox.io/domainregister
reply
30 sats \ 1 reply \ @Butterfinger 17 Feb
try self-hosting e-mails with servers distros like freedombox or yunohost, of course you'll need a fixed IP and some managing work but freedom has its costs. Fuck protonmail and centralized servers.
reply
21 sats \ 0 replies \ @expatriotic OP 18 Feb
Lol, posts like this are inevitable, and miss the mark so hard.
  1. This post is to get people off using a static doxxed Gmail.
  2. This post represents my set-up.
  3. Make your own guide instead of coming here and saying, "Well AcTuAlLYyyyyyyyy"
Have a nice day sir, and I respect your set-up. Just understand what this guide is and what it isn't.
reply
18 sats \ 2 replies \ @expatriotic OP 17 Feb
@ek or @k00b, or just whoever knows about these things. Is there a mechanism I didn't understand that would explain why a 1,000 sat zap shows up in the wallet log and my coinos as 700 sats? No CC were created. Is it to do with the 70:30 split between territory creators and SN?
edit: and now a 36 sat zap is showing as 25 sats in both the wallet log and in my coinos wallet. Doesn't seem to be a routing fee as that's the amount of the invoice also.
reply
43 sats \ 0 replies \ @k00b 17 Feb
Is it to do with the 70:30 split between territory creators and SN?
Yes. That’s the split. We call it a Sybil fee. It discourages self-zapping basically.
reply
0 sats \ 0 replies \ @anon 17 Feb
https://stacker.news/faq
reply
9 sats \ 3 replies \ @itsrealfake2 17 Feb
fyi, Fastmail offers this functionality with or without the domain
https://www.fastmail.com/features/masked-email/
reply
3 sats \ 0 replies \ @expatriotic OP 17 Feb
Yes many offer services like this without a domain. I'm aware of that. I like bringing a domain because then you own it even if fastmail goes under.
reply
0 sats \ 1 reply \ @expatriotic OP 17 Feb
Haven't heard of them
reply
0 sats \ 0 replies \ @itsrealfake2 17 Feb
They're in Australia, so Five-Eyes still applies, but they provide a really straightforward way to leave google.
They offer caldav email & notes. It used to be the case that their note implementation worked with Apple's note application, but i think Apple broke that link several years ago. You could probably get it working with Tomboy notes if you were so inclined, and also on a linux box.
reply
9 sats \ 15 replies \ @SwapMarket 17 Feb
One can create aliases in free Proton that look like something.random336@passinbox.com
reply
9 sats \ 9 replies \ @expatriotic OP 17 Feb
I have Proton Mail, but I don't like to recommend them because they require an email to join... Which begs the question. How does one get a private, non-doxxed email, if they try to create and are essentially plugging in their doxxed gmail to sign up for a private account. It's crazy... Tuta doesn't have this RIDICULOUS requirement and thus gets a rec from me.
reply
0 sats \ 1 reply \ @anon 18 Feb
goodness gracious you're wound tight. relax bro. i sed, good guide.
but the entire premise for this is "you don't need an email to sign up for this alias factory"
also, i never said you did or didn't use this or that. yes, this is your guide. we can all see that lol. if you don't want it criticized turn off the comments.
reply
0 sats \ 0 replies \ @expatriotic OP 18 Feb
Do people really reply as anon to hide? Good job donating 100 sats to the reward pool.
My guides inevitably get swarmed with, "You should have done this or that..." I'm hoping that eventually people will clue in to the fact that my guides aren't exhaustive. They're my stack and my process.
@itsrealfake with this comment #888542 is an excellent example of discourse on a guide that someone worked hard to make. Just coming by to share something the OP didn't know.
The Proton Mail thread is crazy because it's brought up, I give my thoughts, and then it devolves into a complete denial of the fact that needing email to create email is a classic issue of the chicken and egg dilemma.
When I first decided who to use for this set-up, I almost chose Proton Mail and Simple Login... The only reason I didn't is because Tuta + Addy was cheaper. And now it's mostly a switching cost issue.
reply
0 sats \ 6 replies \ @SwapMarket 17 Feb
It is for recovery. Just make a throw-away gmail account and use it to register Proton. Then make another proton, using the first one, and change the recovery email in the first to the second.
reply
0 sats \ 5 replies \ @expatriotic OP 17 Feb
That's the dumbest thing I've ever heard. You should have the option of adding an email for recovery IF YOU WANT after you make the account.
It defeats logic.
How does one sign up for their FIRST email address if every time they're required to give an email address.
You literally just admitted they'd be forced to use Google... Facepalm
That's awful UX.
reply
0 sats \ 1 reply \ @SwapMarket 17 Feb
Creating a throw-away gmail account is not "using Google". I have a number of proton accounts for various anon identities.
reply
0 sats \ 0 replies \ @expatriotic OP 18 Feb
I have a thow-a-way account for google play on my GrapheneOS phone. You miss my point entirely.
  1. How does one get a FIRST email if they are always REQUIRED to give an email to get an email...
  2. Most normies existing emails are doxxed and THAT is what they'd use to sign up with Proton Mail
  3. Using Google != using Google??
reply on another page
0 sats \ 2 replies \ @anon 18 Feb
missed the point. can sign up for proton with some of the temp email sites.....which are 100% anonymous.
also nymbox requires an email also you tell folks to sign up for tuta...so why wouldn't they just du that for Proton?
This is a nice tutorial but it's all a little ridiculously over the top. someone "just trying to leave google" is gonna
  1. sign up for paid tuta (a little less than the price of these shenanagins)
  2. use the 15+ extra email addresses / aliases.
reply
0 sats \ 0 replies \ @expatriotic OP 19h
BTW, I got an answer from RandomNym about needing an email and he replied thus:
At the moment we also do not verify if a customer email address really exists. Would be better if we would do it as we run sometimes in issues because of that but that's how it works right now
So technically my guide's flow stands, no need to get your private Tuta email first
reply on another page
0 sats \ 0 replies \ @expatriotic OP 18 Feb
missed the point. can sign up for proton with some of the temp email sites.....which are 100% anonymous.
No I didn't. Requiring email to get email is dumb. I do USE proton, I just don't use it for my custom domain or aliasing. Feel free to deviate with the guide at will. It's MY set-up.
also nymbox requires an email
Good point, I should make getting a Tuta email step one not step two. Good catch. And yes, Mynymbox and Addy.io will require your email. Only these two people will know your actual email. Then everyone else gets an alias.
also you tell folks to sign up for tuta...so why wouldn't they just du that for Proton?
Because it's MY guide and this is MY opinion and set-up. HOLY SHIT
someone ... is gonna
  1. sign up for paid tuta (a little less than the price of these shenanagins)
  2. use the 15+ extra email addresses / aliases.
Okay... let 'em. What in my guide prevents someone from deviating. I'm showing what I do. And I state why. If someone doesn't want to follow it... Cool. But why post here anonymously to point out that obvious fact?
reply on another page
0 sats \ 4 replies \ @expatriotic OP 17 Feb
That's ugly as shit... Custom domain is better.
reply
0 sats \ 3 replies \ @SwapMarket 17 Feb
They are for registering accounts, not for sharing contacts. Custom domains require a credit card and a server. If the goal is to protect identity, aliases are better. And to be safe from password leaks, yubikey.
reply
0 sats \ 2 replies \ @expatriotic OP 18 Feb
Custom domains require a credit card and a server.
You've lost me. I've used a custom domain for years and I don't have a credit card or server... Are you purposefully being obtuse or are you genuinely ignorant. This is the last time I'm replying to this nonsense. Enjoy the post, or don't. Clearly it's not for you. I don't have time to write a behemoth of a guide with every option for every person.
reply
0 sats \ 1 reply \ @SwapMarket 18 Feb
deleted by author
reply
0 sats \ 0 replies \ @expatriotic OP 18 Feb
Free? Who said free. Of course you have to pay. But I pay in bitcoin. Read the post. It's literally step one. Look at the payment methods. NO FIAT IS ACCEPTED. No paypal, no credit cards. I never said free.
reply on another page
69 sats \ 1 reply \ @ACYK 18 Feb
Letting people know expatriotic.me is set up with a catch all email address is a bit risky. If someone wanted to start sending you hundreds of emails to random-text@expatriotic.me, your inbox would be overrun and you’d have to switch to auto-deleting all incoming emails from addresses you haven’t white listed. This would mean manually adding all email addresses you create in advance (which would negate a lot of the benefit of making them on the fly).
reply
30 sats \ 0 replies \ @expatriotic OP 18 Feb
I'm aware of this. I can turn it off at will though, so not a big deal. The person would have done all that just for me to switch it off within the addy.io settings. Thanks for looking out though friend
reply
0 sats \ 1 reply \ @LowK3y19 18 Feb
I made so many emails so I can take advantage of monthly free trials
reply
0 sats \ 0 replies \ @expatriotic OP 18 Feb
Nice. Yeah I just like how clean this set-up is. Definitely other people can optimize for cost over aesthetics though
reply