SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    What’s your view concerning changing a long existing email address
Page 1 2 3 
Go
New
Find
Notify
Tools
Reply
  
What’s your view concerning changing a long existing email address Login/Join 
Nullus Anxietas
Picture of ensigmatic
posted Hide Post
quote:
Originally posted by mark123:
quote:
Originally posted by ensigmatic:
quote:
Originally posted by mark123: Yeah, it’s the same idea as tagged email addresses. I don’t use tags as I have unlimited forwarders.
To each their own, but, by your own admission, by doing that you've kind of limited where you can go for a new email provider.
I’m not sure I understand what you mean.
Well, the instant point was you earlier wrote you were limited as to where you could go for an email provider because some (many? most?) don't/won't support unlimited email forwarders (probably actually email aliases, btw).
quote:
Originally posted by mark123:
I’m not sure tagging offers the same security as using unique email addresses.
Depends upon one's definition of "security" and the context.

It does offer equivalent security in that:
  • A bad guy, in attempting to brute-force an account, has to know both the unique tag and the password
  • You can verify the legitimacy of a sender by looking at the tagged email address to which the email was sent.
  • If you start getting spammed to a tagged email address you know the vendor sold or gave away your email address, or their databases were 0wn3d.
  • If a tagged address is compromised you can change the tag and reject email to the old tagged address (if you have control over the mail server) or simply bin email sent to it (if you do not).
quote:
Originally posted by mark123:
Anyone that got the Epik list surely stripped out the tags.
One would think, but, oddly enough: They did not. At least not in email I've seen. (N.B.: Or maybe some did. I get so much spam/scam email to my unadorned email address there's no way to know.)
quote:
Originally posted by mark123:
Unless you specifically don’t allow email addresses without a tag to be delivered.
In my case: Email to tagged email addresses is "pre-approved," bypassing all but the most strictly necessary anti-spam/-abuse checks. Unadorned email has to run the whole gauntlet. So kind of: Yes.

I will concede your point that entirely different email username parts for each contact is somewhat better for avoiding spam/scam email, because, as you noted, a spammer/scammer need only strip the tag to get a (probably) deliverable email address when relying on tagging.

(Though, it just occurred to me, a compromise solution may be best: A single email alias to which you don't accept delivery w/o a tag. Hmmm... Perhaps I'll play with that today?)

I could have all the email aliases in the world I wanted. That's way too much trouble, to my way of thinking, and would limit my options should I ever choose to go to hosted email provisioning.

Then there's my wife, who I've taught to also use tagged email addresses.



"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
 
Posts: 26034 | Location: S.E. Michigan | Registered: January 06, 2008Reply With QuoteReport This Post
W07VH5
Picture of mark123
posted Hide Post
Yeah, if you could reject all untagged email and only accept specific tags, that’s pretty secure. I like it. Easily done with regular expressions.
 
Posts: 45681 | Location: Pennsyltucky | Registered: December 05, 2001Reply With QuoteReport This Post
Nullus Anxietas
Picture of ensigmatic
posted Hide Post
quote:
Originally posted by mark123:
Yeah, if you could reject all untagged email and only accept specific tags, that’s pretty secure. I like it. Easily done with regular expressions.
Just tested it Smile

Created an email alias. Added "alias+<anything>@example.com" to the pre-approved list. Added "alias+compromisedtag@example.com" to the "compromised" list and "alias@example.com" to the reject list.

Works as designed Smile

The order the lists are checked is critical. The server checks "compromised," "pre-approved," "reject," in that order.



"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
 
Posts: 26034 | Location: S.E. Michigan | Registered: January 06, 2008Reply With QuoteReport This Post
member
Picture of henryaz
posted Hide Post
quote:
Originally posted by mark123:
Service@domain_name.com is a good idea. Thanks.

Contact@domain_name.com also seems to be a good idea.

I have 4 domain names registered, the main one since 1997, and that is where my primary email sits. I have probably 3 dozen or so alias addresses that all forward to my primary account. Each domain has status@, which seems to be a benign address.



When in doubt, mumble
 
Posts: 10887 | Location: South Congress AZ | Registered: May 27, 2006Reply With QuoteReport This Post
  Powered by Social Strata Page 1 2 3  
 

SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    What’s your view concerning changing a long existing email address

© SIGforum 2024