One inbox to rule them all. Not long ago, Google sold us all on this idea, with their seemingly limitless storage so you would never run out of space. Entering a real name to sign up for an address (they used to check, anyway), you could then abandon an old @aol or @hotmail.com address and move happily with Google into the future of email.

Since then, you probably can't count the number of times you've given out your email address. Every online purchase, every store loyalty signup, every kids' activity, and so on. More causes for regret whenever spam from some store you went to once keeps showing up in your inbox.

Here's another cause for regret. If two anonymous datasets both contain the same email address, computers can be reasonably sure that both datasets are about the same person. Given that two pieces of anonymized information can pinpoint a person, having a stable email address that you give out across multiple arenas isn't a good idea. Something as random as combining purchase records with your EZ pass records, for instance, can make you stand out from a crowd.

If that seems too far-fetched for you, then try this cause for regret: When a company sells that data along, you won't know who did it. If you give everyone the same email address, how are you going to know who the bad actors truly are? 

Or how about this: did you know that most emails that come from companies and mailing lists have trackers embedded in them? They want to know if you've read them and any other information they might deem relevant about you, whether you click on the embedded links or not.

When it comes to entering email addresses online, whether for a purchase or some other cause, here are the tricks I use to keep 'em guessing.

Have lots and lots of email accounts

Seriously. Lots of them. 

I have a few professional accounts, a couple of personal accounts, and at least three dozen others. I earmark each of them for specific things, so that data about different parts of my life doesn't bleed over or converge with other data gathered around that same email address.

My friends who ran their own servers in the early 2000's taught me this trick. One of them served his own email so basically anything addressed to something at his domain name would get to him. So he would give out creative versions of that address: tickets@..., airlines@..., school@...  Each of the address lines helped him sort out which mail was for what, as well as whom it was from and what it was likely about. 

I do something similar, although they're not all hosted at the same place or addressed to the same @domain.  This helps me keep different parts of my life separated, in a way that would be difficult to piece back together if a database were just scanning for email addresses. It also helps me to keep my life relatively organized, given that I often have a lot going on at once. If it all came to exactly the same inbox, I'd be sunk.

It also helps me to track if someone has bought or sold an address. As soon as something comes into my airlines@ address that isn't from an airline, I'll know.

You can use these accounts as different logins as well: one for the gas company, another for electric bills, another for social media, whatever. That's the great thing: you can choose. And if everyone has a different address for you, then you don't look like the same person when those datasets get combined.

Quick note: don't use the same password for all your accounts, please! You can use a password manager like LastPass, if you'd like. Or write them down in a little booklet you keep under your pillow.

If you already host your own email, great! If you want to give it a try, you can always start out with a service provider to avoid the steep learning curve.  ionos.com and zoho.com hosting, for instance, won't read your mail; most webhosting sites, like www.dotster.net or www.bluehost.com will also allow you to host email accounts on your own domain name. Note that you will need to purchase a domain name, register it, and link it to your hosting account: some services will help you to do this. Pricing and options change frequently, so look for something that allows you to make multiple addresses or aliases. 

In a pinch, I have also made accounts at www.mail.com if I want to spin something up that's separate from my regularly hosted mail. They offer cute domain names like @cheerful.com or @toothfairy.com.

Of course you will pay for a commercial service. But when you invest a little more time or money in your email, you become the customer, not the product. 

Won't This Ruin my Inbox?

If the idea of multiple email accounts pinging you is giving you the heebie-jeebies, never fear. You don't have to log in separately to many different accounts! Here it is helpful to keep in mind the difference between an account, an alias, and a mask.

An account is an email address that has an inbox attached. You can send and receive mail from that inbox. You can have folders, save contacts, etc. These things can be attached to your email address.

This is different from your mail application. We don't always log into an email account directly: sometimes we access it from software on a computer, phone, or tablet. Mail applications include Apple Mail or Microsoft Outlook or Mozilla Thunderbird or Newton Mail and ... the list goes on).  You input your mail server's credentials and your login into this mail reading application and it will access whatever is in your inbox. 

I actually run several concurrent mail applications, each of which access different collections of addresses. My work stuff stays in Outlook, because that's what my work dictates. Personal addresses go to different email software to help me keep a balance between work and home. Others go elsehwere entirely, or are only accessed via a web login.

Remember, for me it's an advantage that my emails are NOT all in one place. I actually find it well organized and easy to manage the different parts of my life with this system in place.

But you don't always need a full account. Sometimes you just need an address that directs somewhere else.  An alias is an email address that doesn't have an account: instead, it forwards directly to an account of your choice. You can look for an email hosting service that gives you lots of aliases, because that's what will let you set up airline@....com and have it forward to an inbox with everything else. 

The disadvantage of aliases is you can't always send mail looking like you're sending from an alias. Some programs allow you to do this (Thunderbird being one), but not Apple Mail, for instance. But for emails you only expect to come in, not go out -- like, airline tickets!-- this may be perfectly acceptable.

An email mask is like an alias, except usually it provides some other blocking or obfuscation tools. More on masking, coming right up.

Email masking

Two new services--from two of my favorite privacy-conscious companies, no less-- will create "email masks": essentially, dummy email addresses that forward to your designated email account.

I can recommend them both, because they're incredibly useful and pretty easy to use. I use both regularly. They are each a little unique, though, so they're worthy of some explanation so you can match the right tool for the job.

DuckDuckGo's email masking service allows you to give out a single email address, your handle @duck.com, and then forwards whatever messages it gets to your email account while removing all the trackers that are embedded in those emails.  If you need to reply, it will mask your reply as if it's also from your @duck.com address.

Firefox Relay allows you to make (currently unlimited) email aliases that also forward to whatever address you give them. You can either choose a random string of alphanumeric characters @mozmail.com, or a handle of your choice @your-subdomain.mozmail.com.

This is super handy. Just yesterday, I tried to buy something online and gave out a Relay address. The store canceled my order without a reason, then proceeded to spam me with promotional emails. I just clicked "delete" on that Relay address, and voilà, all gone. 

Relay also offers a phone service where they will give you a relay phone number (more on that and burner phone numbers elsewhere), so you don't have to give out your personal phone. It didn't work for me, but your mileage may vary.

On another note, if you sign up for my newsletter you are very, very welcome to give me an @duck.com or an @mozmail address. In fact, you could sign up for one of these services right now, and try it out by clicking the subscribe button.

Note also that some systems, like www.Zoho.com or www.Fastmail.fm and a few others, will allow you to use a handful of aliases, so you can send mail from one account that looks like it's from a different address. Also good in a pinch, although they don't remove trackers or offer unlimited options.

Temporary email

Another option if a quick and disposible email address will do the trick, is www.10minutemail.com,  https://temp-mail.org or https://temporarymail.com/ . This is good to use if you are buying something like,say, one-off concert tickets or trying out some online service you don't know or trust. Something where they will deliver right way, but you don't want them to be able to contact you afterward.

The site makes you a temporary email address that is usually good for 10 minutes, or for as long as the window is open. You can forward a message to yourself at another address (try a @mozmail relay for extra protection!), or print things, or send, or whatever you need from that inbox.

I use 10minutemail.com frequently, for all kinds of signups or access points online that I just don't care about but that need an email address from me to access them. I even temp-mail.org recently in an attempt to spin up an obfuscated Amazon account. 

Beware that once those 10 minutes are up or you close the window, you will lose all access to the email address. That is, after all, the point.

Is this really private?

This is admittedly different than the usual privacy-talk.  For one thing, it's not about how to have private conversations.

If you need to have private conversations, by all means spin up a PGP key, get a Protonmail.ch account (I have one of those too), use encryption, etc. And please, follow good privacy practice and don't send important information like credit card numbers or social security information in the clear (i.e. without encryption).

It would also seem really insecure to have a lot of email addresses in a lot of places. What if one of them got hacked? Wouldn't it be safer to stay with a big company?

Not necessarily. As the celebrity iCloud scandals showed, having all your eggs in one basket doesn't make you safer. If anything, it means once someone gains access they have access to everything. If you've already broken that party up, then all they get is ... maybe your old airline tickets.

In fact, the above issues are at their core security issues, such as safety from hackers and end-to-end encryption. They're extremely important, but they don't always address the problem of data autonomy.  The latter is also not going to keep you safe from de-anonymization, from targeted advertising, or worse.

In fact, follow them to the letter, and you'll end up trusting more of the Big Tech companies with more of your data. Like embracing the encryption in WhatsApp while ignoring the fact that between your WhatsApp, Facebook, and Instagram activity, Meta has you cornered. Or like putting everything in Google Photos only to have Alphabet use your pics for facial recognition training. Etcetera.

If not necessarily about security, the above methods I use for email obfuscation are a form of privacy work, one that ensures your data autonomy and makes it hard for third parties to de-anonymize you later.