The privacy guides recommended products for aliasing are simplelogin and addy.io. I currently use both these products and they’re both very good (although I prefer addy.io).
I’m currently in the process of replacing my email provider and I’m wondering if the privacy guide section means to imply that it’s a recommended strategy to have the aliasing managed independently of the email system.
I would think there is some benefit in having the aliases managed within the same system as the emails (as provided by fastmail for example), thereby reducing the number of times emails are exposed during delivery. Also being easier and clearer to use makes it less prone to privacy compromising mistakes. Am I right or is there some benefit of ring fencing the alias functionality that I’m missing?
I think it’s pretty much objectively better if the aliasing service is the same as your email provider. Having your mail go through two different parties is worse for privacy and kind of a pain to manage.
I use Hide My Email with iCloud mail and it’s quite nice, although iCloud leaves a lot to be desired privacy-wise.
It’s rare that an email provider will provide an aliasing service with the same functionality as the aliasing services we recommend. I believe Fastmail does though, so if you’re a Fastmail user then yes you could use that, sure.
iCloud has a good one as well, as mentioned above, but iCloud Mail is a poor choice of mailbox host generally. I don’t really know of any other email providers besides those two which 1) provide good aliases, but 2) aren’t already listed on our website.
A huge benefit of using SimpleLogin or Addy that @fria did not mention is that they can PGP encrypt all incoming emails, so that they are stored with your main provider at rest. If you use a standard IMAP provider like Fastmail alongside a local PGP-enabled client like Thunderbird then this is an advantage for using an external aliasing service. If you want to use Fastmail’s own web/mobile clients that don’t support PGP though, then this factor won’t make a difference for you.
Generally:
The most important thing for privacy is that you are using a different email address for every site.
The next most important thing, more for anti-spam and convenience, is that you are generating random aliases and saving them to a list so that they can be blocked later, and there isn’t a way for anyone to email you without already knowing one of your pre-generated aliases.
The third most important thing is probably just not using a custom domain. Custom email domains are common so it’s not a very widespread way of tracking people, but there is still a tracking risk if you are the only person using that domain.
The second and third things are where using a catch-all alias with a custom domain will typically fall short. You don’t want people to be able to spam you by just putting any address they want in front of your custom domain, and you want to have at the very least the option to generate aliases on a neutral domain like @simplelogin.com instead of your custom domain.
I use a custom domain with SimpleLogin, but I only use it maybe half the time, and the other half with less trustworthy and less important sites I will use one of their provided domains.
A subscription to Proton Unlimited (or Mail + Pass) gets you unlimited aliasing through Simple Login that is integrated nicely into Proton Mail. The aliasing can be automated easily at the time you create each new account in Proton Pass. To me, like @fria said, it makes a lot of sense to use a service that is integrated with your mail provider. I know Simple Login is technically separate, but they are owned by Proton and really nicely integrated. Using a separate service sends your mail through additional servers and also sometimes adds additional steps to the workflow of using the aliases that may introduce opportunities for forgetting to use your aliases properly.
Fastmail is in pole position for replacing my existing supplier. If I choose them it will be for their reputation, ease of use and comprehensive aliasing at the expense of e2ee which seems to me of negligible benefit. A much more significant part of my risk is my own incompetence and it’s important that I have a system that is as easy to mitigate against that as possible.
I believe I have figured out that forwardmail provides the aliasing and the e2ee but their documentation and support are too techy focussed for me.
Interestingly I’ve had a custom domain which I’ve used for aliasing for more than 20 years (I am planning a separate post on the proposition of replacing it with a new domain). I have used it without inhibition all kinds of terrible sites that have evidently sold the addresses on. Nevertheless I don’t get a problem with catch all spam that isn’t to an alias that I generated. Perhaps they are getting successfully blocked by spam checkers? This would actually be not ideal because I would like to see what is getting caught.
Gosh, I don’t think simplelogin and proton are nicely integrated at all, it’s a complete muddle, for example, as you’ve said, you need to subscribe to the password manager to get the full aliasing service. Yuk.
I’ve looked at using proton with aliases or simple login with proton and honestly it makes my brain hurt. The whole time I feel I’m being unlimited
I’m really liking my current work flow. I use cloaked for email aliasing without automatic forwarding set up. I use the cloaked inbox for all my email. I use a different email for every single service or account. Then if there are important emails that I want to save, I forward them to my Proton account. I dont give that email address to anyone. Also cloaked has a cool feature where you can mute an identity without deleting it. So you can still keep track of all the accounts you have without getting spam. You can also initiate email correspondence from the cloaked email and I think you can’t with some services.
They’re really only integrated as far as being owned by the same company. Proton Mail’s Web UI has a widget that allows creating an alias, but there’s no option to manage reverse aliases or anything of that nature. I’d argue that it would only be considered “integrated nicely” if the composition window in Mail allowed creating/selecting an alias as the sender address, with the “reverse alias” handled entirely in the background, invisibly to the user. (I do still use SimpleLogin/Pass aliases with ProtonMail, I’m just pointing out that it could be a smoother experience).
I am a pretty picky customer and it’s integrated well enough for me. You can create an entire account including your alias in Proton Pass. You can manage everything related to the alias in Proton Pass. It’s easily Proton’s best offering, in my opinion. I don’t even need the simple login app. Everything I need lives in proton pass, where it needs to be in my opinion. In my workflow, an alias is related to creating a new account. The process couldn’t be easier. I’m curious what other features and integrations other providers have that simple login doesn’t.
One example of poor integration is that you can’t use a custom domain with proton mail and proton pass at the same time. This suggests that at the back end the systems are still running separately.
In terms of extra functionality, a system like fastmail is more feature rich in terms of email/aliasing functionality.
However I appreciate the convenience of the total solution offered by proton unlimited and think it’s the best answer for a lot of people. If you are happy with your system that’s all that matters.
I have rejected protonmail/simplelogin, Forwardemail, mailbox.org and I’m currently favouring a combination of Thunderbird, addy.io and posteo.
In the back of my mind though is still the lovely idea of it all being in on one place ie FastMail. My free trial didn’t go too well, there was functionality that isn’t available and apparently when you first start the account your sent emails are quarantined for a while (hours) before they are actually released from the server. This is a big amount of friction when you’re testing.
I also found that they scored quite low on here Email test: fastmail.com . I’m not quite sure how significant this but their explanations for don’t quite stack up and I get the feeling that their system is tuned for efficiency rather than security. However this won’t affect my most important email contacts which will be custom domain aliases and therefore protected by my own DNS configuration.
One recommendation I have is don’t use the free evaluation periods for anything other than just a quick test to see if you like the general impression. Stump up for a month’s subscription so you can fully test everything you need to test. My testing of forwardemail and posteo was made much easier by the fact that they don’t offer free trial periods!
My dilemma now is do I give fastmail a proper try with a month subscription or just go with the solution that I found works ok.
The proton config I considered was a simplelogin subscription with a free proton mail but I only have mobile devices and some functionality is only available via a desktop browser. Like searching. Tbh I feel uneasy about the proton suite in general, who knows what will happen next with the sl relationship?
