Overwhelmed newbie - rushed email strategy guidance

Hello,

I have an long-standing account that will be closing in about 5 days, and in addition to salvaging the files and contacts from that history I am trying to improve my email practices. However, I am not a very technical person and I find myself having getting overwhelmed and could use some help. I apologize in advance for so many questions.

First, I also have been using a Proton Unlimited mail account for a few years now, but used the main/primary address contacts before I learned about aliases. As I understand it, I can avoid shutting it down and replacing it with a new account if I start using aliases to reduce exposure to the main account, and potentially set up a new address to use as the default/primary address for the account. Please correct me if I am wrong.

Threat model: it’s pretty vague, but I take privacy very seriously and do not want any contacts to know who else I am emailing. The closest threat model is at least from data capitalism and not making things super-easy for government, either. I also want to minimize damage if there was ever a leak or compromised contact. However, I will not be able to keep a constant ear to the ground about changes in the privacy world and need as convenient a solution as possible, especially for family contacts.

My research suggests that because I already have a Proton account, I could follow what some people do and make a custom email domain (mostly for portability reasons), then create aliases/dedicated addresses for the custom domain with SimpleLogin that direct the mail to the primary Proton address. That is what I was going to do, but it seems complicated to me and I’m learning that it can take a couple days for the new domain to activate and I’m worried I don’t have that kind of time. Right now, I’m tempted to use new addresses for Proton just to get through the week.

I also have questions about how to set things up for family and John Doe, and how to treat a Google account I have.

• If I meet someone new through networking, I presume this ought to have dedicated address vs regular family and friends? If so, I know my family would mix this up and give out the wrong address if they ever shared my contact info or needed to sign any documents for me.
• If I have 3 Google accounts because I set one up with my phone years ago, a second for a volunteer group, and the third has my name linked to it from the previous email service, what is the best strategy there (besides closing or ignoring the account)? I was going to use the google@mydomain.com format to keep it separate from Amazon and other services, but if I don’t set up the new domain would I be better off using a new Gmail account than to let Google know I use Proton?

Sorry again for all the questions and lack of terminology, but hopefully I’m getting my situation and questions across. Any help is appreciated!

You could use a SimpleLogin domain alias if you really need one that quickly, and change the address on the account to a custom domain later if you want.

A custom domain won’t help with that much since it can be reasoned that all addresses with that same domain are owned by the same person.

I am confused about SimpleLogin aliases, but as a quicker solution I am interested to hear more. I got the impression from some places I read that SimpleLogin could create a custom domain, but that it would not be portable, so is that what you mean? However, all the step-by-step guides I could find show how to make aliases for an existing domain from PorkBun and the like. Setting those up seems like they take a while to activate

That was my immediate concern, but a custom domain was pretty much unanimous advice I found anyway. I would have thought you get better anonymity using a “@protonmail.com” domain, so if that better suits my situation and I can avoid setting up a custom domain that would be great. I just want aliases that don’t reveal or compromise my main address, won’t be easily linked together, and won’t be blocked or look suspicious for banking.

I mean an alias from a domain that SimpleLogin provides, like my_alias@simplelogin.com.

Then you shouldn’t use a custom domain for those particular addresses.

It should be noted that you are able to use a custom domain for some addresses, and shared domains for others, depending on each need.

I see what you mean now. Thanks.

Thanks for clearing that up. If so few people are concerned about that, does it mean I am fixing a problem that I don’t need to worry about? Like I say, it seems most places I read (including Proton Mail communities) were all recommending custom domains, but I am glad if I don’t need to set this up right now.

Like with many things, there are tradeoffs. Using custom domain email addresses offers greater control and portability, but less anonymity. You can choose which trade to make for each address. For example, with my use case, I mainly use aliases with a custom domain for services that already have enough PII (like banking stuff) to the point that there’s no anonymity loss from the email address.

Thanks, that’s a good explanation. Applying that, I will use the alias for the YouTube/Google account I mentioned in the OP.

Applying your explanation to this question, it sounds like this would be a better situation for a custom domain?

Any thoughts about having shared my main Proton address for a few years? I just change the default address on the account and it should be OK?

Should be fine to simply change the address on each external account to an alias (custom domain or not).

Okay, thank you PaleCrow.

It sounds like I will probably follow a similar setup to yours and still have to create a custom domain for banking and such, but your explanation that I am better off with the SimpleLogin aliases for most of my uses is a big help. Thanks!

If you buy from reputable registrars, a domain name is propagated within 2 hours usually.
Meanwhile, if you do that people will know who that custom domain belongs to quite obviously.

SimpleLogin makes it look quite bad/complicated because of its UX yes.

In short and simple, I recommend:

• buy yourself some Addy.io account by either paying with monero or gift card via Proxystore
• get yourself a brand new (free) Proton account (no need to pay for anything)
• link both together, alias Addy goes into Proton
• never share/use the proton email and don’t use it as a mean for communication with friends/family, prefer Signal

No need for a domain name. Less portable but more privacy + less configuration to do.

No, alias for everything.
If for humans, share a public Signal username.
You could have a more private Signal username for your close family.

Otherwise (if trustworthy), you could also just share the Addy account with your family and let them manage the aliases themselves, kinda what I explain here. You could then have 1 alias into 1 or 2+ main email accounts.

Also, prefer to avoid people doing things for you as much as possible.

Download the data from each of the 3 accounts for backup purposes (in case you forgot to retrieve some info there).
Then delete all of them. Update the emails on places using it beforehand too if needed.

Why stressing yourself with a deadline here?

I’d focus on doing it right rather than doing it quick.

You could have an anonymous Proton and anonymous aliasing.
Meanwhile, if you pay for either with your regular bank details, you’re not really anonymous for either no more. Hence my solution above without any KYC.

When you read something, consider asking yourself if you should be considering that or not.
Not everything common/achievable should be your way to do things.

I meanwhile would never share my Proton email account.
Why not for the alias system but not the main email box.

Thanks, kissu. Sounds like I really don’t need a domain but maybe timeframe isn’t as bad as I read.

I’ll look into that. I already set up some aliases with SimpleLogin, but not everything is set up yet. I don’t use crypto.

Unfortunately, I need access to Google for volunteer work I do and was set up with a Gmail for one of them. I figured I’d be better off compartmentalizing with Gmail than link to my other emails.

It was a school account they aren’t supporting anymore. I had more notice than this, but couldn’t get around to it in earnest until recently. Not my deadline, unfortunately.

I’d agree and was planning to do that, but see my point above.

So, create a free Proton account with SimpleLogin or Addi aliases?

Fair. I’m glad I came here for help, because other sources (even privacy-related) made it sound like the way to go.

Lesson learned. I just didn’t know about aliasing.

Can always update with an alias. Being on Gmail just because of 1 place sounds quite an unnecessary (if I may?) burden.

That’s how I do it yes. That way, full anonymity and ease to use.

Haha, everybody is different.
I tend to also go a bit extreme (like using GrapheneOS on a Pixel and nothing else) but I do understand if people have different needs. In this case, there are different ways to solve a given problem hence it’s also nice.
Yet overwhelming because it’s not a 1-size fits all kind of situation.

Very fair. I also wasn’t sure what it was all about before I started.

Assuming you’ll be the only person using the domain, it’ll negate that threat model. Custom domain will make you very, very unique compared to few million people sharing @gmail.com or @proton.me or @simplelogin.com etc.

No its not. The whole thing could take just a few hours. In fact most domain registrar are automated. After payment, and assuming theres no kyc problem etc the domain will be instantly useable. What can take some time is when adding new dns record of the mail provider since dns can take few hours to propagate. At most everything would take less than a day.

• Does this mean I should cancel my subscription with Proton and transfer all those accounts to aliases, too?
• What’s the strategy for job applications, banks, and government-facing needs?
• Also, if I have a Proton account anyway, isn’t it better to have only one organization (SimpleLogin/Proton) handling my emails than to involve another party to trust? At least, a video from “By Default” explained it this way and it made sense.

Unfortunately, Google seems to work well for small organizations with poor funding. Also, most folks don’t seem to care. I don’t think I can get out of using Google Drive or Classroom, so to me it seems like a better strategy to use Gmail for these groups than to use a SimpleLogin alias, especially if I don’t really use a desktop computer and Google knows my accounts on my phone already, or am I wrong? I plan to switch to a GrapheneOS phone soon, but even then I could have a similar problem as a volunteer.

That’s what I thought. Maybe the odds aren’t good that Amazon or Google will see the same domain twice and connect the dots, but if they did it would be an easy connection to make. EDIT: This thread is an example of why I was led to believe a custom doamin would be necessary: Reddit - The heart of the internet

I, personally, do not use Proton enough to justify paying for it.
And it’s perfect because I don’t need to provide any banking details.

If you’re satisfied with the same workflow as me (free Proton Mail + paid alias service), then sure you could cancel your paid subscription and make the switch.

Alias, alias, alias. Especially for throwaway situations like job applications. Tbh, that’s the one that made me think more seriously about aliases in the first place because of the sheer amount of broadcasting my email in every direction to non-caring startups etc.

Plenty of similar questions on that topic on this forum.
TLDR is:

1. either go all into 1 company and be screwed if they become evil
2. compartmentalize and split the services but spread your trust

I chose 2., mostly because I do not consider Proton good enough for each aspect hence I’d rather hand-pick the best service for the job.
And that comes with Addy > SimpleLogin, Addy is just objectively miles ahead in terms of UX/usability.

Same, Proton Drive I do not care that much because I’d rather have my own NAS.
Proton Calendar doesn’t work perfectly enough (yet it’s close), hence another FOSS tool instead.

Proton VPN is too much KYC for the paid benefits, other recommended ones are individually better. Also I do not care about switching countries because I do not pay for Netflix.

Proton Pass is totally useless when having a local Keepass database.
Proton Authenticator, I’d rather use the one baked into my Yubikey or Ente Auth.

Proton Docs/Sheets/Meet are either targeted towards businesses or not needed to me (I use local LibreOffice suite if needed).

As you can see, I mostly want the critical part (emails) to work at all times, hence why I do use a service.
The rest I do not really use/care, so I am fine not embracing the entire ecosystem.
I tried, it is just not good enough hence I’m fine self-hosting some of the stuff to have it more private + better features-wise.

The idea in case 2. is meanwhile to not have accounts at 15 different services either, so go carefully and consider the risks for each company you’re adding to the mix (if using their cloud service).

Again, this is for me.
Consider your own use case, needs/skills and if this also applies to you or not at all.

Those 2 are very unrelated if being honest.
You can be Jezz Bezos/broke student and send an email to any email server. It being Gmail, Yahoo or even Hotmail.
Email is a standard protocol, you don’t need to be a big tech to receive/send some.
You mostly just need a good reputation to make it work, hence server admins needs to handle DKIM/etc and have a good track record of not being banned/marked as spam by their users.
Never had a single issue with Addy’s servers, their email reputation is very much well set and works flawlessly.

To your school, an ****@addy.to or ****@gmail.com will be the same because the email is again: a standard protocol. It’s not only Gmail ↔ Gmail compatible. Hopefully, imagine otherwise!

I never used Classroom so I don’t know for that one but moving away from Google Drive is not a bad thing. Plenty of online solutions exist that are more privacy respectful.
Also, you can always open some of those for read purposes without a Google account if set with the right view permissions.
TDLR: doesn’t justify being on Google for such minor things.

Small organizations do not care and use Google services you mean?
Yeah because they don’t know better and are not tech-savvy.
Your personal usage of tech doesn’t need to be tied to a public establishment tho.
John Doe is using Gmail and all Big Tech, doesn’t mean you need to follow the crowd and do the same if you have good reasons (like privacy, sovereignty, not needing to pay for Gdrive once you’re past your free tier etc).
Don’t be like John Doe and opt out from the mainstream defaults.

You do everything on your phone, no laptop/desktop for real work?

Google knows your accounts so what? We just give up and continue to give everything from now on?
Or do we slowly opt out to achieve some proper de-googling?
Why are you here if not to extract yourself from Big Tech’s claws?
Just skip aliasing, Proton, Graphene and stick to Google, it’s simpler and works.
Bear the consequences of it then tho.

Defaults are always simpler, cheaper and just work out of the box.
You wouldn’t have companies around those products otherwise and everybody would be self-hosting their FOSS tools.

Not sure that there aren’t ways to fix those “problems” with some healthy and basic solutions.
I did quite some volunteering too, yet I never put the organization ahead of myself. I do come first and will not compromise my own security/privacy in favor of free labor.

Wait, did I read that maybe the 2 biggest ads-fueled Big Tech companies could do their job poorly and make a cross on your personal data? You really think that’s a thing?
It’s like saying

Man, I really hope that this professional renowned jewelry thief looking at me across the street from his hotel room with binoculars will not rob my small yet rich store full of diamonds during NYE’s messy situation.

Please reconsider your take.

Not sure if the Reddit post is about SimpleLogin going down or something else?
I do care about privacy more than ease of use. If Addy goes down, I’ll migrate all my emails.
I do take that balance over convenience.

I also love how people do only consider their aliasing service going down and not email server. Like, both can go down/become evil you know.
Hence what, self-host both? Argument is kinda fragile.

No software is eternal, accept that and make your choices based on convenience/security/privacy with a Venn diagram to see where you land.
I chose the friction-ful path, but I do get both the best worlds of privacy + security.

1. like the person behind Addy ↩︎

Good points about not paying for Proton and switching to Addi. I like your strategy, but if I switch I won’t be able to pay via crypto so I’ll have to give that some thought. I am paying for Proton with a credit card right now, so I would want to fix that if I switch.

My point about volunteering is that I won’t be able to convince the existing groups to leave Google, and for the time being I still want to be in those organizations. One of them set me up with a Gmail account with a custom domain for the organization, and everything is done in Drive, Classroom, Meets, etc. I agree with you 100% about big tech, but admittedly that will have to be a fight for another day and I will leave things as is this week- I might start a new topic about this after I’ve taken care of the old email account I need to parse through this week.

Correct, I don’t usually have access to a desktop or laptop.

The reddit/other agruments in favour of a custom domain is so emails aren’t rejected and for professionalism. I’m convinced I don’t need a custom domain but still want to address these issues.

Thanks!

If in EU, you can always get a gift card from the proxystore.

You can move by yourself without needing everybody to move away.
Most of the Google services still work without a Gmail email address.

Oh wow, using only mobile devices will indeed make your life quite much harder as a whole given how controlling apps/mobiles are as a whole.
Also, some stuff is just not available/practical at all on a smaller viewport…

As said above, never was an issue. An alias service doesn’t make it easier/harder to get rejected, it’s just a proxy.
Moreover, a custom domain can actually be worse if poorly configured.
So that one is a fully invalid argument.

Alright, let’s cover all possible use cases for that one from my own experience:

• job interviews: nobody cares, and I don’t want to let 50 random companies know who I am and where I do live all the time, so a very good use case for an alias service
• actual professional job: I gave them an alias, never cared about it being an alias, didn’t even asked why is it “different”. They also just gave me a professional Gmail one for SSO purposes
• you’re a freelancer: all of my clients never cared either, they just copy-pasted where needed and rolled with it. I make actual money and do send invoices with that alias on it. Never been a problem either.
• my tax accountant: found it weird but I do receive/send emails from there, all that matters
• my own company/personal brand: I could have something public facing, yet it’s not mandatory and can be skipped entirely to avoid being spammed by bots, nobody will deny that
• visit card: I do not have one, yet I would also definitely just put an alias there too if I feel like an email is needed. Maybe I can also just have a QR code there that redirects to my website/Signal/other.
• buying something very expensive at a store: they will look weird at you being worried that you might lose the email and the precious receipt for a potential long-term warranty. To which you can just say “Don’t worry, I received the email properly”, yet still ask for a physical receipt that you can then save/backup properly and safely.

So overall, given the extensive points above, I am not sure if professionalism is a concern.
I am fervent defender of

“dont-come-and-bother-me”-alism, here’s my alias

kind of approach.

It’s just fine to stay strong on your positions and assert dominance when it comes down to what you expose/or not.
If you can’t do that, how can you have people respect your privacy at all?
Email is a small step, don’t trip at square 1.

OP, if I’m honest, it sounds to me like a KISS method (Keep It Simple Stupid) rather than the “kissu method” is what you’re after. Not to say their suggestions aren’t good, they just seem far too complicated for where you are right now on your privacy journey. You can always get more sophisticated later if you want, but for now (seeing that you have a deadline and you’re relatively new to the idea of aliases) don’t try and get too fancy else you might find yourself in a situation where nothing works and end up driving yourself nuts.

My simple suggestion would be:

1. Create a 2nd Proton email in your existing account. This will be for friends and family. Don’t stress too much if they happen to share it (if it becomes a problem, down the track you can update your email with those people/providers they have shared this email address with.

2. Create a 3rd Proton email in your existing account. You will not share this address with anyone. This will be a forwarding email address that you will point your aliases to.

3. Start using and migrating to SimpleLogin aliases for everything else.

4. Slowly deprecate the use of your original Proton email address and the gmail addresses (maybe just keep that one gmail address going for the group thing).

At some point, you can look at getting yourself a custom domain (these can are handy for when a service is not accepting of an SL alias address ..or portability if you’re really worried about the very, very unlikely chance of SL “going evil” or closing shop.

You can (and should) reassess your threat model when the you have some more time to spare.

Oh, and DON’T delete your gmail address/es for at least 2 years (or until you are absolutely sure that you don’t have any random services or login details attached to those accounts anymore)!

Anyway, that’s my 2c. Good luck!

Oh hey!
This is exactly where my username comes from^[1].

I just share my POV yes, not saying that people should copy it.
Meanwhile, sometimes you can’t just do the thing later on or progressively because it will just be postponing and/or delay the work anyway.

My approach is not that hardcore tho:

• get Addy with giftcards or crypto
• get a new free Proton email account^[2]
• forward Addy → Proton email
• done

Benefits of it:

• no need come back to it later on
• deal with anything Gmail-related as a parallel topic that can be dealt with anytime later on
• fresh and fully anonymous approach that leaves no traces and starts with a blank slate
• tested myself and working flawlessly with flexibility of just using addy.io and/or custom domains later on if needed
  • been on the SimpleLogin bandwagon, it’s just a honestly worse experience that I cannot recommend to anyone if being objective
  • my family actually got a very bad and slow adoption of SimpleLogin’s mobile app, Addy’s clicked instantly and was less of a friction overall tho, YMMV but my personal one was far more positive with Addy’s UX
• depending on which deal you take^[3], it might actually also be cheaper: 36€ yearly total (including taxes)
  • you can even add another PG-recommended VPN (non-Proton) to the mix and it might still be cheaper even if you have a family

Hence, not sure how this one could happen with 3 easy steps.

Now, let’s check your approach point by point:

• Create a 2nd Proton email: been there, done that. It will be annoying to have the mental burden of “damn, which one do I need to give again? this one or the other?”
  • moreover, requires a paid Proton plan, hence KYC with your bank details
  • This will be for friends and family, you use emails communications between friends/family rather than something like Signal?? Addy can help you forward 1 alias to 1 or X people’s mail boxes with a breeze. No need to forward any kind of stuff back and forth, you handle it in 1 place^[4].
    • Want to do 1 alias into X mailboxes on SimpleLogin? Good luck. Tried that one myself it’s achievable-ich but very confusing, not planned for and I don’t think they are ready to implement that kind of change anytime soon. Addy’s dev’s roadmap is public and doing pretty well overall. Gonna give credit to good work where it’s due.
  • if it becomes a problem, down the track you can update your email, so quick win but enjoy redoing all the work down the road once you face some issues? Opting in to aliases now saves that kind of cumbersome work from the start and you will never look back.
• Create a 3rd Proton email, so 3 email main inboxes is simpler than 1? Proton still knows it’s you with the 3rd one too btw. Might not be a relevant threat model to everybody but it’s one that you might again, opt out early on if you burn your trails and start from scratch.
  • also, if Proton goes evil, you’ll need to move your aliases and main inboxes that day too → more work down the pipe for quick wins early on.
• migrating to SimpleLogin aliases:
  • subpar tool that is hard to recommend^[5]
  • an alias service, hence not simpler than Addy meaning that OP will still need to understand how an alias service works it being SL or Addy, I don’t see where it’s more KISS than my approach because the learning curve will still be there nonetheless
  • want to move away from Proton to let’s say Tuta (or else?), sure enjoy migrating your SimpleLogin + paying for it now

OP explicitly said they do not want that, hence no point recommending it.
It is anyway compatible with both Addy and SL, hence no need to add complexity for it right now.

Yes. With the asterisk of: no need to wait 2 years for it to be effective.
If you make a Google backup of your data + are sure that you updated all of your accounts from Gmail’s to aliases’, no need to wait extra.
Anyway, only work + government + taxes + banks + paid things are important here but that’s as easy as going through all of your Gmail received/sent emails domain by domain.

1. from the KISS principle ↩︎

2. no bank details needed ↩︎

3. if going down from paid Proton to Addy + free Proton mail combo ↩︎

4. as explained at the bottom of my message here: For people who use email alias, what things do you use your actual email for? - #17 by kissu ↩︎

5. do you recommend a subpar solution to someone willing to switch from iOS to Android? no, you recommend GOS and it’s a done + forget kind of deal you could start with LineageOS , /eOS/ or whatever but what’s the point exactly?? ↩︎

@kissu They said they already have Proton Unlimited so I’m going to assume that they are using Proton Pass as their password manager. If that’s the case, it makes far more sense for them to manage their aliases in Pass (no need for SimpleLogin UI). Even if they are not using Pass as their pw manager, they can manage all their aliases in Pass as it’s far better UX than SimpleLogin (and even addy imo).