How can we improve ProtonMail?

*Unlimited* Disposable Email Aliases

Startmail explains it perfectly. They offer unlimited disposable aliases, which expire within a given amount of time. They also offer custom aliases which can be saved and used indefinitely.

It is the disposable alias which will help protect privacy, when submiting an email to an untrusted recipient. After all, how much privacy do we have if our fixed emails become the foundation for building and selling our marketing profiles, just as is done by gmail. We limit personal activity virtual trails by disposing of aliases for casual uses. But, unlike custom aliases, which build on our identifiable original email address, disposable aliases divert from our true email identity by utilizing a sub-domain created for this specific purpose, such as: xxx@tda.protonmail.com (tda = temporary disposable alias)

You avoid abuse by limiting disposable alias creation on a daily basis. Perhaps 5 max per day.

Here is Startmail's explanation:

https://support.startmail.com/index.php?/Knowledgebase/Article/View/3/0/aliases

The Blur service (by Abine) also offers a "masked mail" free service. But their service is not encrypted:

https://dnt.abine.com/#feature/masking

12,341 votes
Vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)
You have left! (?) (thinking…)
LUH3417 shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

67 comments

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    This is how I maintain a spam-free inbox in Hushmail, and the only feature they have that keeps me there. I maintain a paid Protonmail account, but don't use it because I don't feel confident I can keep spam at bay. I have no interest in searching through a spam folder for something valuable that made it in there, it sort of defeats the purpose of that automated spam control... I still have to check it. With Hushmail's "@nym.hushmail.com" alias feature, I give many new services a unique email address. If I ever get spam, I can see which it was sent to, change my email with that provider(s) and make a new alias for them. No more spam. Hushmail is not as private or secure as Protonmail, but I find this system so valuable, I'm not willing to make Protonmail my new permanent email home yet. I sincerely hope this changes.

  • Casper Jonquil Mad as Hell commented  ·   ·  Flag as inappropriate

    Hello,

    The use of the "+" plus sign kills it for protonmail alias' on so many email systems. Show your support here:

    https://protonmail.uservoice.com/forums/284483-feedback/suggestions/31527985-improve-addressing-with-extension-character-allow

    I post this feature/change request as a fork from this discourse. It's related but deserves the same attention and support.

    Please consider passing some of your votes in its direction.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Trust; Protonmail is not listening. The book is closed on this one. Same as the stuffed-up alias using the "+" plus-sign instead of a "." or "-"

    Zero intent to fix it.

  • Anonymous commented  ·   ·  Flag as inappropriate

    I second that suggestion.

    I'd love to create e-mail addresses such as kxhrqdskmlnwpg@protonmail.com for a registrations at random websites. They don't have to be pretty or short, they just need to be unique for each website.

    It would make things way easier and more secure than having something like three e-mail addresses, one private, one semi-anonymous and one anonymous. If you want to prevent spammers, add a limit such as 3 addresses per day.

  • Anonymous commented  ·   ·  Flag as inappropriate

    This is the only thing blocking me from switching to protonmail. My email service (fastmail) has unlimited aliases. They also have about 100 domains you can register these aliases to such as fea.st, proinbox.net, fastmail.net, speedymail.com, etc... If you guys had this and a bunch of random domains we could use I would switch. One thing that fastmail got wrong in their implementation is allowing aliases that are deleted to be used by other people. I ended up picking up an alias that had been used by someone else and getting all their mail. An alias should be permanently unavailable if someone else claims it, even if they subsequently delete it.

  • LUH3417 commented  ·   ·  Flag as inappropriate

    When I first created this suggestion, I was frustrated by PM policy stating the 5 additional addresses given to paid users were fixed. Meaning once you delete one of them, perhaps because you began to receive spam, that address would not be replaceable. Which seemed/seems very unreasonable to me.

    While the blur service is great due to its truly unlimited nature, in most cases, users are going to create a finite amount of 'disposable' addresses. Another option is to place a ceiling of 200 on the number of active disposable addresses used at any given time, similar to the limits you placed on the number of active folders for paid users.

    If a user reaches their limit, they can review their active addresses, and select an existing disposable address to use for an additional recipient. Blur also allows a user to utilize a disposable address for multiple recipients. And next to each entry, you can indicate how many distinct recipients it was sent to.

    What makes this approach remain unlimited, is that at any point you feel the need to delete one of the disposable addresses, you can replace it with a newly created one.

  • Tom Buxton commented  ·   ·  Flag as inappropriate

    this is a great idea. love abines features but would rather see this in protonmail.

  • Dustin commented  ·   ·  Flag as inappropriate

    About Laurent's post, I guess it depends on your use case. If you're looking to give a disposable address to, say, Target? That's not going to be encrypted no matter what, and I would assume Target has already sold everything they can about me, so I have no expectation of privacy there. Add on the other hundred similar companies. Those are what I want disposable addresses for. I don't really have a need to give a disposable address to someone who also uses ProtonMail, and can be encrypted, but I'm sure others do.

    Spamgourmet says they're supported mostly by donations, and that they don't keep any of the email they forward, but I suppose you'd have to trust them.

    Allowing more control over sending from addresses in your own domain sounds like a reasonable solution if you want to trust only one company. Plus there'd be no worry of limits with the number of aliases. Plus you can take your domain with you if you have to. That sounds like a pretty good solution, actually. All Proton would have to do is allow you to reply from whatever email the catch-all was sent to, and maybe allow blacklisting and whitelisting of what comes through that domain, just to make the solution less manual filter heavy. Then you can give CitiBank "citi@mydomain.com" and everything will just work. If end to end encryption works with custom domains, that seems like the ideal solution.

  • Laurent commented  ·   ·  Flag as inappropriate

    Dustin has a good point. The issue is that if spamgourmet is able to provide it for free, they must be able to get something from it : your data. To answer Dustin, yes it definitely kills end to end encryption. Spamgourmet and Blur are able to read the whole content of every e-mail going through their addresses. I would love to have a disposable address with good security and privacy from which I can reply to e-mails. Protonmail Pro lets you have a catch-all on your domains, but you can only send e-mails from limited addresses.

  • Dustin commented  ·   ·  Flag as inappropriate

    I just use spamgourmet.com. Infinite free disposable addresses, and I switched it from directing to gmail to ProtonMail in 5 seconds when I switched services without having to give anyone a new address.

    I'm not sure if this messes with end to end encryption, but I don't know anyone else that uses ProtonMail anyway, and I would just give those people my real address.

    If Proton added disposable addresses, I doubt I would bother using them over SpamGourmet anyway.

  • B commented  ·   ·  Flag as inappropriate

    I own my own domain, and I don't think the catch-all option solves this. With catch-all it could literally be anything @mydomain.com and you'd get the message. I'd like to ratchet it down a bit and only allow mail to names I've setup. If ProtonMail already offers the catch-all option for custom domains, it shouldn't be too much to offer unlimited aliases for custom domain users. If I'm wrong please explain it to me, and I may upgrade to the next tier.

  • DB commented  ·   ·  Flag as inappropriate

    Disposables are cheap, but not free.

    I own my own .net domain, I set up a 2018@{mydomain}.net and give it out. If the service ends up being worthwhile, I change the email address with the service to a more permanent email address.

    When 2019 rolls around, I look at December's emails to see if I want to keep anybody, and delete the 2018@{mydomain}.net and add 2019@{mydomain}.net.

    This does require me to get a .net domain ($13? / year) and support Protonmail with their "Plus" service level ($4/month). I would posit that if one is unwilling to spend $60 a year on secure email than it's just not a priority for you.

  • SkidX commented  ·   ·  Flag as inappropriate

    The work-around using the mobile webapp (not the Android app).

    1. You have a contact you want to share your email with but would like to use a personalized alias for obvious PRIVACY reasons (are you listening protonmail?!).
    2. Go to your now spam filled YahooHacked or GoogleSpy account.
    3. Send an email to yourself using the desired alias.
    4. In protonmail webapp (android or desktop) only, find the email you sent to yourself.
    5. FWD or RPLY and change the [To:] to your contact with whom you actually want to converse with.
    6. In all future correspondence with that contact, simply find (search) a previous email in protonmail using the same [From:] alias that you created, reply all and cleanup the message (delete contents) and start again (so you don't have to go to your external account to repeat steps 1-to-5). Again only from the webApp (android or desktop) - it will not work from the playStore "dedicated" app.

    It's a pretty sorry state when it comes to this, but Protonmail evidently don't want to come to the party in any manner (they would rather give you a discount or refund).

  • SkidX commented  ·   ·  Flag as inappropriate

    From my discussions with protonmail support, this issue and alias problems in general will never be corrected. I suggest unhappy consumers vote on playstore. It seems the only place they take notice and also ask for $ back or a discount on your next renewal.

    I have found using the webapp version on Android to be a far more pleasant and useful experience. Using the webapp you can actually reply to en email that has contacted you via an alias address WITH THE VERY SAME alias address. Something not possible with the "dedicated" android app.

  • Snape commented  ·   ·  Flag as inappropriate

    @Ross,

    Well no it can't. Not without a domain.

    I expect most customers voting for this don't want or can't be bothered to go obtain and maintain another bit of tech when quite simply the email provider (protonmail) should just provide this OOTB. It is the whole idea of an alias and should be a fundamental right to privacy. Strangely it appears to fall on deaf-ears with Protonmail development.

  • Ross commented  ·   ·  Flag as inappropriate

    You can already achieve this: Upgrade to Pro, which allows "catch-all" addresses for your own domain. Then you can hand out any addresses you like, to whoever you like, on your domain, which solves this problem.

← Previous 1 3 4

Feedback and Knowledge Base