How can we improve ProtonMail?

*Unlimited* Disposable Email Aliases

Startmail explains it perfectly. They offer unlimited disposable aliases, which expire within a given amount of time. They also offer custom aliases which can be saved and used indefinitely.

It is the disposable alias which will help protect privacy, when submiting an email to an untrusted recipient. After all, how much privacy do we have if our fixed emails become the foundation for building and selling our marketing profiles, just as is done by gmail. We limit personal activity virtual trails by disposing of aliases for casual uses. But, unlike custom aliases, which build on our identifiable original email address, disposable aliases divert from our true email identity by utilizing a sub-domain created for this specific purpose, such as: xxx@tda.protonmail.com (tda = temporary disposable alias)

You avoid abuse by limiting disposable alias creation on a daily basis. Perhaps 5 max per day.

Here is Startmail's explanation:

https://support.startmail.com/index.php?/Knowledgebase/Article/View/3/0/aliases

The Blur service (by Abine) also offers a "masked mail" free service. But their service is not encrypted:

https://dnt.abine.com/#feature/masking

3,755 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    LUH3417LUH3417 shared this idea  ·   ·  Admin →

    27 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • LupeLupe commented  · 

        I gots the plus sign rejected by website all the times. So frustrating.

      • WillyWilly commented  · 

        LUH3417,

        Their silence is statement enough.

        Interested in starting a GoFundMe campaign to get their attention?

        Willy.

      • Too DumbToo Dumb commented  · 

        Is this is being ignored?

        Too hard basket?

        Or a case of "ït's the users fault; they just don't understand and hopefully they'll give-up and go away"?

      • WillyWilly commented  · 

        The use of the "+" sign in the alias fails with so many services. It's useless.

        FAIL!

      • Des da monaDes da mona commented  · 

        Protonas, evidently something you can't ignore anymore.

      • SnapeSnape commented  · 

        Trond commented · June 10, 2017 11:04 PM - Well done, you get it. +3 points for Slytherin.
        Anonymous commented · June 5, 2017 7:35 AM - I pity that you don't get it. -3 points for Hufflepuff.

      • DazeeDazee commented  · 

        This is one of the features that would make protonmail even greater than it already is! 3 votes from me.

      • LUH3417LUH3417 commented  · 

        Trond, the services I have seen that offer this function, such as Blur, do not recycle the email aliases. They are created using random characters, such as pc34bch8@tda.protonmail.com. Using random characters can create innumerable aliases. You would not need to delete every single alias you create. One could be used at a number of similar, less trustworthy web sites to register. Only when you feel you are receiving spam forwarded through that alias, then you would want to delete it. You could utilize a particular disposable alias for a long time without needing to delete it.

        But, this suggestion for disposable aliases is because Protonmail initially offered a very limited number of aliases slots to use. And once those have been created and/or deleted, they greatly limit creation of new ones. The number of active aliases does not have to be unlimited. Maybe it would be limited to 10 or so. What would be unlimited is the ability to replace an alias with a new one, if the need arises. And Protonmail could place some limitations there to prevent abuse. Such as only 3 or 5 alias replacements per month.

        Someone earlier, addressed the possibility of abuse of a disposable alias. The suggestion is for it to be unlimited but not in the sense of being able to use hundreds without any controls in place. The idea is to allow only a limited number of active aliases at one time. But, with the difference being, that once you delete an alias, you are able to replace it. Abuse can be contained because if spam is reported to Protonmail, they either issue a warning, or disable the account immediately. Protonmail does not need to be able to view your email activities to find out about abuses. Often spam abuses are reported to the owner of the domain, with the offending email address/alias named.

      • TrondTrond commented  · 

        Thinking about it, i don't think they should be disposable. What if user A use abc@tdn.protonmail.com to register on example.com, then user B comes along and register the same disposable address. User B will then possibly receive private information from example.com that was meant for user A (and C, D, E, F, G....), he may even reset the password and will be able to do everything that User A would for his account on example.com. That can very potentially be a huge privacy nightmare.

      • TrondTrond commented  · 

        I like this idea very much! Just as you would never use the same password on two different websites you could start NOT using the same email-address on two different websites as well. That would not only defeat snoopers from linking accounts, give the user increased privacy, lessen the spam, but also give increased security! We often use the same email address to register everywhere, that email address is often our single point of failure. By using different email addresses every time you register somewhere it would lessen the chance that a attacker will be able to access anything else, even if the user happened to use the same password everywhere.

      • AnonymousAnonymous commented  · 

        This seems like a pointless feature to offer. If you don't want to give out your personal email, you make a separate one strictly for the purpose of knowing you'll be spammed. If you're so worried about your virtual trail, use a high quality VPN alongside an encrypted email service. No one can truly be anonymous online when actively sending details over to someone else. It's the very interaction that puts you at risk. Unless you know how to use pgp code for every single interaction you have online, something like a disposable email is not going to help you.

        The only thing I see about this post is, "I'd like the spam the hell out of people... can Protonmail help me out?"

      • 141cb37b141cb37b commented  · 

        Disposable email addresses would be a welcome addition and give PM users more for their money, since these addresses are just aliases, which would not be billed as additional users.

        I have used Blur/Abine for disposable email addresses, largely for providing to the growing number of websites taking a more subtle approach to building the All Powerful Email List, but also for subscribing to newsletters to get the initial discount coupon, or signing up for a second or third free trial if I was not able to make full use of the first (this works well with Blur's Masked Credit Card feature, but I'll limit the scope here to disposable email aliases).

        After a few years, someone at an email validation service wised up and added the domain name of the disposable aliases to its blacklist (not related to SPAM, just a blacklist for emails an indiscriminate marketer would not want in his email collection), so websites that subscribe to email validation services will return an error or simply repeat its request for a valid email. Blur has handled this by introducing new domains, which seems like the best, if not only solution, and not just because it costs Blur a mere 8-9 USD per year.

        The subdomain.protonmail.com is a good idea. If a subdomain gets blacklisted, a different subdomain can be created. Blacklisting protonmail.com would be foolish, since it's only a matter of time before everyone has a PM address. ;)

      • HadHad commented  · 

        Yeah needed.
        - and send from any alias
        - unlimited
        - and fix + sign
        - and be able to delete it when it becomes a source of spam.

        should be good then

      • WillyWilly commented  · 

        FOR THE LOVE OF MOTHER MARY; f i x t h e '+' c h a r a c t e r to s o m e t h i n g else!.

        So many sites and services, s o m a n y, refuse to accept it as a legitimate email address.

        And besides, as a commenter below has pointed out the current way its done exposes your underlying email address as soon as you have to reply or even send to that contact.

        A blacklist or cut-off of an alias should also be part of this feature.

        I need these features desperately. What's to be done? Should we start a gofundme or kickstarter campaign to get your attention? I'll start an offer of USD $500 for these alias requirements ONLY. Anyone else? I don't care about calendars, folders, shells or shiny trinketts. Just a useful and functional alias system.

        please, please, PLEASE.

        P.S. No, not interested in my own domain for various reasons. I need a one stop shop for email and at the moment you're it (but not delivering). Tutanota did for awhile, but they too didn't listen.

        (a paid-up user).

      • InesInes commented  · 

        ...and some points on the current alias feature provided with "+":
        1/
        - Many webservices/portals/businesses are too clumsy to be able to handle a "+" sign as acceptable in an email address, thus defeating the anonimity. From Proton's own signup procedure it is evident that the "-" sign has been reserved. PLEASE, could we have this character "-" released to use in the alias instead of "+".

        2/
        - Replying to an email that has come in on an alias "+" removes the alias and exposes the underlying address. Functionality is defeated. PLEASE, permit reply-to-email to utilise the same email address alias that the original email arrived upon.

      • Keith BohlerKeith Bohler commented  · 

        This sounds like a great feature, however, I'd probably get a Proton Disposable email server that is separate from the regular protonmail.com ones. As someone mentioned, email blacklisting is definitely a possibility. Not to mention, I'd personally love to see the ability to have at least 1 other @protonmail.ch or @protonmail.com alias for free accounts. Sounds like work, but would make the service even more flexible than it currently is.

      • LUH3417LUH3417 commented  · 

        Alfonso, the idea is to use one encrypted service, not multiple services divided by their features. If ProtonMail offers changeable aliases, no one will need to use accounts from additional providers. It's great that no one can read our messages. But if marketing groups compile your account registrations, purchasing and other habits via your one fixed email address into a comprehensive, shared profile of you, you have still lost your privacy.

      • AlfonsoAlfonso commented  · 

        If startmail.com and mailinator exists, I actually don't find the need for this. I find more hassle here getting protonmail into blacklists...

      ← Previous 1

      Feedback and Knowledge Base