I have seen this approach from other people as well. How do you feel about them knowing your custom domain? Then it’s easier to search for other mail addresses of that domain as well?
I use the aliases from Proton which make me feel a bit more ‘safe’. Downside is that I’m locked into Proton… :)
I also use a custom domain. Basically, as long as you accept that the domain might be linked to your IRL name, it’s more of a privacy issue in that regard. The custom domain means you don’t ever have to stick with one company forever, also. My email address is portable to any hosting service.
Spammers and scammers work in databases of hundreds of thousands of records they buy. Anything that doesn’t immediately return a hit is chaff to be deleted. There’s no incentive to root through thousands of credential combos and see if your human brain can see a pattern to tweak, short of targeted attacks about you as a person. If the custom domain doesn’t stand out as a business with website worth sending ransomware, what’s the reason to be a target? No one will waste time on a custom domain just in hopes of getting someone’s 27 addresses just to send important dick pill meds spam.
I get zero spam after a year or so with a custom domain. My neutered gmail still gets flooded with spam.
That has happened to me… twice. Once they sent spam to abuse@<domain> and once to postmaster@<domain>. Both of those are “well-known” addresses that received one spam mail each.
Having your own domain with a catch-all address is rare enough that spammers don’t seem to try to target it.
Meanwhile I set up straight-to-spam rules for a handful of companies that leaked my email address. Very useful.
That’s possibly true, but I still use a long password, so even if they do, I use 150 char characters where possible. So they’re not getting in. Password managers ftw
I have seen this approach from other people as well. How do you feel about them knowing your custom domain? Then it’s easier to search for other mail addresses of that domain as well?
I use the aliases from Proton which make me feel a bit more ‘safe’. Downside is that I’m locked into Proton… :)
I also use a custom domain. Basically, as long as you accept that the domain might be linked to your IRL name, it’s more of a privacy issue in that regard. The custom domain means you don’t ever have to stick with one company forever, also. My email address is portable to any hosting service.
Spammers and scammers work in databases of hundreds of thousands of records they buy. Anything that doesn’t immediately return a hit is chaff to be deleted. There’s no incentive to root through thousands of credential combos and see if your human brain can see a pattern to tweak, short of targeted attacks about you as a person. If the custom domain doesn’t stand out as a business with website worth sending ransomware, what’s the reason to be a target? No one will waste time on a custom domain just in hopes of getting someone’s 27 addresses just to send important dick pill meds spam.
I get zero spam after a year or so with a custom domain. My neutered gmail still gets flooded with spam.
That has happened to me… twice. Once they sent spam to abuse@<domain> and once to postmaster@<domain>. Both of those are “well-known” addresses that received one spam mail each.
Having your own domain with a catch-all address is rare enough that spammers don’t seem to try to target it.
Meanwhile I set up straight-to-spam rules for a handful of companies that leaked my email address. Very useful.
That’s possibly true, but I still use a long password, so even if they do, I use 150 char characters where possible. So they’re not getting in. Password managers ftw
Well try aren’t brute forcing 150 chars, that’s for sure, but don’t mistake that as the same as “they’re not getting in”.
seriously, once they know it’s 150 characters of hunter2 they’re in