Privacy Blog

"Friends don’t let friends get spied on.' – Richard Stallman, President of the Free Software Foundation and longtime advocate of privacy in technology.

How to Hide Your Real Email Address from Marketeers, Spammers and Other Obnoxious Pests

The sending of e-mail filled with advertising is a common and odious activity. Thousands of web sites gather email addresses and then bombard you with their advertising. You might sign up for a newsletter or some other free service on a web site, and then they start flooding your in-box with advertising messages two or three times a week or even more often.

I had a recent experience of just that. A web site I visited offered a free downloadable ebook about a topic that interested me. In order to obtain access to the PDF file, I had to enter my email address and click on SEND. A few seconds later, I received an email message that contained a link to the downloadable ebook. Of course, I had also just been added to the mailing list of the person who owns the web site.

I read the ebook and found it was what I call a “fluff piece.” It had very little information that wasn’t already common knowledge and was filled with advertising for other ebooks and services offered for a fee by the same web site. I soon deleted the ebook and forgot about it. Until the next day…

The next day I received another email message from the same web site, promoting a different ebook that sells for $39.95. The following day, I received another email message for still another ebook being offered for sale. And so on and so on. Every day, I received still one more obnoxious email message that was written like a late-night infomercial: “This will amaze you! But wait, there’s more…”.

NOTE: I must point out that I do not sell or share the email addresses of my readers.

Even worse, often there is no link supplied to unsubscribe. There is no contact info for the company, and the email probably is sent from “donotreply@…” In short, there is no way to stop this junk.

Technically, such messages sent after you sign up for something are not spam since the companies do have a relationship with you. You created that relationship. However, those messages sure look like spam when you receive them. Some companies are very aggressive, sending lots of this junk. Personally, the more ads they send, the less likely that I will ever do business with them in the future. I would suggest that you also boycott these overly aggressive advertisers.

Other bad things can also happen. A responsible company may go out of business, and its assets—including mailing lists—may be purchased and used by a less responsible organization. Even less likely but still possible, an employee of that company could secretly sell your address to spammers.

Still another obnoxious business practice is when spammers use automated programs that surf the web to find and save email addresses found on other companies’ web sites. The spammers then use these addresses to create mailing lists that advertise all sorts of junk. In fact, you don’t even have to post your own email address anywhere on the web to end up in one of these mailing lists. If a friend of yours even posts a message on Facebook or any other web site that says, “My friend John at {insert email address here}…”, that email address will be “harvested” by the programs that automatically build mailing lists.

How do you keep your email address off such mailing lists? How do you stop even the web sites you have dealt with in the past from flooding you with email messages?

I see at least four solutions. All are super easy, and several of them are available free of charge. Actually, I use a fourth solution that costs a few dollars, but I like it as it provides many more options. I’ll describe that one last. None of these are perfect solutions, but all of them will reduce, if not eliminate, the number of unwanted messages.

Solution #1: Obtain a second email address

Everyone should have at least two e-mail addresses: one that is used only when corresponding with friends and family, and another that is used when corresponding with commercial companies. You can always obtain a free account at Gmail, Yahoo, Hotmail, or any of a dozen other places.

When creating a new user account on any web site, use your secondary (non-personal) address. If that site later sells your e-mail address or starts bombarding you with advertising, at least it is not filling up your primary in-box. If it is obnoxious, you can easily cancel this secondary account that was free to begin with. For some time, I used a secondary email address of The “2nd” in the email address indicted to me that it was my secondary email address, not my primary one.

I see two downsides to this method. First, you do have to log onto this secondary e-mail address occasionally to see if there are any important messages amongst the junk. After all, there may be a message suggesting that you renew a wanted service. (Some e-mail services do allow you to set up forwarding. If available, the secondary account will forward all your mail from a specific individual or company to the primary account so that you do not have to check two different services. Gmail is especially good at this.)

Second, you cannot easily cancel e-mail from one company alone. That is, if you cancel this e-mail account, you will lose future e-mail messages from well-behaved companies as well as from the bad guys. Of course, you can go out and obtain more addresses, but that adds a lot of complexity. The purpose of obtaining a second e-mail address is to make your life easier, not more complex!

Solution #2: Create multiple email addresses with Gmail

To my knowledge, this works only with Gmail, and it is one of the many reasons why I love that service. You can create multiple email addresses with one Gmail account. Most email users are not aware of this trick; yet, it can easily cut down on the junk mail appearing in your email in-box.

You can have many different email addresses for your primary Gmail address, but all the mails sent to the different addresses will be received in your primary Gmail addresses inbox. There are two methods of creating multiple Gmail addresses.

Method #1: Use a plus sign

The first method is to use the “+” symbol to add another word to your Gmail address. You can do this “on the fly” while you are one the web site that’s asking for your email address. For example, suppose your Gmail address is, and you want to create a custom email address for signing with To create this custom email address, all you need to do is go to the email address field on Amazon’s web site; then just add a keyword such as“amazon” before or after your username in your email address, like this: or Then sign up with this customized version of your email address on Now all the emails addressed to this customized email address will be sent to your primary Gmail address at

It is as simple as that. You can use this simple trick to create an unlimited number of custom email addresses, and all mail sent to them will land in your primary Gmail address.

Method 2: Using dots in your Gmail address

The second method uses extra dots in your Gmail address. Gmail does not care about how many dots you have in your email address. In fact, it doesn’t recognize any dots within a Gmail address, which means you can place any number of dots within your Gmail address before the @ tag. Gmail will ignore the dots and still send the mail to your original mail address sans the dots. For example, let’s again use the example of If you add a dot anywhere within the words johngreen, Gmail will always ignore the dots. Using the same example, you can create multiple emails address like these below: and a lot more

Either of the above methods will still point to your primary Gmail address at

Depending upon your requirement, you can have many uses of these tricks. Why would you want to do so? Because you can later set up filters within Gmail to treat each address’s messages differently. You can easily organize emails from different services and websites. If in any case a website starts sending spam to you, you can easily set the specific filter in your Gmail account to delete all the mails instantly when

Using one of the earlier examples, let’s say you decide to immediately delete all incoming messages addressed to Simply create a filter in Gmail to specify that all new messages addressed to should immediately be deleted or sent to the spam folder. All other incoming email messages will be treated as normal, and you still only need to check one place for all your messages.

Detailed information about creating Gmail filters may be found at

Solution #3: Use a throwaway e-mail address.

You can find many free web services that will give you multiple e-mail addresses on a server that is designed to handle spam mail. You use the address for a limited time–a few hours or a few days or perhaps a few months–and then the email address conveniently stops working when you tell it to do so.

Wouldn’t it be convenient to give a different email address to every business or web site while getting all your email as before? Wouldn’t it be easiest to assume the address will be given to spammers, and have it work as a spam blocker by shutting off automatically unless you decide otherwise? Actually, this is easy to do.

With some of these services, you can obtain a different e-mail address for every company you communicate with. For instance, if you sign up for something at, give an address of “” or something similar. That way you will always know the source of the junk mail. If later sells your e-mail address, you will know who sold that address when you receive mail addressed to “”

If or any other company starts bombarding your in-box, stop checking the in-box for that e-mail address.


My favorite disposable email address provider is Mailinator. You don’t even have to register in advance. If you are on a web site and need to provide an e-mail address, you can create one on the spot by using any address that ends in “” For instance, when signing up for something at, I might use an address of Any e-mail messages sent to will be held for 24 hours, then deleted. If I want to see what was sent to this address, I can check the web site within 24 hours with no log-in required. This is great for sites that send you passwords in e-mail or for any other one-time email message.

The three disadvantages of Mailinator are (1) messages only last for 24 hours, (2) you have to go to the site to check for new messages, and (3) there is no security. Do not use Mailinator for anything where privacy is important. Mailinator is available free of charge. Full details are available at

Here are some other well-known mail services designed for fighting advertising. I have not tried all of them, but all do have good reputations. Unlike Mailinator, most of them do require you to register in advance:

SpamMotel is a $9.95 a year service that gives you many unique e-mail addresses–for example, one for each company with whom you do business. Whenever the sender (or spammer) sends e-mail to one of these unique addresses, it is forwarded to your regular e-mail address… along with your reminder note and other useful information, which appears at the top of the e-mail. SpamMotel tells you when the special address was created, how many e-mails you’ve received from that sender, and the date that the sender last sent you e-mail. Best of all, SpamMotel allows you to delete any of the special addresses you’ve given out. Once you delete an address, you receive no more messages from that company or any other company that purchased their mailing list.

The downside is that SpamMotel costs money and that it is a bit more complicated than most of the other services mentioned.

You can read the details at

GishPuppy is a strange name, but it works well for fighting advertising e-mail messages. Its operation is quite similar to SpamMotel but with no payment required.

GishPuppy offers disposable email addresses that automatically forward messages to your normal (private) email. It might be convenient to create a different GishPuppy email every time you register on the web and individually cancel them whenever you want. GishPuppy is available free of charge at

MyTrashMail is available free of charge although the web site does suggest donations to keep the servers running. The web site also is full of advertising (apparently in order to pay the bills) and is difficult to read in many places. You can learn more at

SpamGourmet is quite popular. You must first set up a (free) account. Then you can give out self-destructing disposable email addresses whenever you want. The disposable addresses work like this:

where “someword” is a word you have never used before, “x” (optional) is the number of email messages you want to receive at this address (up to 20, and the number 3 will be used if you leave it out), and “user” is your username.

For example, if your user name is “spacecowboy” and BigCorp wants you to give them your email address (on the web, on the phone, at a store—it doesn’t matter), instead of giving them your protected address, give them this one:

This disposable email address will be created the first time BigCorp uses it (you don’t have to do anything to create it), and you’ll receive at most 3 messages, forwarded to your protected address. The rest will be “indelicately consumed,” as SpamGourmet so nicely puts it.

Details may be found at

SneakEmail costs $2 a month and lets you maintain anonymous aliases and direct them to any of your real addresses. You can then filter mail by alias tags, monitor traffic levels to the various aliases, suspend or delete addresses, etc. Details may be found at

MailNull is free, easy to set up, and creates multiple addresses for as long as you need them. Actually, it works a lot like the Gmail’s addresses with plus signs that I described earlier. Look at

If you spend some time on Google or any other search engine, you can probably find even more services that offer throwaway e-mail addresses.

Method #4 (Honorable Mention): Challenge/Response Services

While all of the methods I described earlier will work well, they all have significant drawbacks. None of them work perfectly. All of them require extra work by you, the user. There is a more accurate way of blocking spam, but it has other drawbacks.

A so-called “Challenge/Response” system requires unknown senders to pass various tests before their messages are delivered. They work. The first time somebody sends you an email message, the system sends the person back a “challenge” email that the sender must now respond to, usually by clicking on a link, sometimes by entering a word or phrase. By engaging in this “response,” the sender is proving that he or she is not a robot. The theory is that, by responding, the sender must not be a spammer. Spammers usually do not respond to such challenges, so the spam message never gets delivered to your in-box. If a human does respond and does click on the desired link or enters the appropriate word or phrase, two things happen: (1) the message is delivered to your in-box and (2) all future messages from the same email address are automatically delivered to your in-box immediately without a challenge. Each sender of email messages only has to respond to the challenge one time.

I found challenge/response systems to effectively block 99.999% of the spam. As much as I like challenge/response systems, I still found they have significant drawbacks.

First, the internet is global, and it’s possible for bad guys to very cheaply hire people from a third-world country to click these links all day long, every day. I have read that this is a problem although I never encountered it myself when I used a challenge/response system. Every message that I received appeared to have been written by a live human, not a spam robot.

Sadly, some legitimate senders aren’t going to take the time to bother with clicking through these links; they’re going to write it off as too time-intensive. Do you really think Amazon is going to bother responding to challenge requests, to push through your shipping notification?

Perhaps a worse example was when a lady I met in person told me that she had earlier tried to send an email message to me but had been blocked. She said, “I received a reply saying that I wasn’t allowed to send email messages to you.” In fact, that is inaccurate; that is not what the message said. But that was her interpretation when she read a statement she didn’t fully understand.

Some view Challenge/Response systems as being as bad as spam since they place the burden of spam fighting on legitimate email senders—who it should be noted will often indeed give up at the slightest hindrance.

You can find a number of providers of Challenge/Response systems by searching on Google. I used Spam Arrest at for nearly a year and found it blocked all spam but did have the disadvantages I mentioned earlier.


Whatever method(s) you choose, you will find that life without advertising is great! You should try it. Any of the above services can greatly simplify your life and allow you to reclaim your in-box. Take back your in-box!

Categories: Email Security

6 replies

  1. Another “throw-away” email service is the (currently free) service at that “masks your email”.

    For me the convenience is that it is available as a Firefox add-on (MaskMe) which means that when a webpage has an email field you can with one click fill it with a throw-away email address (it will also prompt you if you have already created a throw-away email address associated with the particular domain).

    You can then access these emails on a webpage (via a toolbar icon) or set it up to forward all your masked emails to a real address.

    I particularly use it when responding to blogs – when it is often not a good idea to use a real address in case the site you are responding to is either hacked or sells your email address.

    Liked by 1 person

  2. Another approach is to host your own email service via almost any hosting firm. For about £20 a year I get my website and emails hosted and maintain a couple of domain registrations.

    My hosting firm will on request configure server based anti-spam software (e.g. Spam Assassin) – which stops most of the nasties getting on to your computer. With limited server access, I can (with technical knowledge) get alternative server software loaded and start to more clever things “on server” as well.

    You can then set up numerous email addresses of the form ?????? (my host limits me to 50) and set up a default address for anything else sent to any address This means that you can “set up” email addresses “on the fly” so if when out and away from your computer “dodgy dealer” insists that a form must have an email address (and he won’t accept, just offer – any emails will end up in your default inbox.

    Your default inbox you can then treat with great care. You can either white list or set a filter to check that emails to come from (or both!)


    • Like Stephen, I use Alias email address associated with my hosted domain. Every vendor, and/or list usually is signed up with an alias email address; so I know where junk mail is coming from and can just delete the alias, and reassign a different one if need be. Most businesses play nice, but every once in a while an alias address gets out in the wild.

      In many cases, these junk mail end up in Spam filter, and I don’t mess with them. But if no longer needed, the alias is deleted.


  3. Dick; when I tried solution #2, method #1, it failed with the following from the sending account:
    Technical details of permanent failure:
    Google tried to deliver your message, but it was rejected by the server for the recipient domain by [2607:f8b0:400e:c04::1a].


    This solution/method sounds very good to me. I’d just like to get it to work.

    Thanks for the article. I enjoy it lots. 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.