Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I have my own mail server and setup a catch all alias to a single account. So I can generate -- on the fly -- e-mails for services.

- Apple: me.apple@example.com - Google: me.google@example.com - Uber: me.uber@example.com - Tinder: me.tinder@example.com - random business: me.randombusinessname@example.com

This helps me with the following:

- unique usernames and passwords for each service

- easily able to tell when a service sells my information or gets hacked/breached

- "haveibeenpwned" also allows mail server owners to get access to reports for all addresses on a domain and receive notifications on breaches

- much easier to remember and communicate with others as compared to iCloud hide my e-mail addresses

- on the outgoing/sending, re-writing the "from" address field in e-mails is very easy to do



If you use this approach, once 10 of your aliases are in the HIBP database you will need to pay for a subscription to see breaches for your domain (and even then the $40/year tier is only good for 25 aliases).

I wish HIBP had a solution for those of us who are individuals but use a domain catchall to manage online accounts.


Yes it really does suck - apparently I've been breached numerous times but I can't see details without paying.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: