In light of the seemingly increasing rate of data breaches and privacy violations in general, I've decided to take some steps further regarding my online presence.

Among other things, I decided to switch all my online accounts to custom domain email addresses, so I grabbed two domain names (with WhoisGuard enabled): one for use with stuff related to my real identity (think @firstlast.com), and the other for all else (think @randomword.com). Then, I changed the email address of each one of my existing online accounts, taking advantage of the catch-all feature. To make things short, it goes like this:

Accounts not related to my real identity:

• tildes.net.187462@randomword.com -> tildes.net
• reddit.com.178334@randomword.com -> reddit.com
• ...

Accounts related to my real identity:

• amazon.com.113908@firstlast.com -> amazon.com
• bankofamerica.com.175512@firstlast.com -> bankofamerica.com
• ...

As you might have guessed, the 6 digits ending the local part of email addresses are meant to be randomly generated, in order to mitigate easy guesses by spammers due to catch-all (though I've also created a specific sieve filter to mark incoming emails with "unknown" recipient as spam).

Before you ask, I don't intend to start a discussion about threat modelling here. I just want—as anyone who is not a complete tech-illiterate—to have a reasonable weapon against spam caused by recurrent data breaches, so that if an email address is leaked, I can toss it and replace it with a new one without much effort.

Also, I value owning my email addresses, in the sense that if I decide to change email provider in the future, I won't have to change my addresses too as a consequence. For communicating with real humans (e.g., my doctor), I could use a non catch-all address like first@firstlast.com.

I wonder what do you think of this approach... Is it overkill? Do you see any major concern from a privacy or security standpoint? Are you doing something similar and are happy with it? I would very much like to hear your experiences with email, especially about the approach you settled with.

I've recently decided to change email providers and so I had to change quite a few things. I went from encrypted mail (Tutanota) with their own client to a plain mail / standards-compliant mail provider (Migadu) after looking at many providers. (I'll probably make a blog post about it in the near future.)

So I'm just wondering.

What email provider do you use?
What clients do you use?
How do you treat your email?
Anything else you want to share in relation with this?

I usually setup debian or ubuntu servers. One of the pain areas I have avoided is email and usually just off-load the email to a 3rd party service. I currently need to setup a server with an email server and need a really simple straightforward tutorial. I thought I would see if the community has any suggestions.

I'm trying to clean up my internet presence and move away from at least Facebook and Google. I've come a long way with deleting my Facebook and it's now basically an empty shell for messaging. I've installed Signal and will start the grooming process with my friends and family now. If you have some solid arguments for the change regular ol' folks can understand please share them with me because as we all know "privacy" just isn't enough.

Next phase is the big one...Google or basically G-mail.

1. Is there any way to get an complete overview of where you've used your e-mail for a service online?

2. What e-mail would you recommend?
2a. I'm OK with paying a bit for overall quality, security and equally important UX!
2b. I don't use any other relevant Google products like Drive etc. It's just regular e-mail and sign in credentials for other services I basically need

3. I use a Mac, iPhone and iCloud. Is iCloud a problem? IF this needs to change it HAS to be an "easy" switch and not like setting up a server for myself. Because it won't happen and I'm not skilled enough.

I would very much appreciate your input :)

EDIT: Thank you all for your thorough comments!

EDIT: signups are now closed.

relevant blog post

teknik.io is a website that provides services like email, [encrypted] file uploads, Git repos, blogs, URL shortening, and more. I've used them for a few years and they're wonderful. It's all open-source and privacy conscious, maybe some Tildes users would like it?

Registration is usually invite-only, but it's open for a few hours.

Thanks @duckoverflow for mentioning this.

Edit: also their privacy policy is short, simple, and easy-to-read if anyone is interested in that. I'd consider it a great example of what a privacy policy should be.