Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You can do it with Gmail to some extent already. E.g. instead of using myemail@gmail.com I would use myemail+facebook@gmail.com. Gmail ignores anything after the plus. As someone mentioned, marketing companies usually share just the hash of email. The trick is not too popular and I didn't experience a company handling it yet.


A vast majority of companies either don't accept the plus because they are too lazy to implement proper email validation, or they strip the pluses from gmail addresses because they're strictly useless to them.


Then you can use dots. An 11-character email has 2^10=1024 different addresses.


The "trick" is both popular and commonly made to be moot by programmers. Source: I know programmers at multiple companies that have written production code to strip the +suffix from the username portion of gmail addresses.


Agreed. This isn't done just for ad targeting, either. If a user invokes a GDPR right to be forgotten, it's useful to make sure you've found all the instances of that user's email address in your system regardless of the +additions.


If someone does that with one of my (custom domain) addresses, it won’t work, here’s what I implemented: https://zackorndorff.com/2015/03/10/disposable-email-address...

(To save you a click, they look like aa_COMPANY+SHORTHASH@mydomain.com, with shorthash being based on COMPANY and a secret)

Downside is the address ends up absurdly long, and I’ve had to manually create some aliases for companies that won’t accept the plus.

I don’t recommend this setup, it’s kind of a pain to maintain, but I wish one of the mainstream providers would implement something similar.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: