undefined | Better HN

0 pointszfa1y ago0 comments

I bet no spammer or salesperson would ever think of replacing such a generic localpart to get to your eyeballs.

0 comments

rbut1y ago

I've used <site/company>@domain.com for many many years and never had someone do that.

Spammers simply obtain lists of emails through hacking or purchasing them and then spam them, they don't pick a particular address and modify it.

zfaOP1y ago

Spammers who just blast stuff out won't do it, I'm sure.

But as a counterpoint it literally happened to me to me years ago when I used to use name+<service>@exmaple.com. I got cold emails to 'name+paypal' despite never, ever having used that localpart. I've no doubt it was absolutely targetted and not a hit-and-hope spamblast but it was enough of a wake-up call for me to realise it couldn't really be relied on.

Ringz1y ago

I’ve been doing this for years and have never had any problems with it. It is more likely that generic emails will be generated if you have a domain that is also present as a public website on the internet.

saghm1y ago

Why would they want to spend effort trying to brute-force addresses to show me emails that they already have the ability to sent to me and I didn't generate them any revenue from?

zfaOP1y ago

No idea, just pointing out it is such an obvious alg it doesn't really show provenance.

I used similar (well, plus addressing with localpart=name+<service>) a long time ago and once got emails to name+paypal@example.com even though that was a suffix I'd never used. Some enterprising person out there had obviously obtained one or more of my service-specific addresses and was trying to game my attention by changing the identifier to something 'important'. That's when I personally ditched the approach.

saghm1y ago

"Provenance" might be have been a bit too strong; maybe I should have said "strong signal". It's an additional piece of info that will almost always identify the source, but in the rare exceptions it's not any worse than if I just used a single address for anything.

j / k navigate · click thread line to collapse

0 comments

rbut1y ago

I've used <site/company>@domain.com for many many years and never had someone do that.

Spammers simply obtain lists of emails through hacking or purchasing them and then spam them, they don't pick a particular address and modify it.

zfaOP1y ago

Spammers who just blast stuff out won't do it, I'm sure.

Ringz1y ago

saghm1y ago

Why would they want to spend effort trying to brute-force addresses to show me emails that they already have the ability to sent to me and I didn't generate them any revenue from?

zfaOP1y ago

No idea, just pointing out it is such an obvious alg it doesn't really show provenance.

saghm1y ago

j / k navigate · click thread line to collapse