Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hotmail Launches Accounts You Can Throw Away

Posted by timothy on from the at-last-a-feature-that-leads-gmail dept.

suraj.sun writes with this excerpt from CNET: "Today, Hotmail is getting a new feature aimed at 'e-mail enthusiasts,' which lets anyone create multiple e-mail accounts that can be read, replied to, and managed from their everyday e-mail inbox. These additional e-mail addresses can be had in the same manner as signing up for new accounts, but they require no extra log-ins or upkeep. ... The idea is to give users a safe way to provide third parties with an e-mail address, without giving up the address they've provided to family and friends, which, if compromised, can end the usefulness of that particular account. Each user will be able to create up to five aliases, any of which can be deleted and replaced with another at any time. Over time, Microsoft will increase that limit to 15 aliases per account, making it so that the true heavy users won't need to juggle between two or more Hotmail accounts."

52 of 286 comments (clear)

  1. Cool idea by trollertron3000 · · Score: 3, Interesting

    I've used it elsewhere but integrated into a client like hotmail is a good idea. Besides, I already use hotmail for my spam address. Now Google, steal this please.

    --
    Tiger Blooded Bi-Winning Machine
    1. Re:Cool idea by Abstrackt · · Score: 5, Informative

      While not exactly an implementation of a throwaway address, you can use plus sign addressing (subaddressing, i.e. name+slashdot@gmail.com) with Google. I use it for every site I sign up on so I can see who gives out my email address so I can filter everything from that alias into the trash.

      --
      They say a little knowledge is a dangerous thing, but it's not one half so bad as a lot of ignorance. - Terry Pratchett
    2. Re:Cool idea by Cinder6 · · Score: 2

      Gmail does have it, but you have to be using a custom domain to get the feature. I use it; it's nice. I'm not sure why it hasn't been integrated into the Gmail proper; usually, feature lag goes the other direction.

      --
      If you can't convince them, convict them.
    3. Re:Cool idea by Manfre · · Score: 4, Informative

      I've encountered several sites that do not allow a + in the email address, or come even remotely close to implementing the RFC.

      This is a worthwhile read and the regex was fun to implement. http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx

    4. Re:Cool idea by Graff · · Score: 3, Informative

      I've used it elsewhere but integrated into a client like hotmail is a good idea. Besides, I already use hotmail for my spam address. Now Google, steal this please.

      Gmail already has had this feature for a long time. it's called plus-addressing. You take your e-mail address, put a plus sign at the end of it and then add a phrase. For example:

      foobar@google.com
      foobar+slashdot@google.com
      foobar+amazon@google.com

      All of these will get sent to foobar@google.com and you can create a filter on each term (eg: filter on +slashdot) to send them into their own mailbox.

      --
      Sapere aude!
    5. Re:Cool idea by shutdown+-p+now · · Score: 3, Insightful

      Unfortunately, it still exposes your primary address. Whereas it seems that the reasoning behind this Hotmail feature is primarily privacy.

    6. Re:Cool idea by Anonymusing · · Score: 3, Informative

      There is actually a patent on something like this. AT&T developed it a long time ago, sat on it for a decade, then sold the patent to Zoemail (a now-defunct Internet startup) in the early 2000s, which then sold the patent to someone else. The advantage of the Zoemail/AT&T approach was that the "keyed" addresses would be created to each recipient you sent to, and they would know you by that keyed e-mail, but you could turn those off whenever you wanted. Or give them expiration dates. The keyed address would be listed in your address book with each recipient.

      It was a beautiful concept, frankly, but could have been implemented better.

      --
      Liberal? Conservative? Compare perspectives at Left-Right
    7. Re:Cool idea by farnsworth · · Score: 2

      This is a worthwhile read and the regex was fun to implement. http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx

      This is the regex that Mail::RFC2822::Address uses, which seems to be the most comprehensive: http://ex-parrot.com/~pdw/Mail-RFC822-Address.html

      I have no idea how that was authored...

      In any case, probably the only 100% way to validate an email address is to accept any string and try to send an email with an "is-valid" link in it.

      --

      There aint no pancake so thin it doesn't have two sides.

    8. Re:Cool idea by Anonymous Coward · · Score: 5, Informative

      Do you mean the catchall? If so, yeah I do it too and love it.

      You get *@yourdomain forwarded to your inbox. Then you just make one rule in your filters. In the "has the words" box for filter creation, you put deliveredto:({[one],[two],[three],[four]})

      One, two, three, and four being @yourdomain "accounts" that are abandoned due to spam. Just tell gmail to send those directly to the trash, which keeps your spambox empty.

      It doesn't get any better than that. No need to create new email addresses, they all already exist. Just filter out the ones that start causing you trouble.

    9. Re:Cool idea by msauve · · Score: 2

      There is actually a patent on something like this. AT&T developed it a long time ago, sat on it for a decade, then sold the patent to Zoemail (a now-defunct Internet startup) in the early 2000s, which then sold the patent to someone else.

      Then, there's no patent on it, or won't be very soon. Patent terms from that period were 17 years. "Early 2000s" should mean 2004 or before, so that's at least 10+7 (minus some number of month?) = expired.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    10. Re:Cool idea by Patoski · · Score: 4, Interesting

      While not exactly an implementation of a throwaway address, you can use plus sign addressing (subaddressing, i.e. name+slashdot@gmail.com) with Google. I use it for every site I sign up on so I can see who gives out my email address so I can filter everything from that alias into the trash.

      Additionally you can also place a period anywhere in the user portion of your email address and gmail will route it to your address.

      For instance, if your email address is "bufordpusser@gmail.com", you can also give out "buford.pusser@gmail.com", "b.u.ford.pusser@gmail.com", etc. and all of them will route to your original address.

      --
      G. Washington on Government "it is force. Like fire, it is a dangerous servant and a fearful master."
    11. Re:Cool idea by Graff · · Score: 3, Interesting

      And as soon as I see your email in this format, I strip away the "+" part and have your original address which I can merrily spam.

      Spam away on it, the original, no "+" address is to a spam mailbox.

      Only addresses with the "+" part go to actual mailboxes that I read. I never hand out the bare address to anyone.

      --
      Sapere aude!
    12. Re:Cool idea by Graff · · Score: 3, Insightful

      I didn't say it was perfect, just that GMail had a version of throwaway email for a while now!

      If Hotmail one-ups Google then that's all the better for the users because that's how services get better, through competition.

      --
      Sapere aude!
    13. Re:Cool idea by Magic5Ball · · Score: 3, Funny

      Then would you say that you are nonplussed about this feature?

      --
      There are 1.1... kinds of people.
    14. Re:Cool idea by catmistake · · Score: 2

      bah... no mod points... loaning you my karma is all,
      thx for posting

      --
      The Admin and the Engineer
    15. Re:Cool idea by catmistake · · Score: 2

      Ha! I do that all the time (post AC, then mod parent up... doesn't work if you mod before you post).
      ;-)

      --
      The Admin and the Engineer
    16. Re:Cool idea by mysidia · · Score: 2

      I've encountered several sites that do not allow a + in the email address, or come even remotely close to implementing the RFC.

      Those (several) sites then are clearly broken; clear violation of the robustness principal as well.

      Basically, (anything)@example.com

      Is valid; providing the contents of (Anything) are recognized by (example.com) SMTP servers.

      There may be some quoting of special characters such as spaces required in (anything), required when using the e-mail address over SMTP; however, the web server's SMTP client should take care of adding any quoting special characters required for SMTP protocol, if the user did not provide it.

    17. Re:Cool idea by Plasmoid2000ad · · Score: 2

      Because no one tries to spam Domains with emails by just guessing at common local parts to the email address.

    18. Re:Cool idea by asdfghjklqwertyuiop · · Score: 2

      There's very little point validating an email address anyway. What are you trying to do?

      Prevent SMTP header injection, possibly: user@example.com\nX-Some-Header: blah or injection in the message body (user@example.com\n\nBlah).

      Personally, I usually just check that there's something@something.something and call it done (somethings can include @s and .s).

      Also technically wrong. The right hand side doesn't necessarily need to contain a dot (for example, root@localhost).

  2. I guess... by msauve · · Score: 4, Funny

    this is the first time I've seen a Microsoft focused article after the /. redesign. Bill as Borg doesn't seem right - he's not even in charge any more. Where's Ballmer with a chair (and not sitting on it)?

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
    1. Re:I guess... by catmistake · · Score: 3, Interesting

      Also in Microsoft's court, Exchange has no true equal and Active-Directory still rules, and, by reverse proxy I guess, the Bill and Melinda Gates Foundation is amazing. On the otherhand, their flagship OS is still a rotting, broken piece of shit and a security nightmare, and their rabid fanbois equal mac zealots in the uninformed denial of this. (Sure... any OS can be broken or insecure... it's just infinitely easier with Windows.)

      --
      The Admin and the Engineer
  3. Here. by MrEricSir · · Score: 4, Informative

    http://mail.google.com/support/bin/answer.py?hl=en&answer=69570

    --
    There's no -1 for "I don't get it."
    1. Re:Here. by Anonymous Coward · · Score: 5, Informative

      Interesting but not quite the same thing. If an account gets really jacked up then you would have to make another gmail account, remove the old one, then add the new one. Kind of a pain in the ass.

      With the Hotmail feature you simply delete the old one and make a new one right there. It's much more straightforward and quick.

    2. Re:Here. by Anonymous Coward · · Score: 4, Interesting

      I have a DynDns subdomain (free) for which I registered a Google Labs account (free) and set up Gmail (free). I get up to 50 Gmail accounts @ my DynDns subdomain. Adding or removing them is easy, and with multiple sign-in, switching between them is easy. Plus I can set them to forward messages to my main e-mail address.

    3. Re:Here. by lul_wat · · Score: 2

      HTML line break

      --
      Divide a cake by zero. Is it still a cake?
    4. Re:Here. by Z00L00K · · Score: 2

      Wouldn't this be great for spammers too that needs to provide a verification email account?

      I'm just waiting for sites that sets up rule that verification can't be done through hotmail and that that you need to provide another email account.

      Those huge sites like hotmail and gmail are great catch-alls for spammers too.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
    5. Re:Here. by rtfa-troll · · Score: 2
      Much better is spamgourmet. There are several things which are key and are missing from the hotmail implementation.
      1. there is no master address; every address has a code.
      2. addresses are unilmited. This means you can use a separate email address for every correspondent. This means you can work out exactly which correspondent gave away your email address
      3. addresses last by default for 20 mails; enough for a simple correspondence, but not enough to fill your mailbox before you realise and delete the address
      4. you can have per-address permitted senders with no limit.

      I guess the hotmail implementation is an advance, I'm sure it's a bit better integrated than spamgourmet, which is a volunteer service, but without the features mentioned above I don't think most people will find the hotmail implementation will give the benefit needed for the extra effort required. You will end up with several commercial correspondents on your main mailbox and you will never know which one it was that sold or leaked your email address to the spammers so you won't be able to do anything about it?

      --
      =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
    6. Re:Here. by mcvos · · Score: 2

      With the Hotmail feature you simply delete the old one and make a new one right there. It's much more straightforward and quick.

      It is, but my email provider (xs4all.nl) has had that feature since forever. At least 10 years, I think. I have a simple list of all my email aliases, and can add and delete them as I like. It's still not anything new.

    7. Re:Here. by MartinJW · · Score: 2

      I like 10minutemail.com. No signing up, no management - nothing. Just visit the site and immediately get a temporary email address that lasts ten minutes.

    8. Re:Here. by TheLink · · Score: 2

      You say you've had the hotmail account longer than the Yahoo and Gmail accounts

      Where did I say that?

      FWIW, none of those email accounts are my primary email account either. My primary has tons of spam, but since my spam filters are tolerable (not great) I'm sticking to it.

      --
    9. Re:Here. by maxwell+demon · · Score: 3, Informative

      Options -> Comment post mode: Plain Old Text.
      Contrary to what its name suggests, it actually interprets the supported html tags, but it keeps line breaks.

      --
      The Tao of math: The numbers you can count are not the real numbers.
    10. Re:Here. by vgerclover · · Score: 2

      Just to let people looking into this, it's Google Apps. I'd recommend you have a registered domain before you begin.

    11. Re:Here. by Captain+Hook · · Score: 2

      The problem with the gmail approach is that your real address is still part of the address, it's not hard for spammers to take that address and strip +whatever off the username section of the email address.

      Even worse, although + is a legal character in email address, a hell of a lot of sites and services don't accept it. For example, I don't think facebook allows email addresses with a + character in the name section.

      Googles multiple email address into a single account approach is more of a tracking system than an antispam system, i.e. you could create an email such as myemail+dodgycarinsurancequote@gmail.com, if you get spam to that account and Dodgy Car Insurance Company was the only one you gave that address to, you know the source of email leak and can avoid using them again, but your email has already passed on to the spammer.

      --
      These comments are my personal opinions and do not necessarily reflect the opinions of the other voices in my head.
    12. Re:Here. by Rary · · Score: 2

      That's not an alias, as the link you provided specifically says "Gmail doesn't offer traditional aliases". It is a handy feature, but it's not an alias. For one thing, you can't "throw it away", although you can filter it out. Additionally, although it's useful for automated systems, if you give the email address out to a real person, that person then knows your real email address as well.

      Aliases are entirely different, and would be a welcome enhancement to Gmail.

      --

      "You cannot simultaneously prevent and prepare for war." -- Albert Einstein

    13. Re:Here. by Rary · · Score: 2

      Like I said, it is a handy feature (and I do use it, myself), but simply adding alias functionality would be trivial to implement, and would add much value.

      I wouldn't at all be surprised if spammers start stripping the "+..." from harvested email addresses. Actually, I'd be quite surprised if none of them have done this already.

      --

      "You cannot simultaneously prevent and prepare for war." -- Albert Einstein

    14. Re:Here. by omglolbah · · Score: 2

      I have a domain that forwards *@example.com to my gmail address.

      I sign up using the site name as the account-name whenever I have to provide one.

      When spam arrives from an email in annoying quantities I add a specific rule to send that email address into a dead account.

    15. Re:Here. by blackest_k · · Score: 2

      the main problem is you need a new gmail account to be allowed to import from hotmail but you can get round this by dumping to an intermediate gmail account. And just set a forward to the one you really want to use.

      I have a number of email accounts which i label in gmail so i know where it came from. The only thing i get stuck with is friends with compromised accounts which send porn and viagra links

      Another useful thing i found is you can sync contacts from winmobile / outlook to a gmail account.
      very handy if you move to android.

      facebook contacts can be exported via yahoo to gmail too.

      --
      Blarney Quality Restaurant, Plants
  4. Hrmmm by WiglyWorm · · Score: 5, Insightful

    Isn't that what people do with their hotmail account anyway? Throw it away?

  5. You thought it was hard to name an account before by Anonymous Coward · · Score: 3, Funny

    Now we're going to be emailing grandmacatherineandgrandpajohn1320924delta@hotmail.com

  6. Own domain by Dan+East · · Score: 4, Interesting

    I've been doing a similar thing with my own domain / webserver for the last decade. I'll make up email addresses right on the spot, usually like "slashdot.org@mydomain.com" or "sprint@mydomain.com", etc. I have a catch all account that receives all emails to non-existent accounts, and I can split any of the addresses off into an actual account whenever needed (or disable it if it becomes inundated with spam). That was always one of the big perks of owning your own domain.

    --
    Better known as 318230.
    1. Re:Own domain by SydShamino · · Score: 4, Interesting

      Yup, I do exactly this for about the same length of time. The only difficulty is when I have to give an address to someone verbally, and they think I'm giving them a fake one since it's yourcompany@mydomain.com. I usually get around this by giving those people randomthreedigits@mydomain.com or similar. As it happens I've only ever lost one address this way to spam, but it was obvious right away who sold my address.

      --
      It doesn't hurt to be nice.
  7. Beaten to it? by Firehed · · Score: 3, Interesting

    This seems pretty similar to Gmail's aliasing - append anything after a plus sign to your email address (ex firehed+slashdot@gmail.com) and it goes to your main inbox. If that address is compromised, just filter anything addressed to that account.

    Microsoft seems to have a few advantages here, though. First, it's a lot more seamless. Second, there are tons of websites that incorrectly validate email addresses and treat + as an illegal character, which it is not (hell, you can go directly to an IP address instead of a domain, although nobody ever would), so by extension it's harder to use as a throw-away address. And third, it's pretty obvious you've done it, and websites can just s/\+[A-z0-9.-]+@gmail.com/@gmail.com/g it into oblivion.

    Of course, in order to get this functionality, you need to use hotmail. Aren't those already throw-away accounts by definition?

    --
    How are sites slashdotted when nobody reads TFAs?
    1. Re:Beaten to it? by WiglyWorm · · Score: 2

      That is nice, but I've had experiences with websites that won't allow the + sign as part of an email address. Unfortunately, emails are one of the hardest things to validate with regex, and most implementations get it wrong.

    2. Re:Beaten to it? by dudpixel · · Score: 2

      but any human could see that if you remove everything after the +, you get the person's real email address. How long before spammers set up automated servers to do the same?

      hotmail's approach uses completely different email addresses, which is much better.

      I want this in gmail :)

      --
      This seemed like a reasonable sig at the time.
    3. Re:Beaten to it? by Obfuscant · · Score: 2
      Plus there is at least one turnkey spam-filtering mail server system that has no clue what a + address is. It simply bounces everything that is not a literal match to a valid username.

      People who do not understand the RFCs for email should NOT be selling mail servers.

  8. Re:Great Idea. by hawguy · · Score: 3, Interesting

    Gmail has something that's arguably better -- you can use a plus sign to append any string you like to your address, so you can have "myname@gmail.com' as your main account and give "myname+family@gmail.com" to your family. And when you sign up for a Hormel mailling list, you can use "myname+hormel@gmail.com" so you know when you're getting spammed by Hormel.

  9. Re:?um by RoFLKOPTr · · Score: 2

    What are hotmails?

    The opposite of ComicCon attendees.

  10. Re:Nah. by artor3 · · Score: 2

    Have you used it in the past few years? Most sites refuse to take emails from any of Malinator's domains.

  11. That's nothing. by dmomo · · Score: 3, Funny

    I threw away my hotmail account 10 years ago.

  12. Re:Great Idea. by _merlin · · Score: 2

    How's that better? A machine can easily strip the part after the plus sign.

  13. What? by okmijnuhb · · Score: 2

    Hotmail IS my junk mail account!

  14. Re:Great Idea. by hawguy · · Score: 2

    It's better because you set "myname+family@gmail.com" to always bypass spam filters (and maybe apply a colorful tag to make it more noticeable.

    Then you can treat "myname@gmail.com" as spam since you never give that address to anyone you care about.

    So the machine can strip mynam+hormel@gmail.com down to myname@gmail.com, but you don't care since your family sends email to myname+family@gmail.com and your friends sent email to myname+friends@gmail.com.