Cut Down on Junk Mail with iCloud+’s Hide My Email

Originally published at: Cut Down on Junk Mail with iCloud+’s Hide My Email - TidBITS

The new Hide My Email feature of iCloud+ helps you avoid junk email by creating disposable forwarding addresses when you sign up for websites and apps. Here’s how to take advantage of it.

Thanks for this information, @jcenters. I have not signed up for extra storage at iCloud, but I refrain from putting stuff there that I occasionally wish I could access from another device. With this added benefit, I might pay for extra iCloud storage.

Off-topic but somewhat related comments.

iCloud is one of “many other email services,” but it’s all for naught if the web site where I’m trying to use plus addressing rejects an email address with a plus sign—or, worse yet, accepts it but then won’t use it, so no email ever arrives.

I somewhat have that problem with plus addressing. In Gmail, I would need to create something (I think it was a new SMTP server entry, but I’m not sure) for each plus address. My work-around is to use the Reply-To field in any email I send and send it from the regular account. In my limited experience, this has worked.

Generating random email addresses is a great idea. I like Hide My Email, and 1Password’s ability to work with Fastmail to generate randomized Masked Email. The problem is that it is far from seemless.

I like the 1Password’s integration into the IOS’ AutoFill Passwords. When on my iPhone, I go to a login field, the iPhone gives me the ability to automatically fill in my information from 1Password. I can use FaceID to authorize it.

I can create a Hide My Email address in Safari, but that doesn’t tell 1Password that address. I have to copy and paste it.

I can use 1Password to generate a Fastmail Masked Email, but only by using the Safari plugin which requires me to login to my 1Password account each time. I can’t use FaceID.

Well, there is one exception: if you reply to a message sent to a hide my email address, Apple will [edit: sort of] hide your real email and it will appear to come from that address.

[edit: See more info on my post below to show that this doesn’t fully hide your real email address.]

Interesting! Is that feature implemented client-side in recent OS releases or does it work with other clients? Perhaps the limitation is simply in the valid list of sender addresses, but it’s not actually enforced server-side, and so you could still technically send from one. Hmm–must test. Answer: nope–seems the SMTP server says no just as though it were a foreign address. That’s too bad, but fair enough–it’s receive-only, so no good on mailing lists, netnews etc.

I’ve already begun using the service. It can’t help me escape from iCloud Mail purgatory now, of course, with the history my aliases have, but it will help henceforth. Anonymous email addresses you can turn off is a must-have feature.

Thanks for this Josh, this is very welcome.

I believe it is client-side. I did try this with my iOS 15.0.2 phone using the stock Mail account. There is no way that I could find to add the hidden address as an account.

Bad news, though; I did a test mail from a secondary email account, then replied to it. When I checked the headers on the reply, the actual email address was exposed in the headers. (My Apple ID is a gmail account; perhaps an iCloud mail address Apple ID would be different.) The reply-to address was the hidden iCloud address, but looking at the full headers showed the real email address.

Though I do have a separate Apple ID that uses an iCloud email address, I don’t have an iPhone or iPad set up with that address at the moment. When I install Monterey I’ll check it there on my secondary account and see if the same thing happens.

FYI. That duckduckgo now also offers an email protection service. I think there’s a wait list, and it has fewer features. But it doesn’t seem to be tied to paid services.

Doesn’t adding an email from an address you don’t want to Junk accomplish much of what this does? I guess it ends up in one’s junk mail which isn’t quite the same thing?

Because a non techy is more likely to forget to create the Hide My Email address when signing up.

Speaking as someone who runs a 24,000-person mailing list and spends far too much time helping people with delivery issues, I strongly recommend against using spam filtering as a way to unsubscribe. Although systems vary, sending the signal to an email provider that a message is spam can result in harm to the sender’s email deliverability reputation and can hurt deliverability to other subscribers. That’s why the article says:

Suppose you share one of those alternative addresses and start receiving unwanted messages from which you can’t easily remove yourself by clicking an Unsubscribe link at the bottom. In that case, you can deactivate or delete the address and never be bothered again.

Always start with the Unsubscribe link at the bottom, since then the sender’s system can mark your address as unsubscribed and won’t continue to deliver to you. The only reason to deactivate one of these addresses is if the sender isn’t honoring your unsubscribe requests.

just figured out what appears to be an oversight on apples part re the hide my email for icloud+ users - I used the hide my email for what I suspected were scammers but was playing along - so - when I got their email after signing up with hide my email their email in return asked for me to reply to get their free book - I hit reply and instead of the hide my email address my regular iCloud and .Mac emails were set as the sending email instead of the hide my email address that should have been there - I looked in internet accounts to try to add the hide my email address but could not change anything there so I went to may contact card to add the new email and altho I was able to add it there it was not available to me as a selection in the drop down menu under from in my reply - this essentially negates the use of hide my email if you reply to them with your regular email - is this an oversight that apple could fix or am I missing something simple? All comments welcome! Thanks everyone for making tidbits what it has become!

Just want to add that I have had the same experience: Can’t use my Hide My Email address(es) as a From address in Mail and I’ve found nothing in iCloud that lets this work either.

Is a rule in (Apple) Mail telling Mail to move a message to Junk the same as “using spam filtering as a way to unsubscribe” (at least in the context of this conversation)? I had no idea that Mail would send a signal. Or are you saying that the IMAP server, when told by Mail to move a message to Junk, would then send a signal? Is manually marking an individual message as Junk in (Apple) Mail the same as using a rule to move that message, at least for the purposes of sending a signal?

On a just barely related note, I have told Mail to delete messages from Trash and Junk after 30 days (in Mail > Preferences > Accounts > Mailbox Behaviors), but Mail does not delete messages from either mailbox. Any idea what I’m doing wrong?

It might be unrelated, but on my Mac, Mail has a nasty habit of changing the From address in a composition window, whether I’m replying or creating a new message. I’ve tried to train myself to check the From address every time I save a draft and before I send every message.

Generally, no.

It’s possible if an email provider uses the contents of a designated folder to train its spam filters. Fastmail, for instance, used to use the contents of the Junk folder to train your personal spam filter. (I don’t know if this information ever filtered up to the global spam filter the company maintained.)

Nowadays, Fastmail advises against using the junk folder to train the spam filters because it’s too easy for non-spam messages to end up in there. I’d bet the main reason is people using the junk folder as a destination for emails they signed up for but no longer want. For this same reason, it would be a bad idea for mail clients to interpret moving a message to the junk folder as a signal for actual spam.