Cut Down on Junk Mail with iCloud+’s Hide My Email

Originally published at: Cut Down on Junk Mail with iCloud+’s Hide My Email - TidBITS

The new Hide My Email feature of iCloud+ helps you avoid junk email by creating disposable forwarding addresses when you sign up for websites and apps. Here’s how to take advantage of it.

1 Like

Thanks for this information, @jcenters. I have not signed up for extra storage at iCloud, but I refrain from putting stuff there that I occasionally wish I could access from another device. With this added benefit, I might pay for extra iCloud storage.

Off-topic but somewhat related comments.

iCloud is one of “many other email services,” but it’s all for naught if the web site where I’m trying to use plus addressing rejects an email address with a plus sign—or, worse yet, accepts it but then won’t use it, so no email ever arrives.

I somewhat have that problem with plus addressing. In Gmail, I would need to create something (I think it was a new SMTP server entry, but I’m not sure) for each plus address. My work-around is to use the Reply-To field in any email I send and send it from the regular account. In my limited experience, this has worked.

1 Like

Generating random email addresses is a great idea. I like Hide My Email, and 1Password’s ability to work with Fastmail to generate randomized Masked Email. The problem is that it is far from seemless.

I like the 1Password’s integration into the IOS’ AutoFill Passwords. When on my iPhone, I go to a login field, the iPhone gives me the ability to automatically fill in my information from 1Password. I can use FaceID to authorize it.

I can create a Hide My Email address in Safari, but that doesn’t tell 1Password that address. I have to copy and paste it.

I can use 1Password to generate a Fastmail Masked Email, but only by using the Safari plugin which requires me to login to my 1Password account each time. I can’t use FaceID.

Well, there is one exception: if you reply to a message sent to a hide my email address, Apple will [edit: sort of] hide your real email and it will appear to come from that address.

[edit: See more info on my post below to show that this doesn’t fully hide your real email address.]

1 Like

Interesting! Is that feature implemented client-side in recent OS releases or does it work with other clients? Perhaps the limitation is simply in the valid list of sender addresses, but it’s not actually enforced server-side, and so you could still technically send from one. Hmm–must test. Answer: nope–seems the SMTP server says no just as though it were a foreign address. That’s too bad, but fair enough–it’s receive-only, so no good on mailing lists, netnews etc.

I’ve already begun using the service. It can’t help me escape from iCloud Mail purgatory now, of course, with the history my aliases have, but it will help henceforth. Anonymous email addresses you can turn off is a must-have feature. :slight_smile:

Thanks for this Josh, this is very welcome.

1 Like

I believe it is client-side. I did try this with my iOS 15.0.2 phone using the stock Mail account. There is no way that I could find to add the hidden address as an account.

Bad news, though; I did a test mail from a secondary email account, then replied to it. When I checked the headers on the reply, the actual email address was exposed in the headers. (My Apple ID is a gmail account; perhaps an iCloud mail address Apple ID would be different.) The reply-to address was the hidden iCloud address, but looking at the full headers showed the real email address.

Though I do have a separate Apple ID that uses an iCloud email address, I don’t have an iPhone or iPad set up with that address at the moment. When I install Monterey I’ll check it there on my secondary account and see if the same thing happens.

FYI. That duckduckgo now also offers an email protection service. I think there’s a wait list, and it has fewer features. But it doesn’t seem to be tied to paid services.

1 Like

Doesn’t adding an email from an address you don’t want to Junk accomplish much of what this does? I guess it ends up in one’s junk mail which isn’t quite the same thing?

Because a non techy is more likely to forget to create the Hide My Email address when signing up.

Speaking as someone who runs a 24,000-person mailing list and spends far too much time helping people with delivery issues, I strongly recommend against using spam filtering as a way to unsubscribe. Although systems vary, sending the signal to an email provider that a message is spam can result in harm to the sender’s email deliverability reputation and can hurt deliverability to other subscribers. That’s why the article says:

Suppose you share one of those alternative addresses and start receiving unwanted messages from which you can’t easily remove yourself by clicking an Unsubscribe link at the bottom. In that case, you can deactivate or delete the address and never be bothered again.

Always start with the Unsubscribe link at the bottom, since then the sender’s system can mark your address as unsubscribed and won’t continue to deliver to you. The only reason to deactivate one of these addresses is if the sender isn’t honoring your unsubscribe requests.