Pirate Things / Security: Use Legit-Fake Emails to Sign-Up at Services (Using Google Apps)

Ever wondered if someone would be trying to break into your email? With that being said, if someone did they could look through your emails, discover what services you use, then go reset the passwords on said services - That's bad. Even worse, they may already know what services you use, which makes it all the easier for them.


First you're going to need a Google Apps account. You can get one for free, for your domain. I'm not going to go into the details of setting it up and etc. However if you already have a domain, your domain registrar may make it easy to switch the domain's mail server entries over. Like my registrar, NameCheap.(affiliate link)

Really, how?

Anywho, login to your Google Apps account (administrator mode), point at "Service Settings," and hit "Email."

After you've did that, look for "Catch all."

This is what you're going to point to your real email account, or a email account within your Google Apps. Mine happens to be @isnick.net. Save the changes and you're finished. Now how to actually use it.

Using a Legit-Fake Email

Now that you've created a catch-all address. Where all email will go if an address doesn't exist at your mail server, you can now point any username you want at services, and it'll still go to the real email. The only down-side to this, you can't reply from that email address, because it doesn't exist, technically.

However, using a rather rigged method, you can induce a "legit-fake alias" by sending yourself a confirmation email to the same address via Gmail, then send out with the fake email. No one will know the difference, or know your real address. I don't recommend doing this, as it's way complicated.

To get even more detailed about this non-existent email sign-up trick.

Gmail Filters

You can then (if you're still not convinced) send specific email from services to another domain completely. By using the filter inside of gmail to forward @amazon.com (for example), to [email protected], then delete it. Neat? Now not only are you using a decent fake email address, that actually receives (and if rigged) can send email, you can also keep all insanely-important (or paranoid) email completely out of it. Still no one knows your real address. (Unless of course they knew it before, or you gave it out to them).

In-closing, this is a rather crazy way of going about things. But if you really don't want people to know your email address, but still be able to enjoy services around the Internet, this would be an easy way to do it.

Note: Even though this article is about using a catch-all address for forwarding email, some mail servers may tell a spammer / human if the address actually exists or not. For example, they could simply ask "does this address exist," and the mail server will say yes or no. There are some mail servers setup to silently reject the email (if the inbox doesn't exist), or will send back that the address is not valid. So use this carefully, and only if the mail server doesn't reveal too much information about an address. A great insight can be found here.

Check out Google Apps.