Skip to content


My feedback

1 result found

  1. 2,464 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    106 comments  ·  General  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Rob supported this idea  · 
    An error occurred while saving the comment
    Rob commented  · 

    Hi Troy - first off thanks for the fantastic facility you provide via this website.

    Personally I use gmail accounts for most things. With regard to the placement of the ‘.’, I only use two variants - one without any, and one with them in to make the address more readable, so that's not a big deal for me; however, I make heavy use of ‘+ addressing’, not necessarily for major websites, but for things like forums, newsletters, sites I think may spam etc.

    I've been analyzing the haveibeenpwned report for our company domain. There are just over 1200 entries. Of those there are only 4 entries that are not included in the "Online Spambot" list, and those four are all genuine users.
    As a sample I've gone through all users starting with a "c", and at most 12 of 144 are potentially genuine. The vast majority of the rest look to be auto-generated, plus some invalid ones but based on real users' surnames.

    Based on those stats and also the unlikelihood of auto-generated spam email addresses being created with plus addressing, I therefore suspect any addresses that do contain plus addressing are very likely to be genuine accounts.

    Extracting and entering into the site all the plus variants of my email addresses from my password safe, and then on an ongoing basis adding new ones every time I sign up to a site could be quite onerous.

Feedback and Knowledge Base