> You are using a workaround for your privacy, and to prevent spam (not solid at either).
Neither, I do it so I can track which companies sold my email address on without my permission so I can put them on my shit list / report them to my government / shame them on the internet / whatever.
> The protocol proposes to alleviate a UX burden. The back and forth.
That seems to be _one_ aspect but that assumes you're logged into whatever email verification provider is in use.
> it would need Google (and other email provider supporting the + trick) to allow you to certify your ownership of a wild card set of email addresses, i.e anything matching what's before the + and the protocol would work just the same. Absolutely reducing some friction without adding you the extra burden your trick currently involves.
You assume that it's the email provider which has to implement this, which isn't so clear to me.
Only the email provider can attest that + addressing is in place, if a third party is involved, they can only explicitly match on full email addresses.
Like I said in my original comment, if it's the email provider that has to implement this, then the bulk of my issue is gone. Aside from the fact that now, as my own email provider, I have to implement this protocol somehow (easier said than done given my current infrastructure approach is aimed towards moving as many things into a non internet facing network).
I personally use a different, but still perfectly compliant suffix character. So just simplistic +suffix filtering isn’t complete. I’ve also considered using a double suffix and having the first one be required, so if someone cut off all suffixes it would go into junk anyway.
Regexing them out will break mail deliverability if the mail system doesn't do plus addressing. And you cannot know from a third party perspective if someone just likes putting plusses in their email address or if the plus is for plus addressing.
Neither, I do it so I can track which companies sold my email address on without my permission so I can put them on my shit list / report them to my government / shame them on the internet / whatever.
> The protocol proposes to alleviate a UX burden. The back and forth.
That seems to be _one_ aspect but that assumes you're logged into whatever email verification provider is in use.
> it would need Google (and other email provider supporting the + trick) to allow you to certify your ownership of a wild card set of email addresses, i.e anything matching what's before the + and the protocol would work just the same. Absolutely reducing some friction without adding you the extra burden your trick currently involves.
You assume that it's the email provider which has to implement this, which isn't so clear to me.
Only the email provider can attest that + addressing is in place, if a third party is involved, they can only explicitly match on full email addresses.
Like I said in my original comment, if it's the email provider that has to implement this, then the bulk of my issue is gone. Aside from the fact that now, as my own email provider, I have to implement this protocol somehow (easier said than done given my current infrastructure approach is aimed towards moving as many things into a non internet facing network).