I've overhauled and updated my "Privacy First Steps" guide, including adding a section on email aliasing services ✍️
https://sethforprivacy.com/posts/privacy-first-steps/
If you haven't read through it before, this post is how I would approach the journey towards personal privacy (even down to the order!) if I could do it all over again. I think this is one of my most actionable and helpful pieces of content, so I'm glad to be able to share it with Nostr for the first time!
Would love to hear any feedback you all have, or if you'd do things differently!
With an email aliasing service, don't you expose your emails through the aliasing provider?
Let's say I use protonmail without an aliasing service. In theory the only party that is able to read my emails is me and the person I'm sending emails to (as well as their email provider assuming they don't use encryption).
Is there a way to mask or encrypt the emails being routed through the alias provider?
As far as I know, some aliasing providers support PGP encryption, like SimpleLogin. Now that Proton owns SimpleLogin, it's a bit of a useful negotiation, as we can continue only trusting one party, if you're already using Proton Mail. Of course, it's useful, only as long as your threat model allows you to trust that party in the first place.
