Suggestion: easier creation of aliases

Hello to the Runbox Community,

Context
I have an extensive use of the alias functionality which I find great for anonymity and for fighting spam. Ideally, I would create one alias per account that requires an email address. Actually, if I could suggest one improvement to Runbox, that would be on that functionality. The most limiting factor being the alias creation process.

Suggestion summary
I’m suggesting that Runbox should:

0. add a comment field to the Registered Aliases list,
1. send an email when the alias gets ready to receive e-mails,
2. make the alias creation quicker,
3. provide an API for alias creation.

Process of creating an alias
Now that I’ve provided a very short summary of my suggestion, let me elaborate a bit. First of all, what is it like creating an alias in the use case I’m describing? The point of aliases in this specific context is to avoid giving away any means of contacting me to a (potentially security-unconscious or shady) website I’m subscribing to. For this purpose, I wish I could create a unique alias every time I create a new account.

In this context, here’s the process of creating a new account on a arbitrary website:

1. start filling the website account creation form until asked an e-mail address,
2. log in to the Runbox website,
3. go to the alias page,
4. generate a random string for the alias (on my computer),
5. fill Runbox’s alias creation form,
6. wait for the alias to be ready (otherwise I’ll be in trouble with the email verification),
7. test whether the alias is ready by sending an email to it,
8. repeat 6-7 until it’s ready,
9. complete form.

Suggestion details
Here is a more involved description of the suggestions already mentioned:

Suggestion 0: comment field gives the opportunity to keep a note about the point of every alias. In the case of purely random aliases that would be very handy. In the meantime I pre-pend the name of the website to the alias name (e.g. Stack Overflow’s alias stackoverflow_iyni5haiatzk@runbox.com).

Suggestion 1: notification would spare me from actively checking it whether the alias is usable (wait/test (6-7) loop in the process description above). This can seem as a detail for those who don’t work this way but that would also be very helpful (at least to me) because in the wait/test loop mentioned in the process above I tend to move on to another task and I might forget about the account creation long enough for the form to be reset. The notification email from Runbox would remind me of the process I’ve initiated and tell me that the Runbox alias is ready for me to resume the process of the account creation.

Suggestion 2: quicker availability is obviously more difficult to implement. I do understand that it’s more involved than fixing a centralized database. I also realize that it’s unlikely to be worth it to implement it given that not many users are following this use case. I mention it anyway to give an idea of how things could work.

Suggestion 3: API is the most involved. This API would be useful only after the alias creation gets (almost) instantaneous. At that point, you can imagine that a website account creation form could be auto-filled with the alias email address without the user having to go through the hassle of the process described above. This would be a killer feature but I know, I’m daydreaming. Who would build the app, anyway?

Workaround
In the meantime, I’ve been using sub-addressing (link in the P.S.) (i.e. using an existing address with a unique +something appended when I need a new email (e.g. alias_iyni5haiatzk+stackoverflow@runbox.com). But this is an inferior solution and wouldn’t divert spammers at all were this trick just a bit more widely used. In case of a massive e-mail leak, just a very basic sed command on the list of leaked e-mails would rid them of their +something and fully compromise the base address. And this has only little benefit with respect to anonymity.

Up to the point alternative
All of this leads me to a less ambitious alternative suggestion 4. Runbox could offer the possibility to create several random aliases with just one click. This would allow for alias provisioning and evade the wait time when new random aliases become necessary. The comment field (suggestion 0) would make it possible to know what aliases are already in use. (Of course “just one click” is my user-centric point of view. Runbox still has to check whether there are name clashes.)

Concluding remark
I understand that it’s unlikely that my use case is currently worth the trouble for Runbox. But I’m still convinced that this process makes the user (well, me ) safer. So much that (if properly designed and integrated) it could be a selling feature. (It’s actually one of the most prominent reasons why I moved away from “free” email hosting providers.)

Sorry if this was too long. I hope someone goes as far as reading through this all. Thank you very much for you attention and let me/us know what you think of this. As it’s my very first message to the community, I hope I didn’t break any rules. Please bear with me.

And thanks to the Runbox team for the great service you’ve been providing for years!

Sincerely,

Vincent

Full disclosure here, I asked @vincent to post his suggestion in our community forum because I thought it might be an interesting discussion to have.

At the moment, we don’t generally have many customers who say that the alias creation time is a problem for them, and we now have it down from 15 minutes to 5 minutes and it is part of a system that pushes a number of changes every 5 minutes to our mail servers.

However, sometimes there is no market for a feature until it exists and proves its usefulness, so it would be interesting to hear what others think about this idea.

Alias creation and display will be different in Runbox 7, and it will include the ability to add a “label” to an alias so that you can give it some name that lets you know why you created it.

This is great news! Just this simple functionality will help a lot to cope with the use case manually. As we discussed, it will make it possible to provision random aliases easily by (e.g.) just putting a note on the ones in use. Then, they will be ready when they’re needed.

Plus it will allow for fully random aliases with no part of it that’s used as a reminder. e.g. stackoverflow_iyni5haiatzk@runbox.com could have been iyni5haiatzk@runbox.com with the note “Stack Overflow”.

Thank you Runbox. Can’t wait for this label field to be available!

Yes, this future comment field will be very useful.
Currently I maintain a separate file containing each alias name and its purpose.