If it wasn’t broken, why did it take all day to fix?

A few years ago, I decided to set up my own domain. I was (and am) a happy Gmail user, but I didn’t want my email to necessarily have to go through Google, and I’d realized that sending my personal email to my ibm.com address wasn’t viable in the long run. So I picked a nice short domain and started using it for everything.

I was worried about spam – not the random spam that we all have to put up with, but spam created by companies sharing email addresses. So I took advantage of having my own domain and started giving out unique email addresses every time I created a new account. Everything funneled into one mailbox anyway, but I had control.

Over time, I realized that there really wasn’t a lot of leakage due to email sharing. In fact, I found that I got more spam sent to “random_address@my_domain” than from any other source. So I stopped making up new addresses but I didn’t do anything about the hundred-or-so addresses I’d created.

In the last year, I’ve gotten quite a bit of misdirected legitimate mail – some of which I really didn’t want to have anywhere near my computer (other people’s financial data). But I couldn’t easily block it, because I had to leave my catchall forwarding in effect to handle all of the accounts I’d created years ago.

Today, I decided to fix the problem once and for all. First, I had to find out what addresses were getting mail. I fired up Mail.app and downloaded all of my current mail; then I crawled through the mail folders, pulled out the “Delivered-To” lines, and built the list of addresses in use (not all of which were ones I wanted to maintain).

After that, it was a straightforward, if slow, process:

  1. Look at the next address in the list
  2. Search for the mail referring to that address (on Gmail, search for “address in:anywhere”)
  3. Figure out what company or companies was using that address
  4. Log onto their website and change the address (or unsubscribe, if it was someone I no longer cared about)
  5. While I was there, I usually changed the username to something I could remember and made the password stronger (1Password is my friend!)
  6. Lather, rinse, repeat

It took all day (with frequent Facebook, Google+, and newsreader breaks, of course).

And I’m not finished – I still have quite a few weak passwords to strengthen. But not tonight.

Memo to self: sometimes, simple is just fine.

This entry was posted in Life. Bookmark the permalink.

3 Responses to If it wasn’t broken, why did it take all day to fix?

  1. I used to do this too, and similarly found it not worth the trouble. Google does a great job of aggregating my 4-5 addresses into Gmail, and don’t forget you can use yourgmailid+whateveryouwant@gmail.com. Gmail ignores the +… and just delivers it to you.

    Gmail also ignores periods in the user ID, so you can be your.gmail.id@gmail.com or even y.o.u.r.g.m.a.i.l.i.d@gmail.com if you’re so inclined.

  2. Danny Graham says:

    I’ve been strengthening passwords myself, of late, and I’ve found that while the following comic is, in fact, correct – many sites also require the use of numbers or symbols. http://xkcd.com/936/

  3. David says:

    Yes, I loved that comic! I use 1Password for my password management, and I usually let it generate a truly random, long, complicated password for me — and I never look at it. There are a few sites I really want to be able to log into ‘by hand’, and for those, I’m moving to the xkcd model, adapted to the site’s requirements.

    It’s a slow process.