I do this all the time with Google Apps to track who sells my email address, creating a new one for each place I signup.
1. Create a catch-all address for the domain you're going to use that isn't the normal postmaster one.
2. Pick a three- or four-letter combination of letters that rarely appears in normal conversation (like dcj, for example).
3. Set a mail filter on the catch-all account to forward all mail that has your three-letter combination as a part of its recipient list to your real address.
This means that for every service you sign up for, you can create a new address (I always use domainname.code@mydomain) that is trackable and gets to you. For example, I just signed up with Via Rail's online system - using the address viarail.dcj@mydomain. It will get forwarded to my real address (since it's got the dcj in there), if I start getting spam on it I'll know where they got the email address from, and if it gets really bad I can just change my filters to block all email to viarail.dcj@mydomain.
You could do something with Gmail's plus-addressing, but I find that many services don't accept those email addresses.
Yahoo Mail offers a service called AddressGuard that does exactly this, but it's only available to paid accounts. You can also easily use these as your from address, so even in direct correspondence, you still shield your primary address from the recipient. (This allowed me to verify that eMusic sells their subscriber list to spammers.)
A free alternative is SneakEmail (http://www.sneakemail.com) which allows you to set up disposable addresses that forward to your primary account, and allows you to set up pre-forwarding filters. They also create a unique address for the sender of each email, and you can set up your SneakEmail filters to insert this as the reply-to address of each email you receive.
SneakEmail is great; it's what I use when I'm seriously suspicious of who I'm sending mail to.
For 95% of the things I sign up for, however, I'm not that paranoid - the slight decrease in security is offset by the added convenience of not having to log into a third-party service (like SneakEmail) to get what I'm doing done.
Good idea. For those of us who use an @gmail.com address, here's what you can use in lieu of plus signs, which as JimmyL said often don't work:
Gmail lets you insert periods between the letters of your username. So if my email address is someusername@gmail.com, the following are valid variants of my email address:
some.username@gmail.com
some.user.name@gmail.com
s.omeusername@gmail.com
And so on. So you can use variants for different services you sign up for. Also note that you can substitute @googlemail.com for @gmail.com.
1. Create a catch-all address for the domain you're going to use that isn't the normal postmaster one.
2. Pick a three- or four-letter combination of letters that rarely appears in normal conversation (like dcj, for example).
3. Set a mail filter on the catch-all account to forward all mail that has your three-letter combination as a part of its recipient list to your real address.
This means that for every service you sign up for, you can create a new address (I always use domainname.code@mydomain) that is trackable and gets to you. For example, I just signed up with Via Rail's online system - using the address viarail.dcj@mydomain. It will get forwarded to my real address (since it's got the dcj in there), if I start getting spam on it I'll know where they got the email address from, and if it gets really bad I can just change my filters to block all email to viarail.dcj@mydomain.
You could do something with Gmail's plus-addressing, but I find that many services don't accept those email addresses.