• pivot_root@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    11 months ago

    It’s actually really easy to get past the custom domain issue.

    If the domain is send-and-receive, it will need a SPF record to avoid getting blackholed by most mail providers. A TXT lookup for the SPF record would tie the custom domain back to the real provider.

    Or even easier, you could look up the MX records to see what domain they point to.

    • SBJ@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 months ago

      I don’t use Simplelogin so I don’t know how their service works. The domains used for aliases don’t need to originate email so there’s no need for an SPF record. The A record for the hostname used for the MX record(s) could technically point at multiple IPs that could be changed often.

      I own a significant number of domains and manage my own servers. There’s quite literally no way for anyone to prevent me from using an email alias.

      My point was that trying to block email aliases is a fool’s errand. It’s a slight hindrance to only the least technical users. The entire 7c/fakefilter project is an exercise in futility.