About Alt Address

Site Information

Alt Address was privately launched in 2004 to provide disposable email addresses to fight spam and create immunity from marketers sharing our personal email addresses.

There were similar sites at the time, but they offered only very basic functionality. Since the beginning we have supported receiving mail with attachments, HTML emails with inline images, and password protected email boxes with the ability to keep messages indefinitely.

Our main purpose is to give users of the internet community free and low cost access to email addresses to protect privacy and prevent their information from being shared or sold without consent.

Security

We use a number of industry standard security practices to protect the site and user data.

Here are some basic security facts about the site:

  • SSL/TLS always
  • Minimal logging. Web server logs are only kept for 48 hours for debugging purposes.
  • Tor support. Alt Address is accessible via Tor using our .onion address.
  • Strong password hashing. We use Bcrypt with a high cost and secure salts to hash passwords.
  • We don't collect your email address unless provided voluntarily.
  • User to user private messaging with optional TripleSec encryption before sending to the server and decrypted in the browser.
  • Our mail servers support encrypted SMTP sessions with other email providers.
  • No IP address information is logged or tied to user accounts during registration or at any other time.
  • Outbound links in emails are rewritten to give a warning when clicked, remote images in HTML emails are blocked by default and can be shown with the click of a link. All Javascript and dangerous content in emails are removed.
  • Strict access control rules ensure emails and attachments are only viewable by the account owner.
  • We're privately hosted using dedicated servers. ABSOLUTELY NO CLOUD PROVIDERS, VPS, OR SHARED HOSTING EVER!!!

Technology

Here is what we use to run Alt Address. Security updates are automatically applied as they become available.

  • Apache httpd server
  • PHP 7.4
  • MariaDB
  • Laminas Framework
  • Exim MTA for sending and receiving mail
  • Memcached (for temporary email storage)
  • OpenSSL 1.1.1
  • Bootstrap and jQuery for the frontend

Roadmap

There are a lot of features we'd love to add in the future, time and funds permitting. Some such features are:

  • Premium unlisted domains. Point your own domain to Alt Address for unlimited, private disposable email addresses.
  • Encrypt emails upon receipt for storage using public key cryptography where each user has their own keys.
  • Email forwarding and notifications upon receiving messages.
  • Allow users to disable specific email addresses and bounce messages back to the sender.
  • Ability to proxy remote images in emails through Alt Address to further protect your identity.
  • Credits that can be purchased to allow sending of messages to outside email addresses (we're NOT a traditional email provider!)
  • Geographically distributed mail servers for high availability.

Questions or comments?

We'd love to hear from you. Feel free to contact us with suggestions, questions or other feedback.