Roll-your-own Anonymizing Email Server
This post isn’t about a specific security breach, but rather a post to educate you on how to better protect your online identity. The term “anonymize” is used loosely for lack of a better word.
- Create a unique email address that forwards to your real email for every site you sign up for.
- Create a unique password for each site you sign up for
- Don’t reveal your real email address again
- Make hacker’s work more difficult
You might not think it, but your email address is a security risk if you have ever used it to sign up for any online account.
Let’s pretend you signed up for several different online services using your real email address (which may not be far from the truth). Your information is now stored on each of those site’s servers.
This is a high-level overview of the problem; more technical details will be available in the appendix.
The problem begins when one of those site gets hacked and your email/password combo get into the hands of hackers. Now that they have it, the hackers could simply try to log into your email provider using the password they just stole. If you happened to use your email password to sign up for those sites, they could easily succeed logging into your email account. From there, it’s all downhill. Once they are in your email, the hackers can:
- reset your email password to lock you out of it
- start clicking “Forgot Password” links to lock you out of any other online account tied to your email address
- steal other personal/private information from your emails
- getting email addresses of your saved contacts
This post is about an (almost) free way to anonymize your email address. However, I do want to point out the paid option, which works very well if you are less technical and don’t want to create your own setup.
The Paid Option
For a fee, Blur provides you with masked emails. Basically, you can generate a new email address for every site you use and then anything sent to that address just gets forwarded to your real email. One caveat here is that you can’t send an email directly from this address (unless you are replying to an email sent to that address).
The (Almost) Free Option
Here is what this setup involves:
- A domain name
- A Mailgun account
- A real email address
Purchase A Domain Name
Instead of @gmail.com or @outlook.com, you can have your email domain be anything you want such as @somefakedomain.com. In this example, I’ll be using email@example.com.
You can get a domain name in several different places. I’ll be using Google Domains because it has free domain privacy as well as some nice management tools.
Depending on the volume of email you send/receive (Mailgun has a 10k/month limit for the free option), this will be your only out-of-pocket cost.
Add Your Domain On Mailgun
Once you own your domain name, login to your Mailgun account.
- Navigate to Domains > Add New Domain
- Type in your domain name
- Click Add
Create DNS Records On Google Domains
- Log into Google Domains
- Create the DNS records per Mailgun’s instructions
Verify DNS Records On Mailgun
- Return to Mailgun
- Click Check DNS Records Now
You should get some green checks across the board if you added the DNS entries correctly. Now, you can begin adding users.
Create Routes In Mailgun
For each new site you sign up for you should create a route, which will act as a sudo user email account.
1. Click Routes > New Route
2. Set Expression Type to Match Recipient
3. Set Recipient to an email address you want to use
4. Check the box to Forward
5. Enter your real email address in the text field
6. Click Create Route
If you did it correctly, you should now be able to send an email to the address you created and it will get forwarded to your real email.
Get In The Habit
Now that you can make as many emails as you want, you should be using a different email address for every site you sign up for (including existing sites).
You can come up with your own naming scheme, make it completely random, or whatever you want. One method I use is to create an email address with the name of the site, so I can filter it easily when it hits my inbox.
For example, if I was going to sign up for pi-hole.net, I would create an email named firstname.lastname@example.org and that email address is only used for pi-hole.net and nothing else.
I will explain this more in the appendix, but due to the way hackers retrieve and store email/password combos, it’s a good idea to have unique combinations for each site you sign up for. This will help protect your identity when paired with a layered security model.
Keep your real email address private.
Email Is Hard!
Email is way more difficult to setup than you might think. For that reason, I opted to use a cloud service, which also has some other nice features for those comfortable using an API. There is a lot more you can do then what I mentioned in this post.
It’s definitely possible to do this yourself with a private email server, but the above solution can get you up and running in a matter of minutes.
Hashing, Salt, Rainbow Tables…
There is an article on Ars Technica that changed the way I think about security because if a non-hacker can figure out how to crack passwords, then it’s not much harder for a malefactor to do even more.
It’s an older article (there are also some follow ups to it), but more often than not, I find myself thinking about it. I also mention this article to my family when I talk to them about securing their identity.
Depending on how serious the site you sign up for takes their security, your email and/or password may be stored in any combination of encrypted or cleartext. If it’s the latter, the hacker’s work is already done.
Many sites will take the additional step to encrypt your email and/or password. But to really understand why using the same email and/or password for every site is so bad, despite being encrypted, you need to understand how hashing works.
A hash is nothing more than a mathematical representation of some information. So if a password is hashed, some math is applied to the text to return an alphanumerical string.
So the hash of the password password is
Now if you change even a little bit of the original password, it renders a completely new hash. So if the password was Password with a capital P the hash would be
You can see the comparative difference below:
password = c8fed00eb2e87f1cee8e90ebbe870c190ac3848c Password = 3f44a88d098cdb8a384922e88a30dbe67f7178fd
This might seem like a good security measure but it’s still pretty weak. The hackers are learning and creating rainbow tables that contains the passwords they have discovered along with their corresponding hash.
So even if a hacker downloads a list of hashed passwords, they can compare it to the rainbow table and quickly decipher the password without any additional work.
See Where I’m Going?
So if your email address also happened to be hashed and you used that same email address on multiple sites, it can be quickly deciphered as well. And if you used the same password, you’re basically making it easy for the hacker to compromise your life.
So if you can use a unique email for every site, your real email/password combination should never make it’s way onto a rainbow table.
email@example.com = 72d56a756b26c9006f3e03fe95b4090e119aa70e firstname.lastname@example.org = 2dbe1f5ece3342dfe4d414528526c3d24b5194c2
Some sites take additional steps by adding a salt to the hash, which is basically just more random information to further encrypt the data. But it’s in your favor to make it as difficult as possible for the hacker to find out your real information.
This is far from an in-depth look at the password, but hopefully it piques your interest and helps you protect yourself a little bit better.