Gmail – Best way to set up site-specific, removable email addresses using Gmail

gmailgoogle-apps-emailspam-prevention

I'm currently trying to figure out a good solution for this problem. I do get spam messages very rarely and I'd like to find out which site gave away my address (or was hacked), so I'd like to use different addresses for each registration which are still managed in a central way.

I'd like to be able to:

  • Use my main Google/GMail account with it, somehow.
  • Set up a new addresses easily and quickly.
    • It would be cool if the addresses were created automatically if a mail is sent to it.
  • Remove an address, so I won't receive any mails sent to it anymore
  • See my emails both per address and all in one list in my mail client (OS X' Mail.app)

So far I've found two possible solutions, both with advantages and disadvantages:

1. Using plus-aliases with Gmail, e.g. firstname.lastname+amazon@gmail.com)

+ No need to create aliases, all emails simply arrive in my main inbox
+ Free and simple, no configuration at all
I wouldn't be able remove such addresses, I would still receive spam. I would have to blacklist the addresses instead.
Each time I make a new account somewhere, I would have to explicitely create a label/filter rule in Gmail's web interface
Many sites don't accept plus signs in email addresses. That's a deal breaker.

2. Using an own domain with Google Apps, e.g. amazon@mydomain.com

+ I could delete addresses completely.
+ Full control over my emails. I could easily migrate to another provider, but I doubt this will be necessary in the near future.
I couldn't actually create new addresses, but user accounts, each with his own password.
I'd rather have one account with multiple addresses than separate accounts managed by an main account (the Google Apps account).
Not free. But it's not expensive, so that's no problem.
~ To avoid having to add every single account to Mail.app, I'd have to redirect the mails to my main account. In that case, I would again have to create labels/filters. And I don't know I could then answer to a mail with the account it was originally sent to from within Mail.app.

So the bottom line is, neither solution is perfect. The first one is more comfortable, but I know I will be pretty annoyed every time I see a "character not allowed" validation error in a registration form.

Is there any way that includes the advantages of both solutions with as less disadvantages as possible? It could be a specific configuration of either method, a combination or something completely different.

Best Answer

There is no elegant solution but here is one that should do what you want:

  1. Using your Google Apps account, create a secondary user: garbagecollection@mydomain.com
  2. Set the catch-all (in Control Panel for domain, email settings) to go to garbagecollection@mydomain.com
  3. Write a Google Apps Script which scans the inbox periodically (every 5 min?, daily?)
  4. The script would:
    1. Automatically add new addresses to a control spreadsheet
    2. create a label for each new address in your main email account
    3. forward each email to your main account (if not black listed in spreadsheet)
    4. apply the label in your main account

It would work as follows:

You create registration specific email addresses such as firstname.lastname.amazon@mydomain.com because the garbagecollection@mydomain.com is a catch-all, it will accept any email. The script records all new addresses it in the spreadsheet. When you want to stop receiving email, you flag it in the spreadsheet and the script deletes the email rather than forwarding it.