|
Email Comments, Questions and Miscellaneous Share your opinion of the email service you're using. Post general email questions and discussions that don't fit elsewhere. |
|
Thread Tools |
5 Aug 2022, 10:39 PM | #1 | |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,742
|
Krebs asking about plus addressing
I wonder if anyone here would have information on this question from the security blogger Brian Krebs?
Quote:
|
|
6 Aug 2022, 05:55 AM | #2 |
Essential Contributor
Join Date: Apr 2014
Posts: 399
Representative of:
MXRoute.com |
I only have memories of reviewing excessive amounts of data from compromised databases. I don't even recall ever coming across a plus alias in any. I'm sure they were there but I feel pretty confident they'd be so few you could ignore them and exceed 99% effectiveness whatever your goal was for the data.
|
6 Aug 2022, 11:30 PM | #3 |
Essential Contributor
Join Date: Jan 2017
Posts: 278
|
I don't see what he's getting at, "highly suggestive" of what?
If enough addresses of the form "someuser+amazon@..." appear in spam then that suggests that amazon has been breached. Alternately if a stolen database of unknown origin contained many such addresses it would suggest it came from amazon. What he seems to be referring to is the the case where a known organization has been breached and the stolen database contains plus addresses referring to that organization. All that suggests is that the addresses belong to external users/customers. |
6 Aug 2022, 11:42 PM | #4 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,742
|
My guess is he is looking at large databases on the dark web and if you see a few addresses like username+website, then he would be suspicious that "website" had been hacked. Of course some of the emails in those databases might be from email service providers, so the presence of +website wouldn't tell you anything.
|
11 Aug 2022, 01:02 AM | #5 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,742
|
Krebs put up a new article on the pluses and minuses of using plus addressing. https://krebsonsecurity.com/2022/08/...email-aliases/
|