Vector image of envelope

How to stop your email from being sold

Step 1: Custom email domain

This is a necessary but all around useful thing to do: get a custom email domain. Domains are cheap, hosting is too. Use something like NameCheap for the cheapest option.

Step 2: Custom email provider

Set up a custom email provider on that domain. Services like Google Apps come with Gmail out of the box, and Protonmail is pretty great too and very private.

Step 3: Set up a catch-all address

This will vary from provider to provider, but each will have their own official instructions on how to do this - Googling for this is your best bet (i.e. "Protonmail set up catchall").

Step 4: Define a filter

Set up an entrapment filter like "all emails starting with trap should go to the 'Trap' folder, delete all others" or something similar.

Step 5: Use a new trap email for every service you sign up for

This is the most important part. Every time you sign up for a new service or register a new account somewhere, sign up for a newsletter or give out your email at a conference or meetup use a different email. Be as descriptive as you want, but keep the prefix as defined earlier. For example: could mean that this email was given out at 2018's Consensus conference on May 20th. Because you've set up a catch-all email on your domain and a prefix which puts all emails that start with "trap" into a special folder, you can easily keep an eye on the entrapment emails coming in without them cluttering up your main inbox, while keeping the main inbox filled only with the important stuff.

Final step: Pounce

When you notice that an unrelated service has contacted you from an address that was obviously given out elsewhere, for example CoinTelegraph emails you to your trap-consensus2018 address, that can be proof that Consensus has sold your email address and CoinTelegraph has bought it. If this is something you consented to when buying your Consensus ticket, fine. But if not, this is a big GDPR violation and both companies deserve to be reported.

If enough people do this, we'll stop spam together

Due to GDPR, we're no longer allowed to send out email to people whose email addresses we purchased, so get your friends and colleagues to sign up to be notified when their email ends up in our collection. We'll keep buying the lists from the illegal sellers if we think they're legit and maybe in time we'll put a stop to the practice.

Spread the word and implement the protection mechanism detailed above to keep your online privacy intact!

If you'd like to help us reimburse the costs of buying these lists, we'd appreciate it as it's all coming out of our pocket right now. You can help us by buying some cryptocurrency via or by donating directly to:

  • BCH: 1NEG66PGk7uBhaFAohnuL8HziJc8MuH5SL
  • ETH (and any ERC20 tokens): 0x8A60a3794fE824D129e232f306d8913dB8f192eC
People fistbumping on public transportation


Frustrated computer user

Is the protection process too complicated for you? Email us, we'll handle the setup for you for a nominal fee. Feel free to also get in touch if you just want to chat about upcoming features, new lists you found out about, or GDPR.

Get in touch
Bruno Skvorc (Bitfalls on Twitter)

This project was made by Bruno from, a blockchain technical education portal.

Tweet at him or check Bitfalls out
Vector illustration of lock on a sign, indicating privacy

Privacy policy

We will not sell, distribute, or share your email address with anyone for any reason. You can be instantly removed from our database by clicking the "Remove me from your database" button at the top of the page. Any information about you that we collect through your actions of visiting this site is not collected or saved, not even analytics, and we use no third party services, not even Google Fonts (which are technically illegal now).