Please use a personal email. My email is ‘mail’ @ ‘my actual name’. It does not get more personal than that
But you can’t use emails starting with mail@, admin@, support@, info@, main@, etc.
Instead they advised me (3 times) to create a personal email on a service like Yahoo, Outlook, Gmail, Orange, etc
This is a feature, not a bug. The rest of us don’t want crap being sent to admin email addresses, so fix your damn email and try again.
Personally I use generated email addresses to most places, but my personal address is <FIRST>@<LAST>.us
The email i was trying to use was mail@ my actual name and surname.
It is very handy to share and easy for people to remember.
I dont feel that it needs fixing when it is perfect for me and my needs but not for some company that needs to be overly careful
They’re advising you to use a personal email that is tied more directly to your name or identity, like using Yahoo Mail, Outlook, or Gmail, which they view as more personalized.
If you’d like, you could try creating an email address with your actual name (or a variation) on one of the recommended services, like: yourname@gmail.com yourname@yahoo.com This should resolve the issue
Security professional here. This is legit a good call on their part. It’s because those types of addresses won’t bounce emails but aren’t necessarily in your control; it’s very, very easy to spam those petition forms with mail@ for a million real domains without bouncing the emails, making them seem legit.
You own your domain, obviously, so it’s really as simple as creating a forwarding/alias address of “changeorg@domain.tld”. If creating a forwarding/alias address is that much of a problem for you I suggest that you likely shouldn’t be hosting your own email in the first place.
Your laziness isn’t a good reason to be upset with a company taking steps to reduce their security overhead significantly
They do though mention “+” and “-” also banned in the username part, which is kinda annoying
that’s to stop people from spamming signatures with user+1@gmail, user+2@gmail, user+3@gmail, etc.
You can still spam with user1@domain.tld, user2@domain.tld etc and it takes basically no extra effort
Yeah I agree that one seems silly on the surface but for their specific situation I understand why: services like Gmail allow using a + to create faux-labels. So for example foo@gmail, foo+bar@gmail, and foo+baz@gmail all get delivered to the same account. For change.org that’s a problem because it allows a single email account to fill out the form many times.
Ideally, they would simply truncate everything after and including those symbols but it’s possible other services have different rules (maybe yahoo let’s you prepend faux-tags instead of appending them, or something like that) so simply blocking their use altogether could be the more robust solution
Eh, honestly I think blocking plus addressing as a workaround to block people from using multiple identities on the site is very weak argument and ignores completely the reason plus addeesses are being used in the first place, tagging.
And the addition of “-” just tells they don’t really know what they’re doing, considering it’s not only valid but also very common symbol in email addresses