How to Set Up Email Aliases With SimpleLogin or addy.io

Email aliases give every signup its own throwaway address that forwards to your real inbox. If one alias starts getting spam — or shows up in a breach — you disable that single address and your real inbox is untouched. This guide walks through the actual setup with SimpleLogin and addy.io, the two strongest options, and the per-signup workflow that makes aliases worth the small effort.

The earlier comparison of alias services covers which to pick. This is the hands-on “now set it up and use it” guide.

Step 1: Pick a Service and Create an Account

Both services have a usable free tier:

• SimpleLogin (owned by Proton) gives you 10 aliases on the free tier, browser extensions, and mobile apps. Premium ($30/year) adds unlimited aliases, custom domains, and PGP.
• addy.io is open source with a generous free tier; its $1/month Lite tier already includes one custom domain. It encrypts forwarded mail with PGP on all tiers, including free, if you add your key.

Create an account and set your real inbox as the forwarding destination. This is the address every alias will quietly deliver to — your encrypted mailbox, ideally. Verify it.

Step 2: Create Your First Alias

In the dashboard, click to create a new alias. You’ll get something like [email protected] or [email protected]. You can usually customize the prefix.

A useful habit: name the alias after where you’re using it. netflix@yourdomain or [email protected] tells you at a glance which service an alias belongs to — invaluable later when an alias starts getting spam and you want to know who leaked it.

Use that alias as your email when signing up for the service. Mail sent to it forwards to your real inbox automatically. The sender never sees your real address.

Step 3: Install the Browser Extension

Both services offer browser extensions, and this is what turns aliasing from a chore into a reflex. When a signup form asks for your email, the extension offers to generate a fresh alias right there in the field — one click, named after the current site, no dashboard visit.

This is the difference between “I’ll use aliases for important stuff” and “every signup gets its own alias automatically.” Install the extension and the friction effectively disappears.

Step 4: Learn to Reply Through the Alias

The feature people miss: you can reply so the recipient sees the alias, not your real address. Both SimpleLogin and addy.io support this (with limits on free tiers).

It works through a reverse alias. When a forwarded message lands in your inbox, replying to it routes back through the service, which rewrites the sender so the recipient sees the original alias. To them, the conversation is entirely with netflix@yourdomain — your real address never appears in either direction.

Without this, aliases only protect incoming mail; the moment you reply, your real address leaks. So set this up and use it for any alias you expect to correspond through.

Step 5 (Optional but Recommended): Add a Custom Domain

Provider-branded aliases (@simplelogin.io, @addymail.com) work fine, but a custom domain is more portable and less obviously a “throwaway.” With a custom domain you create aliases like [email protected] on demand.

This requires a paid tier (SimpleLogin Premium, or addy.io’s $1/month Lite) and a few DNS records — MX pointing to the service, plus SPF and DKIM for deliverability — added at your registrar following the service’s exact values. Once verified, you can invent unlimited new aliases on your own domain without even visiting the dashboard, because the service catches anything sent to the domain.

The portability payoff is the same as with custom-domain mail: if you switch alias services later, you re-point the domain and every alias keeps working.

Step 6: Turn On PGP Encryption (If You Want It)

A subtle leak: an alias service sees your forwarded mail in plaintext as it relays it, unless you encrypt the hop. Both services support PGP encryption of forwarded mail — you upload your public key, and the service encrypts each message before delivering it to your inbox. addy.io offers this on all tiers; SimpleLogin includes it on Premium.

If your threat model includes not trusting the relay itself, enable this. For most users protecting against spam and breach correlation, it’s a nice-to-have rather than essential.

The Per-Signup Workflow

Here’s the routine that makes aliasing pay off:

1. Every new account gets its own alias — generated via the extension, named after the site.
2. When an alias starts getting spam, you know exactly who leaked or sold it. Disable that alias; your inbox goes quiet again and nothing else is affected.
3. When a service appears in a breach, that alias is the only address exposed. Burn it, create a new one for that account, done.
4. You keep one or two stable aliases for high-value accounts (bank, primary identity) that you never burn, and treat everything else as disposable.

The result is a clean separation: a leak or breach is contained to a single address instead of poisoning your real inbox forever.

What Aliases Don’t Do

Set expectations. Aliases hide your real address from the recipient, but the relay service still knows the alias-to-inbox mapping (which is why the service’s own privacy posture matters — both of these are reputable). And aliases protect the address, not the content — that’s what end-to-end encryption is for. Used together, they’re a strong combination.

---

Related: which service fits your needs — see the alias services compared. For why a separate address per context matters at all, what email metadata leaks.