How to Use Gmail Plus-Aliases (And Why They're Less Useful Than You Think)

The Syntax

Gmail (and many other providers) honour sub-addressing: any text after a + in the local part of the address is ignored for delivery purposes. So [email protected], [email protected], and [email protected] all deliver to the same inbox.

You can filter incoming mail by the tag (the part after the +) to route different signups into different folders or apply different labels automatically.

Use Cases That Work

• Filtering / organisation. Set up a Gmail filter that auto-labels everything sent to [email protected] with a 'Netflix' label. Useful for keeping marketing mail visible-but-separate.
• Tracing leak sources. Sign up for newsletter A with [email protected] and newsletter B with [email protected]. If spam later arrives at the +newsA tag, you know newsletter A leaked or sold your address.
• Lightweight account separation. Sign up for a forum with [email protected] so future password-reset emails clearly identify themselves.

The Myth: 'Plus-Aliases Stop Spammers'

Conventional wisdom says: spammers can't easily strip the +tag before sending. So you can 'disable' an alias by filtering all mail to that tag straight to trash.

Reality: any spammer with five minutes of awareness writes address.replace(/\+[^@]*@/, '@') in their code and the tag is gone. The most prolific spammers (the ones whose lists you'll end up on) already do this. Plus-aliases don't stop them.

What plus-aliases do help with is identifying the original leak source. Even if the spammer strips the tag, the breach disclosure may include your tagged address in the leaked data — and that tells you exactly which site leaked you.

Why Some Sites Reject Plus-Aliases

A significant minority of signup forms reject email addresses containing a +. Some are over-strict regex validators (the + is a perfectly valid character in an email local part per RFC 5322); some are intentionally trying to prevent users from creating multiple accounts via aliases. Either way, plus-aliases don't work everywhere.

This is one reason a true disposable-email service is more reliable than plus-aliases: temp mail addresses don't contain a + and pass nearly every signup validator.

Beyond Gmail

Sub-addressing is supported by:

• Gmail (with +)
• FastMail (with +)
• iCloud Mail (with +, on the @icloud.com domain)
• Outlook.com (limited support; recently added)
• ProtonMail (with +)
• Most self-hosted mail servers (Postfix, Dovecot) via configuration

Yahoo Mail does NOT support plus-aliases (they had a 'disposable address' feature called AddressGuard that worked differently; AddressGuard was discontinued).

Gmail Dot-Trick

Gmail also ignores dots in the local part: [email protected], [email protected], and [email protected] are all the same address. Some sites detect the dot-trick and refuse multiple signups; others don't. Less useful than plus-aliases because you can't easily filter by it.

Limits of the Pattern

• You can't disable a plus-alias the way you can disable an alias from SimpleLogin / Apple Hide My Email. All your +tag addresses are tied to your real Gmail forever.
• If you stop using +netflix for Netflix and they later leak, your real Gmail (minus the tag) is in the leak too.
• You can't rotate plus-aliases — they're not random, they're chosen by you.

Practical Takeaway

Plus-aliases are useful for filtering and leak attribution, not for serious privacy or revocability. For real revocability, use email aliases (SimpleLogin, Apple Hide My Email). For maximum privacy and one-shot signups, use disposable email. Plus-aliases are a lightweight middle option for things you want to keep but want to organise.

Related Guides

See also: disposable vs alias vs burner, why plus-aliases aren't a real privacy solution, and temp mail vs Apple Hide My Email.