Tacita Tips: Tired of spam emails? Use this ‘plus addressing’ trick to find their source

Photo of stacks of SPAM tins.
Photo by Hannes Johnson

Did you know that roughly 319 billion emails were sent and received daily last year? 

And it feels like the majority of those have been sent to me. 

My personal email inbox is filled with offers, coupons and vouchers, and updates from businesses that I’ve never heard of, let alone provided my email address to. Yet these emails remain unopened and unacknowledged in my inbox. 

How do I stop this?

Whilst I can issue a data subject request (DSR) to each and everyone of these companies, this would be a time-consuming and slow exercise. Meanwhile, the root cause of the issue (i.e the initial company who provided your email address to these third parties) will likely remain undiagnosed.

That’s why I’ve started to use the ‘plus addressing’ feature.

What is ‘plus addressing’?

‘Plus addressing’ (otherwise known as dynamic instant aliases) is a feature that can be used on Microsoft 365 and Gmail. It allows users to easily sort newsletters and sales emails from actual emails, as well as identify the potential source of the spam emails.

How does it work?

Say your registered email alias is ‘ihatespam@outlook.com’. You decide that you would like to sign-up to the ‘Big Sports’ newsletter, or receive updates on deals and early sales information. When doing so, you would input your email address as follows: ‘ihatespam+bigsports@outlook.com’.

This means that Outlook.com will still deliver emails sent to these addresses to your mailbox even though you haven’t registered them as an alias. This is because Outlook ignores the part behind the + symbol and only uses the first part to determine to which mailbox it should be delivered, which in this case is the ‘ihatespam’ account

The full email address will also remain visible to the user. This ensures that if you receive any unexpected emails, it is likely that you can find out who leaked the address by looking at the address it was sent to or the on the message header.


e.g You receive an email from ‘Brian’s Sports Emporium’, despite having never shopped there or provided them your email address. On the email header, your address appears as follows: ‘ihatespam+bigsports@outlook.com’. This tells you that ‘Big Sports’ have sold your email address to this third party, and therefore you can direct your DSR to them.

Smarten your response to spam

Since using this feature, I’ve been able to identify exactly where and why I’ve been receiving these spam emails from and have successfully requested that the original company delete that information. I’ve been actually been shocked at the extent to which my email has been sold on, and would recommend this tip to all users. It has helped me better enact my individual rights and manage the personal data that I’ve provided to companies.

Read more about your inidvidual rights here: GDPR Individual Rights

About Us: Tacita are GDPR compliance experts. Tacita help clients achieve and maintain GDPR compliance. Get in touch to explore our range of GDPR services including the Tacita GDPR Audit, GDPR Consultant Service and the GDPR Toolkit.

Share this article: