I have used the + feature in gmail for a while now. I finally received spam from one of these emails. I bought something on mace.com 4 years ago and today I received an email from NewYorkLife.com acarapezza@ft.newyorklife.com via mailchimp to the same address.<p>I reported as spam to mailchimp. I told gmail it was spam. I also emailed mace's support address asking them to remove me from the list emails they are selling. Searching google I see lots of suggestions to use the + feature but never what to do after catching someone using it.<p>Is there anything else I can do about it?
I do the same thing, but instead of plus addressing I give each vendor a unique email at my domain. I now receive spam on my mint, geico, tumblr, lendingclub, disney, adobe, and dropbox addresses. In my case it's always outright spam instead of something remotely legitimate.<p>Your situation seems different than mine. I think my addresses were taken during a security breach instead of being sold by the company.<p>In my case I just change my address with the company to dropbox2@, and block the original address.<p>I also have a friends-and-family email address that isn't published anywhere online that finally started receiving spams. I think it was taken from a neighbor's address book in hotmail when he got phished.<p>I think a possible long-term solution would be for everyone to have a unique address for everyone else. The email software would auto-negotiate a unique address after your first communication with the person, creating a pairing similar to a friendship on a social network. I'm getting off-topic, but here's a link explaining what I mean a bit more: <a href="http://stevenjewel.com/2014/02/clearskies-chat/" rel="nofollow">http://stevenjewel.com/2014/02/clearskies-chat/</a> (It's about decentralized IM instead of email, but the same antispam technique would work for either.)
I use a random email alias on a domain I own for each company I deal with. Generate one, throw in a database. For example: HN could be 8o0yxfkzleeftylr3dmb@example.com.<p>When I get incoming spam I can look up who the address is assigned to, cut off the alias and then take further action such as notifying the company, giving them a new email, or cutting ties with them.<p>I don't bother with retribution (would take too much time) -- if the company is unwilling to acknowledge the incident or it happens multiple times I cut the cord and move on.
You could basically file suit, not sure it would be worth the time and effort though.<p>Hell, even a $500 small claims court suit might make for a good option.
Follow up:
After some back and forth with support they are forwarding it to the "webmaster". They do not sell emails so no small claims. I will be following up with them.<p>Thanks!
I doubt it'll be worth your time trying to get something out of it. My experience is that they'll say sorry, and keep on doing it anyway.<p>Depending on how often they sell the info, you can just change your address with them, and permanently scuttle the original address (saves you from having to look at spam, etc).