Skip to main content

Cleaning Up Old Emails and Accounts

Every month I receive ~5000 spam emails.

I am not very surprised, knowning that my email addresses appear in ~20 data breaches. Email providers filtered out most of them, but after filtering I still receive ~100 every month.

It is very annoying when I'm interrupted by an email notification, only to realize that it's from a spam email. Meanwhile I cannot just disable all notifications.

Three months ago, I started to try to improve the situation. First of all I explored options for email aliases. Then in the past 3 months, I have been manually reviewing all email messages in the inbox. That are in total ~70k messages.

Basically I'm creating a whitelist of senders, and I only enabled notifiation for allowed messages. This turned out to work quite well, I can clearly feel the improvement of life quality. Occassionally I may still need to manually review other messages, but that's OK.

Meanwhile, I took this opportunity to review all accounts that I have previouly registered, and tried to remove those no longer being used.

Stats by Domain

Obviously I cannot review all ~70k email messages one by one. So I just group them by the top level domain of the sender, which are ~2k in total.

For ~650 domains, the emails are just legit email communication. And ~900 domains just sent me spam emails. Most of the spam emails actually came from ~10 years ago, when spam filter didn't work well yet.

The rest consists of  ~500 domains that know my email address. For ~200 of them I have legit account that are still more-or-less being used, so I created aliases for each of them. For ~150 of them either I manually deleted my account, or the account just expired.

There are ~40 domains where I requested deletion of my account, but did not receive any reply or confirmation.

Finally, ~100 domains no longer exist, e.g. the company got bankruppted. So there is nothing I can do.


Deleting Accounts

As mentioned above, out of ~500 accounts, ~300 are no longer needed, and I want to removed the account and all my data.

Only a few website would offer a "delete account" button in the account/profile/settings page. 

Many websites explicitly says something like "please visit this URL if you want to excersise your right according to GDPR". I guess they may not offer this option at all if GDPR didn't exist. In this case, very often it is handled by a third-party form, I guess just for triaging. Most of them are easy, I just need to verify my email address and submit a request, a few days later I would receive a confirmation that my data has been successfully deleted.

But I also observed a funny one, where I don't need to verify that I own the email address. This means anyone who knows my username and email address can request to delete my data!

On the other hand, It is still very difficult to delete my data on some websites. To name a few:
  • Some requires me to make a phone call.
  • Some requires me to do one or more live chat sessions, which typically verifies lots of security information.
  • Some requires me to give more information (e.g. phone number) before I can delete my data.
  • Some says in the policy that users cannot modify their email addresses.
  • Some says in the policy that users cannot delete their data. Typical for (old) BBS/forum systems.

Password Policies

For the accounts that I still want to keep, I took this opportunity to use a strong password, if the previous one seems too weak.

Apparently, not all websites accept my strong passwords. Typical requirements are:
  • The password must be shorter than X (typically 16) characters.
  • The password must not contain special symbols.
The worse scenario is, these requirements are not checked during password reset, but checked during login. Very often I have to reset the password because of this.

I think these requirements are stupid.


Internet Before 2014

Browsing through old emails, I just got reminded of how the Internet looked like 10+ years ago:

  • Email was my primary communication channel with friends. Smartphones didn't exist or was not popular.
  • Some security measures are jokes with today's standard. HTTP links, plaintext passwords etc. Some websites even offer to retrieve (instead of reset) your plain text password.
  • Font sizes in embedded web pages seem very small. I think it might be related to the changes of CSS units due to high DPI screens.
  • Spam emails were not filtered well. Maybe the email protocal had serious flaws. For example, I received spam emails that appear to be sent by myself and to myself. I guess this can nolonger be achieved today.
  • The content of spam emails have been following an ever-changing trend.


Final Words

It's been a large project, and an interesting journey. I'm grateful that most emails are kept. In fact my earliest email address started around ~2000, but the email provider cleared the inbox for some reason.

It is interesting to review how the Internet looked like 10+ years ago, and it is important to get myself reminded that the Internet is very different today.

It is especially important to take measures to protect my private data. Otherwise, I may create another 500 accounts without even knowing it!

Comments

Popular posts from this blog

[转] UTF-8 and Unicode FAQ for Unix/Linux

这几天,这个东西把我搞得很头疼 而且这篇文章好像太大了,blogger自己的发布系统不能发 只好用mail了 //原文 http://www.cl.cam.ac.uk/~mgk25/unicode.html UTF-8 and Unicode FAQ for Unix/Linux by Markus Kuhn This text is a very comprehensive one-stop information resource on how you can use Unicode/UTF-8 on POSIX systems (Linux, Unix). You will find here both introductory information for every user, as well as detailed references for the experienced developer. Unicode has started to replace ASCII, ISO 8859 and EUC at all levels. It enables users to handle not only practically any script and language used on this planet, it also supports a comprehensive set of mathematical and technical symbols to simplify scientific information exchange. With the UTF-8 encoding, Unicode can be used in a convenient and backwards compatible way in environments that were designed entirely around ASCII, like Unix. UTF-8 is the way in which Unicode is used under Unix, Linux, and similar systems. It is now time to make sure that you are well familiar ...

Determine Perspective Lines With Off-page Vanishing Point

In perspective drawing, a vanishing point represents a group of parallel lines, in other words, a direction. For any point on the paper, if we want a line towards the same direction (in the 3d space), we simply draw a line through it and the vanishing point. But sometimes the vanishing point is too far away, such that it is outside the paper/canvas. In this example, we have a point P and two perspective lines L1 and L2. The vanishing point VP is naturally the intersection of L1 and L2. The task is to draw a line through P and VP, without having VP on the paper. I am aware of a few traditional solutions: 1. Use extra pieces of paper such that we can extend L1 and L2 until we see VP. 2. Draw everything in a smaller scale, such that we can see both P and VP on the paper. Draw the line and scale everything back. 3. Draw a perspective grid using the Brewer Method. #1 and #2 might be quite practical. #3 may not guarantee a solution, unless we can measure distances/p...

Moving Items Along Bezier Curves with CSS Animation (Part 2: Time Warp)

This is a follow-up of my earlier article.  I realized that there is another way of achieving the same effect. This article has lots of nice examples and explanations, the basic idea is to make very simple @keyframe rules, usually just a linear movement, then use timing function to distort the time, such that the motion path becomes the desired curve. I'd like to call it the "time warp" hack. Demo See the Pen Interactive cubic Bezier curve + CSS animation by Lu Wang ( @coolwanglu ) on CodePen . How does it work? Recall that a cubic Bezier curve is defined by this formula : \[B(t) = (1-t)^3P_0+3(1-t)^2tP_1+3(1-t)t^2P_2+t^3P_3,\ 0 \le t \le 1.\] In the 2D case, \(B(t)\) has two coordinates, \(x(t)\) and \(y(t)\). Define \(x_i\) to the be x coordinate of \(P_i\), then we have: \[x(t) = (1-t)^3x_0+3(1-t)^2tx_1+3(1-t)t^2x_2+t^3x_3,\ 0 \le t \le 1.\] So, for our animated element, we want to make sure that the x coordiante (i.e. the "left" CSS property) is \(...