alt Hacker NewsHere's the suggestion:
>Use <service>@<yourdomain> as your email address when signing up, and check the To header when receiving emails.
The user of the webservice specifies a unique email per webservice; knowledge of that unique email address serves as a hint that the email came from someone that has discovered that email address, i.e. the webservice itself.
Right, so 99% of the time that’s a spammer that is going to use that discovered email. I updated my message to specify other illegitimate sources to cover that less than 1%