Free Gmail Alias ToolGmail Dot Variations Generator
Open generator

Tutorial

How to track signups and detect email leaks with Gmail aliases.

Every time you hand your email address to a new service, you lose a little control over who can contact you. Gmail plus aliases let you hand out a unique address to every site you register with. When spam shows up at one of those aliases, you know exactly who is responsible.

The concept: one alias per service

The strategy is straightforward. Instead of giving your plain address to every website, you append a + tag that identifies the service. If your address is janedoe@gmail.com, you would register with:

  • janedoe+spotify@gmail.com for Spotify
  • janedoe+linkedin@gmail.com for LinkedIn
  • janedoe+reddit@gmail.com for Reddit
  • janedoe+bankofamerica@gmail.com for your bank

All of these deliver to the same inbox. Gmail ignores the +tag for routing purposes, but the tag is preserved in the message headers. That preservation is what makes tracking possible.

How to identify which service leaked your email

Imagine you start receiving cryptocurrency scam emails at janedoe+linkedin@gmail.com. You never gave that address to anyone except LinkedIn. The conclusion is clear: LinkedIn either sold your data to a third party, suffered a data breach, or a scraping tool harvested your address from their platform.

Without the alias, this spam would arrive at your plain address and you would have no idea which of the dozens of services you use was responsible. The alias makes the leak traceable.

This technique is especially valuable because data breaches are common. When a breach notification email arrives, you can cross-reference the compromised alias with your log to confirm which account was affected and change your password immediately.

Setting up a tracking system

1. Pick a naming convention

Consistency matters. Choose a pattern and stick with it so you can recognize your own aliases at a glance. Common formats:

  • +servicename janedoe+netflix@gmail.com
  • +category.service janedoe+shopping.amazon@gmail.com
  • +YYYY.service janedoe+2025.dropbox@gmail.com (includes the year you signed up)

The year-prefixed format is useful if you later need to remember how long you have been a customer of a particular service.

2. Generate your aliases

Use the Gmail Dot Variations Generator to create plus aliases on the spot. Enter your address, switch to the plus alias tab, and type a custom tag for each service. Copy or export the alias directly.

If a service rejects the + character in its email field, fall back to a dot variation. Dot aliases are harder to trace per-service but still provide some separation.

3. Maintain a tracking log

Keep a simple spreadsheet or password manager note with two columns:

  • Alias — the exact address you gave the service
  • Service — the website or app it was given to

The generator’s CSV export gives you a head start. Download your alias batch and add the service names in the second column.

Over time this log becomes a personal audit trail of every place your email exists on the internet.

Examples with common services

Here is a practical alias set for everyday services, based on the address alexsmith@gmail.com:

  • alexsmith+github@gmail.com — developer tools
  • alexsmith+notion@gmail.com — productivity apps
  • alexsmith+doordash@gmail.com — food delivery
  • alexsmith+hulu@gmail.com — streaming services
  • alexsmith+airbnb@gmail.com — travel bookings

Each alias takes seconds to create and provides a permanent record of where your email was shared.

What to do when you detect a leak

If unexpected mail arrives at one of your tracking aliases, you have several options:

  1. Report the message as spam in Gmail. This trains Google’s spam filter and helps protect other users.
  2. Create a filter to auto-delete future messages from the unwanted sender at that alias. Go to Gmail Settings > Filters and set the To field to the compromised alias combined with a From condition for the spam sender.
  3. Change your account email on the offending service. Generate a fresh alias (e.g., switch from +linkedin to +linkedin2) and update your account settings.
  4. Check breach databases to see if the service has had a known data breach. Your alias log makes it easy to correlate notifications.

Combining tracking with filters

Alias tracking and filtering work well together. You can set up a filter for each tracking alias that applies a label matching the service name. This way you not only detect leaks but also keep every service’s emails neatly organized. Read the full walkthrough in our Gmail aliases for filters guide.

Limitations to keep in mind

  • Some websites strip the +tag from your address at registration. In those cases the tracking benefit is lost because emails arrive at your plain address.
  • A sophisticated spammer could remove the +tag from a harvested list before sending. This is uncommon but possible.
  • Plus aliases do not hide your real username. Anyone who sees janedoe+service@gmail.com can infer that janedoe@gmail.com is the underlying account. For full anonymity, a dedicated forwarding address or email relay service is needed.

Despite these limits, plus-alias tracking remains one of the easiest and most cost-free ways to monitor where your email address ends up.

Start tracking today

Open the generator, create a set of service-specific aliases, and begin using them for new signups. Within weeks you will have a clear picture of which companies respect your data and which do not.