SimpleLogin

Lede: SimpleLogin is the de-facto email-alias forwarder for the privacy-conscious crypto user. You sign up once, generate a fresh `<random>@<your-domain>.com` alias for every site that asks for your email, and SimpleLogin transparently forwards inbound mail to your real inbox while letting you reply through the alias. The result: every service you touch sees a different, throwaway address, and the day one of them leaks or sells the list you burn that one alias without breaking anything else. Owned by Proton since April 2022 — same engineering team that runs Proton Mail and Proton VPN, so the operational track record is borrowed from a well-funded entity that has survived warrants, court orders, and a decade of adversarial attention.

Background: Founded in 2020 by Son Nguyen out of France as a 1-person open-source project. Hit ~100k users within 18 months on a freemium model, got the Proton acquisition in 2022, and integrated with the Proton ecosystem (same login, same passwords, same SimpleLogin-on-custom-domains workflow). The full server stack remains open-source (AGPL-3.0) on GitHub, so an adversary auditing the code, or anyone wanting to self-host on a VPS, can do so without surprise. The hosted product is what 99% of users want, but the option to leave is real and on-prem deployments do exist in the wild.

What you trust: SimpleLogin sees the inbound-to-alias mapping in plaintext (it has to, to forward the mail), but the *content* of every message can be transparently PGP-encrypted before forwarding if you upload a public key to your account. So the threat model splits cleanly: SimpleLogin always knows who emailed which alias and when; it does *not* know what was said if you've turned on PGP. Proton's no-logs and Swiss-jurisdiction posture inherits to SimpleLogin since the acquisition; the operational keys live in the same EU-based infrastructure. You don't have to trust them with your reply content if you don't want to.

Operational specs: Free tier ships with 10 aliases on a `@simplelogin.io` / `@aleeas.com` / `@slmail.me` style domain, unlimited forwards, a browser extension, and iOS / Android apps. Paid tier is $30/year (or one-time lifetime ~$240 on regular sale) for unlimited aliases, custom-domain support (use your own `*@yourdomain.com`), catch-all on that domain, reverse-alias replies, encrypted mailbox, multiple mailboxes per account, and PGP-encrypt-before-forward. Payment in BTC accepted directly. Self-host build is `Dockerfile` + `docker-compose.yml` on GitHub; you bring your own MTA and DNS, takes ~30 minutes for someone comfortable with mail-server admin.

Philosophy: SimpleLogin treats every alias as disposable infrastructure rather than as a long-term identity. The design assumption is that any address you give out *will* eventually leak to a marketing list, a data broker, or worse, and that the cheapest defense is making each give-away cheap to burn. This pairs naturally with a no-KYC ethos: services that demand an email but won't be your bank don't need your real one, and you keep the option of pruning the relationship later by simply muting the alias. The same logic carries to recovery, breach-notification, and account-takeover incidents — losing one alias is cosmetic, losing your real address is permanent.

Grade rationale: Grade A reflects the rare combination of *deep* open-source operational transparency (code, infrastructure docs, security audit reports), *durable* operator (Proton's track record is the longest in privacy-mail), and *low* friction at the free tier. A single dimension where we held back: light KYC at signup (email + optional payment trail) keeps it from being fully anonymous, which is why this isn't an A+ pick over a self-hosted alternative. The free tier's 10-alias cap is also enough for hobbyists but tight for power users who'll outgrow it; the paid tier is reasonably priced and accepts BTC, so the upgrade path doesn't reintroduce KYC.

Useful when: You're signing up for crypto services, swap exchanges, VPN trials, P2P trading desks, and SaaS tools that demand an email. Power users put SimpleLogin between every public-facing service and their actual mailbox. It's also the right pick when you want a *real* email address (with deliverability and a working reply path) on every signup, rather than a burner that breaks after the first password reset. For pseudonymous identities you maintain over years, custom-domain catch-all (paid tier) lets you generate aliases on-the-fly that survive even if SimpleLogin disappears, since you control the domain.

Caveats: Forwarded mail can still leak metadata you didn't intend (`Received:` chain, IP of your final inbox if the upstream MTA logs it, timezone hints in `Date:` headers). PGP-encrypt-before-forward closes most of this. Free-tier aliases live in the `@simplelogin.io` namespace, which some sites flag as "disposable email" and block at signup — when that happens, you need either a custom domain (paid) or one of the rotating alias domains. Lastly: Proton is incorporated in Switzerland but is a single legal entity, and a sufficiently resourced state-level adversary requesting Swiss legal cooperation could pressure SimpleLogin for the alias-to-inbox mapping. That is the threat model in which self-hosting (or full PGP) becomes the right answer.