IdeaWell

Project ideas from Hacker News discussions.

Apple is about to make Hide My Email useless

Original Article

Hacker News Discussion

📝 Discussion Summary (Click to expand)

Four prevalent themes in the discussion

1. Privacy‑concern: the change makes Hide My Email (and Sign in with Apple) easy to block, threatening user privacy

  • “If your website will block me out because I used a privacy friendly email, I want nothing to do with your website.” – giancarlostoro
  • “Now Hide My Email allowed you to create an account with an email that wasn’t tied to your identity… By separating the domains, sites can simply add private.icloud.com to their trash‑mail blocklist, preventing the use of Hide My Email, while regular @iCloud.com addresses will continue to work. It makes the entire service useless at once.” – 9dev
  • “It’s a win for privacy‑intruders, not users.” – Razengan

2. Easier blocking for services / anti‑fraud motivation

  • “Now, they will be blah@private.icloud.com, so it will be easy to ban the generated/private email that reduces the ability to associate logins across services.” – w10‑1
  • “The point of the article is previously banning Apple's temp domain would create many false positives (all the normal Apple registered emails that chose @icloud.com during setup).” – BoorishBears
  • “Many sites check the domain part of your email address against a blocklist, which contains entries like trashmail.com to prevent users from signing up with ad‑hoc throwaway accounts.” – 9dev

3. Alternatives and work‑arounds (custom domains, Fastmail, SimpleLogin, etc.)

  • “If you don’t mind trusting another company with forwarding your emails, it’s definitely less hassle to set up an equivalent service for yourself.” – c7b
  • “I have run this for years with very little problems… I have not found anyone writing to addresses I did not give them at their domain.” – jonotime (on using a personal domain)
  • “Fastmail also has wonderful random email functionality you can link up to your Bitwarden client…” – righthand
  • “I use Proton aliases everywhere…” – teekert

4. Debate over whether blocking privacy‑focused emails is justified (fraud prevention vs. anti‑user stance)

  • “If you insist on giving me a fake email, your business is probably a liability I don't want anyway.” – hamdingers
  • “If you can trivially create hundreds of these emails, and fill in the rest of the required info with bought/stolen/generated PII, now I have a vector for mass fraud.” – hamdingers
  • “I’m not so rude as to call you 'laughably naive' but I am speaking from experience and you appear to be considering a hypothetical.” – hamdingers
  • “If your website needs an email address at all.. otherwise just use null@null.null, if it accepts and doesn’t require a authentication code.” – HelloUsername (illustrating the extreme view that email shouldn’t be required at all)

🚀 Project Ideas

AliasShield#Summary

  • Solves the blocking of Apple’s private.icloud.com aliases by providing rotating, domain‑agnostic email aliases that can’t be blanket‑banned.
  • Integrates with browsers, password managers, and email clients for one‑click alias creation and auto‑forwarding.
  • Maintains user privacy while still allowing services to send shipping notices, invoices, and other essential communications.

Details

Key Value
Target Audience Privacy‑focused individuals, SaaS users, developers who rely on email aliases for account isolation
Core Feature Automatic generation of random sub‑domains on user‑controlled domains, with built‑in rotation to evade domain‑level blocks
Tech Stack Backend: Node.js + PostgreSQL; Frontend: React; Email handling: NodeMailer + SendGrid API; Infrastructure: Cloudflare Workers
Difficulty Medium
Monetization Revenue-ready: Subscription (Starter $5/mo, Pro $12/mo, Enterprise custom)

Notes

  • HN commenters would love it because it sidesteps the upcoming ban on private.icloud.com while preserving the ability to receive critical emails.
  • Potential for discussion: how to balance alias rotation with email deliverability and SPF/DKIM setup.
  • Could be marketed as a “privacy‑first” alternative to Apple’s service, appealing to users who want control over their domain and no vendor lock‑in.

RelayBridge

Summary

  • Provides a transparent proxy that translates private relay addresses (@private.icloud.com) into user‑chosen custom domains on the fly, letting services block only the generic domain without breaking communication.
  • Enables existing services to continue receiving emails from Hide‑My‑Email without needing to whitelist Apple’s subdomain.
  • Offers an API for apps to request a “bridge” alias for any given recipient, preserving end‑to‑end privacy.

Details| Key | Value |

|-----|-------| | Target Audience | App developers, SaaS platforms, online services that need to accept Hide‑My‑Email but want to avoid blocking it | | Core Feature | Real‑time mapping of @private.icloud.com addresses to disposable sub‑domains on a shared forwarding domain, with optional rate‑limiting and analytics | | Tech Stack | Backend: Go microservices; DB: Redis; Email ingestion: SMTP server; API: GraphQL; Hosting: AWS Lambda | | Difficulty | High | | Monetization | Revenue-ready: Pay‑as‑you‑go (first 10k mappings free, then $0.001 per mapping) |

Notes

  • Directly addresses HN concerns that blocking private.icloud.com would also block legitimate Sign‑In‑with‑Apple flows.
  • Could become a “plug‑and‑play” SDK for developers, lowering friction and encouraging adoption.
  • Sparks discussion on the trade‑off between privacy and service reliability.

AliasHub Marketplace

Summary- A marketplace where users can rent or own short, privacy‑centric sub‑domains (e.g., xyz.io, alias.ai) to use as personal email aliases, complete with auto‑forwarding and blacklist‑evasion tools.

  • Provides a UI to generate unlimited aliases, tag them, and deactivate them with a single click, all while keeping the underlying domain under user control.
  • Offers premium domains that are less likely to be blocked by popular services.

Details

Key Value
Target Audience Power users, marketers, and privacy advocates who want long‑term control over their alias ecosystem
Core Feature Domain‑level catch‑all with per‑alias routing, SPF/DKIM provisioning, and one‑click domain provisioning through partner registrars
Tech Stack Backend: Django + Celery; DB: MySQL; Email routing: Postfix; UI: Vue.js; Partnerships: Namecheap, Cloudflare
Difficulty Medium
Monetization Revenue-ready: Marketplace fees (5% per domain rental) + Tiered subscription for premium domains ($8/mo)

Notes

  • Aligns with HN conversations about owning your own domain for aliases while avoiding blocks on private.icloud.com.
  • Generates lively discussion on the balance between domain ownership, privacy, and deliverability.
  • Could be positioned as a “privacy‑first domain registrar” for email aliases.

AliasRecovery Assistant

Summary

  • A desktop and browser extension that automatically catalogues every email alias a user creates, indexes them for quick search, and restores lost aliases after a domain change or service discontinuation.
  • Syncs across devices, allowing users to retrieve the exact alias used for any past signup, preventing account fragmentation.
  • Includes a “re‑associate” wizard that rewrites saved credentials to a new alias when a domain expires.

Details

Key Value
Target Audience Users of Apple Hide‑My‑Email, SimpleLogin, and any service that relies on disposable email addresses
Core Feature Persistent alias vault with browser integration, searchable tags, and automatic migration when aliases become invalid
Tech Stack Frontend: Electron + React; Backend: SQLite (local); Sync: Web Crypto API; Browser extension APIs (Chrome/Firefox)
Difficulty Low
Monetization Hobby

Notes

  • Directly solves the pain point raised by many HN commenters about losing track of which private alias was used for a particular service.
  • Would be enthusiastically discussed for its utility in account recovery and reducing support headaches.
  • Offers a clear path for integration with existing alias providers (Apple, SimpleLogin, Fastmail).

Read Later