Recently the maintainers of the GitHub ‘Temporary Mailbox’ project decided to add Firefox Relay to that list, causing many of the service’s many users of the service were outraged and protested.
“Temporary mailboxes” (or one-off mailboxes) are a type of mail service, such as the best known 10minutemail, which provides users with a randomly generated mailbox name that is valid for 10 minutes, during which time they can use the mailbox to register for some Internet accounts and receive verification codes.
The main reason why this temporary email address is used by many users is that all types of internet services now require users to register before they can use them. This raises a number of issues, firstly, users cannot find out in advance whether the service meets their needs before signing up; secondly, many users just know that they will only use the service once (e.g. to receive a verification code for café Wi-Fi using their mailbox); and of course, another reason is that they do not want to receive all kinds of marketing or spam emails after signing up.
For these reasons, many users use these temporary mailboxes to solve their problems without revealing their real email address.
For users, such temporary mailboxes allow them to register various accounts with confidence and boldness, but these temporary mailboxes are a headache for service providers on the Internet. If service providers allow users to use temporary mailboxes, on the one hand, it does affect their effectiveness in email marketing, and on the other hand, unscrupulous people can abuse the services of websites by registering a large number of temporary mailboxes.
For this reason, many ISPs verify that a user’s email address is one of these temporary email addresses when they sign up, and reject them if they are. disposable-email-domains is a community-maintained list of temporary mailboxes, which lists the mailbox formats used by various temporary mailbox services. ISPs can use this project directly, or use it as a reference to force users to register with a real email address.
Firefox Relay to be blacklisted
Firefox Relay is a service launched by Mozilla in November 2021 to help users protect their privacy and limit the amount of spam sent against their real email. Firefox Relay is similar to 10minutemail, but with a few differences.
Firefox Relay is also a randomly generated temporary mailbox, but it is a ‘relay’ email address that is associated with the user’s real mailbox and ‘forwards’ incoming emails to the user’s real inbox. The ISP will therefore only know the randomly generated email address, but not the real one.
As you can see, 10minutemail is a throw-away email address that generates a new email address every time, while Firefox Relay is associated with a real email address, so users can use this temporary email address externally for a long time and use Firefox Relay as their “main” email address.
The GitHub repository disposable-email-domains is planning to add relay.firefox.com to this list and has submitted a PR for it. as you can see from the difference in the number of votes in the image below, this has caused a lot of anger and discontent among users.
“The reason I added this is that emails with the mozmail domain will not be the primary email users use, it will always forward the email to another address” said Dustin Ingram, co-maintainer of the list and a member of Google’s open source security team. This fits the profile of a disposable email address.
User worldofgeese thinks, Firefox Relay The purpose of this service is to combat spam, and being added to the blacklisted, users may not be able to use it to continue protecting their mailboxes from leaks. Moreover, Firefox Relay can only be used to receive emails and reply to emails sent to this address, and users cannot use this relay address to initiate new emails, thus also avoiding the possibility of abuse by unscrupulous people.
While this incident has caused concern among users, it has also caused an “oops”. The reason for this is that the first PR submissions indicated that they planned to blacklist relay.firefox.com, but the domain name used for Firefox Relay was actually mozmail.com or relay.mozmail.com. The problem was only discovered by the project’s maintainers after users alerted them to it.