You need a valid phone number to create a gmail account, and you can only have a few accounts attached to the same number. Google is "trusted" because they actively try to prevent spammers from joining their platform. Disposable email platforms don't, they let you create as many as you like.
At least a third of spam registrations on a platform I run come from Gmail addresses, with another third from yandex and yahoo. They also all went away after we implemented a nearly trivial captcha in the registration flow.
Seems to me that 1) Gmail accounts aren't that hard to farm 2) most spam comes from free webmail providers not disposable email and 3) a captcha will solve most of your problems and if it doesn't, it means your site is being specifically targeted by someone with cash to burn, so you can assume that they'll have emails that aren't on the blacklist. At that point, invest in detection and moderation.
>You need a valid phone number to create a gmail account
This is 100% not true. Yes, the main site will require it, but there are legacy "portals" that allow signup without a phone number. No, I won't link to said portal.
Ok my bad gmail was not a good example. Lets go with outlook account then. Just tried and it definitely doesn't need phone number. And I wouldn't consider outlook disposable platform.
The difference with Apple's hide my address feature, is that it will only give you one per site. So even though it's an address generated specifically for that website, it's still your "primary" email for that domain.
If you signup for Netflix using the feature, you can't cancel your account and then signup with a new Apple email, it will only allow you to login with your original one.
This negates the primary reason for blacklists like in OP, in that users generate multiple disposable addresses, within the one domain, for their single identity, usually to circumvent account limits, user blocks etc.
This whole thread is going on about spam but most have misunderstood what "spam" the blocklist is trying to tackle. It's there to tackle people signing up with a disposable address, spamming or abusing the platform, getting blocked and then creating a new account to do the same thing again.
> If you signup for Netflix using the feature, you can't cancel your account and then signup with a new Apple email, it will only allow you to login with your original one.
You absolutely can. You can generate as many as you want, whenever you want
Ah, on further reading it looks like there are a couple parts to it.
I have only used the "Sign in with Apple" feature directly in apps, which only ever lets you create one for that app.
However, apparently with an iCloud+ subscription, you can generate arbitrary email addresses from within iCloud itself, and then use those wherever you like.
What PII are you putting on a forum? All I can think of is email and password. Your password should be unique to the forum, and I would hardly say that an email address is PII. If you're super worried about email, just use an alias.
Yes and no; info@example.com used at one site is not going to personally identify you, but most personal and work email addresses are some variant of name or initials. Unless you expect the forum owners to individually mark each member's email address as personally identifiable or not, they ought to treat them as if they were all PII because most of them will be.
(the upshot of your suggestion that your email address sometimes doesn't identify you and so isn't PII would be what, forum owners can leak your email address tied to your forum posts so long as they don't know whose address it is? That doesn't sound particularly desirable.)
Are you including the increasing value of the BTC in that calculation? I imagine if all goes well, it would be worth a lot more than what it is today in 19 years. It might be impossible to ever withdraw the whole thing at that rate.
