alias

Privacy & data retention

What we store, why, and for how long. This page is generated from the same configuration the running system enforces — it can't drift from reality.

What we never store

Anti-phishing, without reading your mail

We warn you when a forwarded message fails its sender domain's DMARC — the clearest sign it's a spoofed/phishing email. That check looks only at the authentication result (did the message legitimately come from the domain it claims?), which our own mail server derives from the sender's public SPF/DKIM/DMARC records. We do not, and technically need not, look at what the email says. It's on by default and you can turn it off account-wide or per alias.

What we keep, and for how long

DataWhyRetention
Delivery metadata (which alias, delivered/bounced) Your activity feed; bounce and rate limits 3 days, then deleted
Bounce records Auto-disable an alias forwarding to a dead mailbox 3 days, then deleted
Login sessions Keep you logged in 30 days, or until you log out
Inbox-mode stored messages (opt-in per alias) So you can read mail for aliases with no forwarding mailbox 30 days, or until you delete them
Aliases, mailboxes, contacts The service itself Until you delete them or your account