What is plus addressing and what are its limitations?
Plus addressing is about using unique, receive-only email addresses that are kind of extensions to your basic email address. It helps you keep your inbox tidy and protect it against influx of unwanted messages.
An example? Let’s assume your basic address is [email protected]. Plus addressing lets you add the plus sign (+) right after the local part (MeganB) and follow it with a tag (string) of your choice. Of course, tags are subject to all the SMTP restrictions (e.g. no spaces allowed). So, for example, to create a unique address to which you would like to receive all offers from your telecom vendor, you could end up with something like this: [email protected].
When using plus addressing, there are a few limitations and reservations to remember about:
- Any plus address isn’t an alias in Exchange Online. That’s why it can be used only to receive messages and not send them.
- Also, this type of address does not resolve to a user’s name in Outlook clients, so it is easily identifiable in the To and CC fields of an email.
- If you work in a hybrid environment, plus addressing won’t work for these on-premises mailboxes that do not resolve in Exchange Online.
- Some online forms don’t allow the use of a plus sign in the email field. In those cases, you won’t be able to subscribe with a plus address.
Disabling & enabling the feature
Since late April 2022, plus addressing is enabled by default in Exchange Online for every tenant. However, many organizations have used pluses in their email addresses before the feature’s activation. If your company has done that too, turning on plus addressing might have caused problems with those ‘legacy’ plus addresses. In such a case, disabling the feature will help.
To disable plus addressing in your organization via EAC, log in at admin.exchange.microsoft.com. Go to Settings (left-hand navigation menu) > Mail flow. Next, select the Turn off plus addressing for your organization checkbox and, finally, click Save.
To disable plus addressing in your organization with a script, you need to connect to Exchange Online PowerShell (learn more) and execute the following command:
Set-OrganizationConfig -DisablePlusAddressInRecipients $true
Just like with many Exchange Online settings, you will most likely have to wait several hours for the change to propagate.
Remember that you can always re-enable the feature by deselecting the checkbox in EAC or using the same PowerShell command but with the $false operator instead of $true.
Email plus addressing basic use case
As I’ve said before, plus addressing is designed to help you avoid mess in your Inbox folder. There are three major steps to enjoy benefits the feature offers:
- Provide your plus address to a third party from which you don’t want to receive emails into your main inbox. I am sure not all emails you receive into your inbox are of the same importance. Newsletters, product offers, advertisements, bank transaction receipts, etc. – these messages may unnecessarily make your inbox untidy. When you complete an online form which requires you to enter an email address to receive such a correspondence, provide your plus address (e.g. [email protected] for bank transaction receipts) instead of your primary address ([email protected]) and proceed to the next step.
- Create a new folder where the emails are to be put in Outlook on the web (or any Outlook client). Right-click Folders and choose Create new folder (A), or simply click New folder (B). Name it as you wish. In the case of bank transaction receipts, it can be Bank receipts.
- Create a rule to redirect messages sent to the plus address to the newly created folder. Make sure to create the rule in Outlook on the web (OWA) and not a local Outlook client (desktop or mobile). This way the rule will be active regardless of the Outlook client you use.
Creating an inbox rule in Outlook on the web
To create the rule, proceed as follows:
- Click the settings icon in the top-right corner and choose View all Outlook settings.
- In the newly opened window, go to Rules > Add new rule.
- Now, name your rule as you wish.
- In the second step, choose To (under People) and enter your plus address (e.g. [email protected]) in the text field.
- In the third step, specify an action. Choose Move to (under Organize) and select the folder you created in step 2 above.
- Finally, you can configure the additional options, e.g. select Run rule now to run and apply the rule to all applicable emails already received into your inbox.
That’s it. Now, all the emails with a transaction receipt, sent to the plus address you’ve provided in your banking system, will go to the Bank receipts folder and you will enjoy a slightly less cluttered inbox. Of course, you can create as many plus addresses as you want and redirect messages from specific third parties to specific folders of your mailbox in Exchange Online (Junk mail included).
More specific use cases
While this is the most basic use case for the Plus Addressing feature, there are also other, pretty attractive ways to make use of this feature.
Tracking email campaign response
When you launch several email campaigns, using plus addressing allows you to track them more easily. For example, you can create separate plus addresses ([email protected], [email protected] and so on) along with folders (Campaign 1, Campaign 2 and so on) for each campaign. This way, users’ responses to specific campaigns will go to specific folders thus allowing you to see which campaigns perform the best.
Support case tracking
If your company offers customer support and uses specific IDs to track cases, it might be a good idea to use plus addressing to track email conversations with given clients. You could, for example, additionally automate the process of creating plus addresses, mailbox folders, and Outlook rules so that these follow specific case IDs. This way, the correspondence with a particular customer would be stored separately in one place (folder) to avoid mistakes and mess in the support team’s inbox. Of course, this will only work for a relatively small number of support cases.
Identify data leaks / email address selling practices
This is by far the most interesting use case. I am sure you’ve experienced the situation in which you provide your email address to a third party and, after some time, you start receiving marketing emails from another company you don’t remember sharing your email with. But that’s not the worst scenario. Sometimes, your inbox might get attacked by an influx of unwanted spam messages or real phishing attempts. Now, with plus addressing, you can precisely get to know which third party was hacked or sold your email address to another company.
For example, since you’ve provided your plus address like [email protected] to vendor #1, when it will be hacked or will sell your email address to someone else, the hacker or the buying party will only know about your plus address ([email protected]) and not your main address ([email protected]). Consequently, when the hacker/buyer uses the address to send spam/phishing, their messages will always reach the same Outlook folder as messages from vendor #1 (not your main inbox).
Read more
Recommended articles
Post: “Umm for the hacking part, wouldn’t they know to just remove the +vendor1 part of the email address to get the real email address?”
Answer:
Yes.
The way to mitigate this risk is to add the +tag to a secondary alias that has login to account disabled. You may still get spammed, but you won’t get hacked.
Hi,
Thanks for your input. I’ll update the article with info on using aliases with plus addresses. Regarding disabling logging in with aliases, this seems to work only in case of outlook.com. There’s no such option in Microsoft 365 (nor Gmail).
so when you use the +address and you would want to reply (send on behalf of) using the same +address, how would you accomplish this?
A plus address isn’t a true alias (an alternative email address) in Exchange Online. That’s why, you can’t use it to send emails. Also, there’s no way to assign send as or send on behalf rights.
Essentially, a plus address isn’t stored anywhere in Exchange Online. You can create it ad hoc and can provide it in online forms (for those forms that allow + addresses). Whenever someone sends you an email to a plus address, Exchange Online directs the communication to your inbox.
Since plus addresses are receive-only, you might need to use aliases instead. It will require you to add those aliases and make sure that your organization allows sending from them.
RE: useless “feature” dreamed up in the Redmond Bubble.
Gmail has had the plus addressing feature for over 15 years, hardly something “dreamed up” by MS…
“pluses are not a part of plus addressing, but are integral part of an email address.”
Wrong. As stated in the write-up:
“Any plus address isn’t an alias in Exchange Online. That’s why it can be used only to receive messages and not send them.”
Any spa list can be easily scrubbed to convert Bill+acme@ to Bill@ so this is just another silly and useless “feature” dreamed up in the Redmond Bubble.
Umm for the hacking part, wouldn’t they know to just remove the +vendor1 part of the email address to get the real email address?
Good point. That would be true, if not for a couple of details:
1. For some systems, pluses are not a part of plus addressing, but are integral part of an email address. Deleting the plus part renders an address useless.
2. Most of those who dabble in phishing or spamming, rely on mass mailing. In such situations, they won’t even rifle through addresses they have in their lists, because it would take too long. And automating this poses a risk mentioned in point 1.
3. The only real risk is reserved for high-level personalized attacks. But in case of those, I don’t know of any simple solutions, which would work every single time.