How to use Twimailer securely

TwimailerTwimailer is a nifty service that launched recently that makes Twitter BACN (“email that you want, just not right now“) more useful and informative (example).

The only problem is that it requires you to change your Twitter account email to point to an address provided by Twimailer — on the whole, not a big deal if you trust Twimailer, but in general bad practice. (Rod Begbie also pointed out that this prevents people from being able to find you by your email address).

Fortunately there is a better and more secure way to take advantage of Twimailer.

I’ll demonstrate in Gmail but really I’m just auto-forwarding new follower notifications from Twitter to your Twimailer address. That’s it.

  1. First, go ahead and sign up for a new Twimailer account. To get started, they just need an email address to send your notifications to. Twimailer will assign you a unique email address like twitter1234567@twimailer.com. Set this aside (copy it to TextEdit or something).
  2. Next, load up your Gmail inbox and search for “is now following you on Twitter!”. Open up one of the notifications from Twitter (the From email should be something like twitter-follow-your.address=gmail.com@postmaster.twitter.com). In the right hand drop-down menu, pick “Filter messages like this“:
    Filter messages like this
  3. You should then see an interface like this (click to enlarge):
    Create a filter
    Go ahead and test this search to make sure it’s working (presuming you haven’t deleted all your notifications).
  4. If everything looks good, go ahead and click Next Step and at check off “Forward it to” and enter your Twimailer email address that you set aside in Step 1.

    If you don’t want duplicate notifications from Twitter and Twimailer, you should also check off “Skip the Inbox” or “Delete it” (the message will still be forwarded).

    My setup looks like this (click to enlarge):

    Twimailer Filter

  5. Bonus: to filter or create a label for Twimailer notices, use this search: from:(notices@twimailer.com) OR to:(notices@twimailer.com).

That’s it!

It seems to me that this kind of feature improvement is something that Twitter should really do itself, but of course it’s great to see someone from the community pitch in and add incremental value until Twitter gets around to it.

At the same time, putting Twimailer in between you and Twitter’s password recovery mechanism seems unnecessarily dangerous (i.e. Twimailer could go down, get hacked, sold or might be simply be implemented insecurely (consider Spotify’s recent security breach)). I actually have no insight into these things about Twimailer, but I’d rather not take any unnecessary chances.

The approach that I described above should mitigate any risk with using Twimailer and keep you in direct control over your Twitter account.

Advertisements

Author: Chris Messina

Product guy, friend to startups, inventor of the hashtag, proponent of bots and conversational apps; Xoogler and X Uber.

21 thoughts on “How to use Twimailer securely”

  1. Fantastic tip. Setting my email to twimailer left a horrible taste in my mouth that I’m glad to have removed. Thanks!

  2. on my side i am playing with http://topify.com and the service looks much better since it allows me to follow back users by just replying to my email notification.

  3. nice how-to. i changed it after you mentioned about the password reminder. i forgot all about that and didn’t like them in between that.

  4. The same method is feasible with Maildrop’s Mailfilter rules :

    if (/^from:.*twitter-follow-myname=domain.tld@postmaster.twitter.com/)
    {
    to “!twitterdjaopsngr3@twimailer.com”
    }

  5. Thanks for this great workaround. Unfortunately, Twimailer seems to be down for the count, at least for me, as of March 8, early morning through now (mid-afternoon EST).

    Not receiving any emails from Twimailer, but I’ve had about a dozen new followers since I started forwarding emails.

    I’ve double-checked all settings; everything looks good.

    Is it working for anyone right now?

    I’m definitely not skipping the Inbox with emails from Twitter, at least for now.

  6. I just found out about the service, looks good but changing my twitter email sure gave me pause – I’m glad I’m not the only one.

    Their last tweet indicates that they’re back up, I’ll be watching.

    Chris, thanks for posting this, very useful!

  7. I’m concerned about Twimailer overall. Their Twitter page doesn’t exist and when I click on ‘support’ I get a line of absolute nonsense for the e-mail address.

    I set up things as you advise. Normally I get a few followers a day, which isn’t always a good thing, but since setting up Twimailer I’ve had one person follow me (it’s only been 2-3 days, but it’s stil unusual to have so few) and I wasn’t informed about them.

    Any thoughts? I’m starting to wonder if Twimailer is a bit of a scam.

  8. If you do it the way you say don’t you lose the benefits of signing up for Twimailer in the first place. Won’t it go back to regular notifications from Twitter which are basic and do not include the extra info provided by Twimailer?

  9. @David C: Nope. The idea is that you still receive the original Twitter notifications, but after you forward them to Twimailer, you filter or delete them as they come in. As you forward the notifications to Twimailer, it will respond with the enhanced version, since it doesn’t actually care where the Twitter notification originates from.

    You do end up with two sets of notifications (one from Twitter and one from Twimailer, but that’s why you delete or archive those coming in from Twitter).

  10. The problem I find with this is that gmail is asking me to verify the twimailer address and the verification code I get appears as invalid… what am I doing wrong? How can I get the twimailer address validated so that gmail will start forwarding to it?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s