How to Stop Spam Emails for Good: The Complete 2026 Playbook

Why does so much spam suddenly flood your inbox?

Spam rarely arrives at a steady trickle. It tends to come in waves: a quiet inbox for months, then one week you are deleting twenty junk messages a day and wondering what changed. That pattern is not bad luck, and it is not random. Spam volume tracks specific events — a website you signed up for got breached, an address you handed over got sold, or a scraper finally indexed the email you posted somewhere public years ago. Once your address lands on one list, it propagates to dozens of others, because spammers trade and resell lists constantly. One leak becomes a hundred senders.

The reason this feels so hard to fix is that most people fight the symptom instead of the source. They delete each junk message as it lands, which clears the inbox for thirty seconds and teaches the spammer nothing. The address stays on the list, the next batch arrives tomorrow, and the cycle never ends. Stopping spam for good means doing two different jobs at once: shutting down the mail that is already coming, and cutting off the supply of new spam at the point where your address gets exposed. Skip either half and the problem regenerates.

There is also a hard limit worth naming up front. You cannot un-leak an address. Once your email is in a breach dump or on a sold list, it is out there permanently — no setting, filter, or unsubscribe link pulls it back. What you can do is make that exposure stop mattering: train your provider's filter so junk skips your inbox automatically, block the senders who refuse to quit, route real mailing lists off your plate with a clean unsubscribe, and use aliases so the next leak burns a disposable address instead of your real one. That is the whole strategy, and the rest of this guide is the execution.

This playbook is provider-agnostic in its principles and specific in its steps. The core moves — mark as spam to train the filter, block senders and domains, unsubscribe only from lists you joined, never engage with real spam, build filters, and adopt aliases — work in Gmail, Outlook, Apple Mail, Yahoo, and every other mailbox. Where the buttons differ, we call out Gmail and Outlook directly, because between them they cover most inboxes. We finish with how an AI inbox handles all of this automatically, so you are not the spam filter anymore.

One reframing to carry through everything below: spam is a sorting problem and a supply problem, not a willpower problem. The goal is never to be faster at deleting junk. The goal is to build a system — filter training, blocks, unsubscribes, aliases, reporting — that does the sorting without you, and to stop feeding the supply by guarding where your address goes next. Get the system right once and the daily deletion habit simply ends.

Why are you getting spam emails in the first place?

Before you can stop spam, it helps to know exactly how your address got onto a spammer's list, because each path has a different defense. There are really only a handful of ways your email ends up in the wrong hands, and almost every spam wave traces back to one of them. Understanding the source is what turns spam from a mysterious nuisance into a problem you can actually shut down.

The biggest source is data breaches. When a company you have an account with gets hacked, your email address — often alongside a password, name, and other details — ends up in a stolen database that gets traded and sold on criminal markets. You did nothing wrong; the breach happened on their end. But the result is the same: your address is now public to anyone who buys the dump. Breaches are why a single old account at a company you forgot about can generate spam years later. The 2026 credential exposures, where tens of millions of login records surfaced in unsecured databases, are exactly this kind of event at scale.

The second source is list selling and sharing. Some companies — and plenty of shadier operators — treat your email address as an asset to monetize. You hand it over to enter a giveaway, download a free guide, or check out as a guest, and somewhere in the fine print is permission to share it with partners. Those partners share it with their partners. One sign-up becomes a dozen senders you never heard of, all technically operating within the box you ticked. This is legal in many cases, which is why it is so common, and it is why a brand-new address can start collecting spam within weeks of its first real use.

The third source is scraping. Bots crawl the public web constantly, harvesting any email address they can find — on your personal site, a company team page, an old forum post, a public GitHub profile, a comment you left in 2019, a PDF resume you uploaded. If your address appears anywhere a bot can read it, assume it has been harvested. Scraping is why posting your address as plain text anywhere public is the fastest way to invite spam, and why obfuscating it (or using an alias) matters if you must publish it at all.

The smaller sources round out the picture: malware on a friend's device that copies their entire contact list (which includes you), dictionary attacks where spammers simply guess common addresses like firstname@gmail.com, and the rare case of a spammer typo'ing someone else's address as yours. You cannot control most of these, which is the point — the realistic goal is not zero exposure, it is making exposure harmless. The table below maps each source to the defense that actually addresses it.

Should you mark spam as spam or just delete it?

This is the single most important habit in the entire playbook, and most people get it backwards. When unwanted junk lands in your inbox, you have two obvious choices: hit Delete, or hit the Report spam / Junk button. They feel almost identical — both make the message disappear — but they do completely different things behind the scenes, and the difference compounds over months into either a clean inbox or a permanent battle.

Deleting a spam message removes that one email and teaches your provider nothing. The spam filter never learns that mail like this is unwanted, the sender's reputation is unaffected, and the next message from the same source sails right back into your inbox tomorrow. You have cleaned a symptom and left the disease. If your strategy is delete, delete, delete, you have effectively volunteered to be the spam filter yourself, manually, forever.

Marking as spam is different in kind. When you click Report spam in Gmail or Junk in Outlook, you are sending a signal that feeds the provider's machine-learning filter. The system studies what you flagged — the sender, the domain, the phrasing, the links, the sending patterns — and gets better at catching similar mail before it ever reaches you. Crucially, these signals are aggregated across millions of users, so every time you report a junk message, you are helping the filter protect not just your future inbox but everyone's. Mark enough mail from a given source and the provider may start routing it to spam globally.

The practical rule is simple: if a message is genuinely unwanted junk — something you never opted into, a deceptive promotion, a sender you do not recognize pushing a product — mark it as spam rather than deleting it. You lose nothing by doing so (the message still leaves your inbox), and you gain a smarter filter. Reserve plain Delete for legitimate mail you simply do not need to keep: a receipt you have already read, a real newsletter you are about to unsubscribe from properly, a notification that has served its purpose. The dividing line is opt-in. Did you ask for this? Delete it or unsubscribe. Did you never ask? Mark it as spam.

There is a failure mode to avoid here. Do not mark a legitimate sender as spam just to make one message go away — for a real company you do business with, that trains the filter to bury mail you might actually want later, and it can hurt that sender's reputation unfairly. For legitimate senders you are tired of, the correct tool is unsubscribe (covered below) or a filter, not the spam button. Save spam-marking for actual spam, and the filter stays accurate.

How do you block spam senders and entire domains?

Marking as spam trains the filter, but some senders are persistent enough that you want a hard, sender-specific rule on top of it. That is what blocking does. When you block an address, its future mail is routed straight to spam or junk without any judgment call — the filter does not get a vote, the message simply never reaches your inbox. Blocking is the right tool for a specific address that keeps coming back: a relentless marketer that ignores the unsubscribe link, a particular spammer, an ex, or any one sender whose mail you have decided is never worth seeing.

In Gmail, you block by opening any message from the sender, clicking the three-dot More menu at the top right of the message, and choosing Block. From that point, every future email from that exact address goes to your Spam folder, where it self-deletes after thirty days. In Outlook, you right-click the message (or open it and use the toolbar) and choose Block, which sends current and future mail from that sender to the Junk Email folder. Apple Mail, Yahoo, and other clients all offer an equivalent block action in the message menu. The mechanics differ slightly, the effect is the same: that address stops landing in front of you.

Blocking has one structural limitation that trips everyone up, and it is worth understanding clearly. Block acts on the exact From address, not the display name or the company. A spammer who emails from news@deals-acme.com today and offers@deals-acme.com tomorrow is using two different addresses, so blocking the first does nothing to the second — even though the name on both is identical. Serious spammers rotate addresses precisely to defeat per-address blocking. Against that behavior, blocking one address at a time is a losing game.

The fix is to block the whole domain instead of individual addresses, using a filter or rule. Gmail has no native block this domain button, but you can build a filter that matches the pattern *@deals-acme.com and set its action to Delete it, which catches every address on that domain forever. Outlook lets you add an entire domain (like @deals-acme.com) directly to your Blocked Senders list under Junk email settings, which is cleaner. Either way, blocking at the domain level is how you shut down a rotating-address spammer that individual blocks cannot touch. We cover the exact Gmail-versus-Outlook steps in the comparison section below.

Know what blocking does not do, so you are not surprised. It does not notify the sender — there is no alert or bounce, and from their side the mail looks delivered. It does not stop them from sending; it only redirects where their mail lands on your end. And it does not move messages already in your inbox — block only governs future mail, so a thorough cleanup means blocking the sender and then searching out and deleting the backlog they already left. For a handful of persistent offenders, blocking plus a domain filter is decisive. For the broad, ever-shifting tide of junk, blocking alone cannot keep up — that is the job of the filter you are training and, ultimately, of an inbox that screens unknown senders before they reach you.

When should you unsubscribe instead of block or mark as spam?

Not everything cluttering your inbox is spam. A large share of it is legitimate mail you technically signed up for and have simply lost interest in: store newsletters from a checkout months ago, product updates from a tool you tried once, event reminders from an organization you joined, digests from a community you no longer follow. This mail is annoying, but it is not spam in the meaningful sense — a real company sent it, you are on a real list, and there is a working unsubscribe link at the bottom because the law requires one. For this category, unsubscribe is the right move, not the spam button.

The reason the distinction matters is that unsubscribe and mark-as-spam solve different problems and have different side effects. Unsubscribing removes you from the list at the source, so the sender stops mailing you entirely — the supply is cut, not just redirected. Marking a legitimate sender as spam, by contrast, only filters their mail on your end while leaving you on their list, and it unfairly dings a real business's sending reputation. For senders you recognize and once opted into, unsubscribe is cleaner for you and fairer to them. Save the spam button for mail you never asked for.

Here is the critical safety rule, and it is the one place this advice flips: only ever click an unsubscribe link on mail from a sender you recognize and genuinely signed up for. For real, reputable companies, the unsubscribe link is safe and required by law to work — under the US CAN-SPAM Act, a commercial sender must honor your opt-out within ten business days. But on actual spam — junk from a sender you do not recognize, a deceptive promotion, anything that smells like a scam — the unsubscribe link is a trap. Clicking it does not remove you; it confirms to the spammer that your address is live and that a human reads the mail, which makes you a more valuable target and invites more spam, not less. We go deep on safe unsubscribing in a dedicated guide, but the one-line version is: unsubscribe from lists you joined, never from spam.

When the volume of legitimate-but-unwanted mail is large, unsubscribing one message at a time is tedious. Most people accumulate dozens of these lists over years. You can work through them in batches — open each newsletter, scroll to the footer, click unsubscribe, confirm — or use a tool that surfaces all your subscriptions in one place so you can clear them quickly. The goal is to get every list you no longer want off your plate at the source, because a list you have left can never spam you again. That is permanence; filtering is just management.

One nuance for the borderline cases. Some legitimate senders make unsubscribing deliberately annoying — a link that leads to a login wall, a preferences page that re-checks every box, a confirmation that never seems to take. If a real company genuinely will not let you off the list after a fair attempt, that is when escalating to a filter (route their mail straight to a folder or trash) or, as a last resort, blocking becomes reasonable. But try the front door first. Unsubscribe is the clean exit for mail you once wanted; reserve blocking and spam-marking for mail you never did.

Why should you never reply to or click on real spam?

For genuine spam — the deceptive, unsolicited junk from senders you do not recognize — the correct response is to do nothing except mark it as spam and delete it. No reply, no click, no unsubscribe, no download, no curiosity. This is the most counterintuitive rule in the playbook, because every instinct says to engage: reply STOP, click the unsubscribe link, open the attachment to see what it is. Every one of those instincts is wrong for actual spam, and acting on them makes your spam problem worse.

The mechanism is simple and worth internalizing. To a spammer, the most valuable thing about your address is confirmation that it is live and monitored by a real person. They blast millions of addresses, most of which bounce or go to dead inboxes. The moment you reply, click any link, load an image, or hit unsubscribe, you have confirmed: this address works, and a human is reading. That confirmation moves you from a low-value guess to a high-value verified target. Verified addresses get sold at a premium and get hit harder. By engaging, you have not stopped the spam — you have raised your own price and signed up for more.

Replying is the worst of these, especially replying STOP or anything angry. Legitimate companies honor unsubscribe links; spammers do not have an honest unsubscribe, and a reply just proves a human is on the other end. Clicking links is nearly as bad and adds real danger: spam links lead to phishing pages built to steal your credentials, malware downloads, or tracking URLs uniquely coded to your address so the sender knows precisely who clicked. Opening attachments from spam can install malware outright. Even loading remote images can silently confirm your address via a tracking pixel — a one-pixel image that pings the sender's server the instant the message opens, telling them the address is live. Blocking remote images by default closes that hole, and there is a dedicated guide on tracking pixels worth reading.

So the entire correct procedure for real spam is two clicks: mark as spam, then delete (marking usually moves it to the spam folder for you). That is it. You do not need to read it, respond to it, or investigate it. The discipline of doing nothing is what keeps your address from being re-validated and your spam volume from climbing. Treat every unexpected message from an unknown sender as untrusted input — assume the links are hostile and the unsubscribe is a trap until proven otherwise.

This is also where a screened inbox changes the game. The reason these rules are hard to follow is that the spam is sitting in your inbox, demanding a decision, tempting you to engage. If first-time and unknown senders were held back and screened before they ever reached you, the temptation would never arrive — you would never see the spam, so you could never accidentally click it. Removing the message from in front of you is far more reliable than relying on willpower not to touch it.

How do filters and rules auto-route spam before you see it?

Blocking handles individual senders; filters (Gmail's term) and rules (Outlook's term) handle patterns. A filter is a standing instruction your mailbox applies to every incoming message automatically: if a message matches these conditions, take this action. Conditions can be a sender, a domain, words in the subject, words in the body, the presence of an attachment, or combinations of these. Actions can be delete it, mark as spam, skip the inbox, apply a label or move to a folder, or mark as read. Set a filter once and it works on every future message without you lifting a finger — this is the closest the native tools come to automation.

For spam specifically, filters earn their keep in three jobs. First, the domain block we discussed: a filter matching *@spammy-domain.com with the action Delete it shuts down a rotating-address sender that per-address blocking cannot catch. Second, keyword routing: if the same junk slogans keep appearing (a particular fake-prize phrase, a specific product spam keeps pushing), a filter on those words can route matching mail straight out of your inbox — though use keyword filters carefully, since a clumsy keyword can catch legitimate mail too. Third, alias routing: if you used a tagged address like you+shopping@gmail.com for sign-ups, a filter can send everything addressed to that tag into its own folder, quarantining an entire category of promotional mail away from your real correspondence.

The build process is the same shape in both providers. In Gmail, open Settings, go to Filters and Blocked Addresses, click Create a new filter, fill in the matching criteria (From, Subject, Has the words, and so on), click Create filter, then choose the action — Delete it, Skip the Inbox, Apply a label. In Outlook, open Settings, go to Rules, click Add new rule, name it, pick a condition (From, Subject includes, and so on), pick an action (Move to, Delete, Block), and save. Both let you order rules and apply a new rule to existing mail, so you can sweep the backlog at the same time you set the rule for the future.

Filters are powerful but they have a ceiling, and it is the same ceiling that limits every keyword-and-pattern approach: they only catch what you anticipated. A filter cannot recognize a brand-new spam campaign with phrasing you have never seen, from a domain you have never blocked, designed to look like a legitimate message. Modern spam — increasingly AI-generated, sent from authenticated domains and legitimate infrastructure — is specifically built to slip past static rules. You can pile up filters indefinitely and still get caught by the next novel campaign, because you are pattern-matching the past while spammers iterate the present.

That gap is exactly what machine-learning spam filtering exists to close, and where the native tools and a purpose-built AI inbox diverge. A learning filter does not need you to anticipate the phrasing; it judges each message on its content, sender behavior, and similarity to known junk, and it adapts as spam evolves. Provider filters do this to a degree, but they are tuned conservatively to avoid burying legitimate mail, which is precisely why borderline spam still reaches your inbox. The next sections cover the platform specifics and then how an AI screener handles the unknowns that filters and rules structurally cannot.

How do aliases and Hide My Email stop spam at the source?

Everything so far has been damage control — managing spam after your address is already exposed. Aliases attack the problem upstream, at the moment of exposure, and they are the single most effective long-term defense against new spam. The idea is simple: instead of handing your real email address to every website, store, app, and form, you hand each one a unique disposable address that forwards to your real inbox. If that address later gets leaked, sold, or scraped, you delete it — and the spam stops dead — without ever touching your real address or any of your other sign-ups.

Apple's Hide My Email, included with iCloud+, is the most polished version of this. It generates a unique, random forwarding address (something like random-words@icloud.com) for each site or app, and all of them route to your real iCloud inbox. Sign in with Apple offers to create one automatically whenever you use your Apple ID on a supported site, and iCloud+ subscribers can create unlimited addresses manually for anything. The payoff: every service gets a different address, so when one starts spamming or shows up in a breach, you know exactly which one leaked, and you turn off that single alias. The spam ends; nothing else is affected.

Gmail offers a lighter, free version of the same principle called plus addressing. You can append +anything to your address — so alex@gmail.com becomes alex+shopping@gmail.com or alex+newsletters@gmail.com — and all of it still lands in your normal inbox. This does not hide your real address (anyone can strip the +tag to find it), so it is weaker against determined spammers, but it has two real benefits: you can filter mail by the tag (route everything sent to +shopping into a folder), and if a list starts spamming a tagged address, you know precisely which sign-up sold or leaked you. It is forensic labeling more than true masking, but it is free and instant.

Dedicated alias services and email-masking tools sit between these two, offering unlimited masked addresses, the ability to turn any alias on or off, and reply support so you can answer mail without revealing your real address. The common thread across all of them — Hide My Email, plus addressing, masking services — is that they convert the unstoppable reality of leaks into a controllable, per-service switch. You can never stop a company from being breached or selling your data. You can make sure that when it happens, only one throwaway address is affected and you can kill it in one click.

The practical habit that makes aliases work is almost embarrassingly simple: stop reusing your real address. Reserve your true email for people who actually need to reach you — close contacts, your bank, your employer. For everything else — every store, every free download, every app trial, every form, every newsletter, anything you would post publicly — use an alias. Adopt this going forward and your real inbox stops accumulating new spam sources, because the addresses being exposed are disposable by design. It will not clean up the spam you already have (use the earlier sections for that), but it stops the bleeding so the inbox you are cleaning stays clean.

Gmail vs Outlook: what are the exact steps to stop spam?

The principles are universal, but the buttons are not. Gmail and Outlook cover most personal and work inboxes between them, so here is exactly where each control lives in each one. The four jobs are the same in both: report junk to train the filter, block a sender, block a whole domain, and build a filter or rule to auto-route mail. Where the wording or location differs, the table makes it explicit, and the notes after it cover the gotchas.

A few cross-cutting truths apply to both. In both providers, reporting spam (Gmail) or junk (Outlook) is what trains the filter — plain delete does not. In both, blocking acts on an exact address, so a rotating-address spammer needs a domain-level rule instead. And in both, you can apply a new filter or rule to existing mail, letting one action clean your backlog and guard the future at once. The deeper, step-by-step walkthroughs for blocking in each provider live in our dedicated Gmail and Outlook block-sender guides; this is the side-by-side quick reference.

How and when should you report spam to authorities?

For most junk, marking it as spam in your provider is the only reporting you need — that signal trains the filter and helps everyone on the platform. But some spam crosses from nuisance into illegality or active fraud, and for those, escalating to the provider's phishing report and, in the worst cases, to a regulator is worth the extra minute. Reporting is not just civic-mindedness; the aggregated reports are what let providers and authorities shut down the operations behind whole campaigns, which is the only thing that actually reduces spam at scale.

Start with the provider-level escalation. Marking as spam is the baseline, but for anything that is trying to deceive you — a fake bank alert, a credential-stealing login page, a message impersonating a company or person — use the stronger Report phishing option rather than plain spam. In Gmail, open the message, click the three-dot More menu, and choose Report phishing; Gmail sends a copy to Google to improve detection for everyone. In Outlook, use Junk, then Report phishing. Phishing reports are weighted more heavily than ordinary spam reports because the mail is dangerous, not merely unwanted, so this is the right channel for anything with malicious intent.

For commercial spam that breaks the law — a real company that ignores your unsubscribe, keeps mailing after the legally required opt-out window, or uses deceptive subject lines — US recipients can report to the Federal Trade Commission at ReportFraud.ftc.gov. Under the CAN-SPAM Act, commercial senders must honor an opt-out within ten business days and must not use false headers or misleading subjects; persistent violations are exactly what the FTC acts on. Reporting an individual nuisance email rarely produces a visible result, but it feeds the pattern data that drives enforcement against repeat offenders, and the FTC has brought real cases off the back of consumer complaints.

For outright fraud and scams — financial scams, extortion, impersonation designed to steal money or identity — the report goes higher. In the US, the FBI's Internet Crime Complaint Center (IC3.gov) is the channel for internet-enabled crime, and if money was actually lost, that report can feed investigations and, occasionally, recovery efforts. The distinction is intent and harm: ordinary marketing junk goes to the spam button; a commercial sender breaking the rules goes to the FTC; a scam built to defraud you goes to IC3. Match the channel to the severity.

Keep reporting in proportion, though. The realistic, day-to-day return on your effort comes from the habits earlier in this guide — marking as spam, blocking, unsubscribing from real lists, and using aliases. Formal reporting is the right move for dangerous or clearly illegal mail and a genuine public good, but it is not a substitute for the filter training and source control that actually keep your own inbox clean. Report the bad actors; rely on the system for the volume.

How does AI Emaily stop spam automatically?

Everything in this playbook works — and it is also a lot of ongoing labor. You mark each junk message as spam, block each persistent sender, hunt down each domain to filter, decide message by message whether something is safe to unsubscribe from, and manage your aliases. The native tools put all of that on you. AI Emaily is built on a different premise: the inbox itself should be the spam filter and the screener, so the unknown and the unwanted are handled before they ever reach you. You stop being the filter.

The core is an AI spam filter that judges mail on its content and behavior, not just on rules you remembered to write. Where a static filter only catches the patterns you anticipated, the AI evaluates each message the way you would — is this a real sender, does this match known junk, is this trying to deceive me — and adapts as spam evolves, including the AI-generated campaigns sent from authenticated domains that slip past conventional filters. That closes the exact gap the filters-and-rules section described: the novel campaign you could never have written a rule for is judged on what it actually is.

On top of that sits the AI Screener, which is the piece that makes the never-engage-with-spam rule effortless. The first time an unknown sender emails you, their message is held and screened before it reaches your inbox — you decide, once, whether that sender is someone you want to hear from. Approve them and their future mail flows through normally; decline and you never see them again. Because first-time and unknown senders are intercepted at the door, the spam, the unsolicited pitch, and the deceptive unsubscribe-trap simply never land in front of you, so there is nothing to accidentally click. It turns a willpower problem into a one-time decision.

Around those two sit the controls this guide taught you to operate by hand, made one-click: allow and block lists let you permanently green-light the senders you trust and shut out the ones you do not, at the address or domain level, without building filters. And tracking-pixel blocking is on by default, so the spy pixels that confirm your address is live the instant a message opens — the ones that quietly escalate your spam volume — are neutralized before they can report back. The hostile open-tracking the never-engage section warned about is closed without you thinking about it.

Two things matter as much as the filtering. First, AI Emaily works with every email provider — Gmail, Outlook, and the rest — so you keep the address you have and simply get a smarter, screened inbox on top of it; there is no migration and no new address to hand out. Second, it is private by design: your mail is never used to train models, the same zero-retention principle that should be table stakes for any AI that reads your inbox. The whole point of getting AI near your email is to remove work, and that only holds if the AI is not quietly making your privacy the price.

Concretely, the daily experience is the inverse of the manual playbook. Instead of triaging junk, you see an inbox of senders you have approved; instead of building domain filters, you tap block once; instead of deciding whether an unsubscribe link is a trap, you simply never receive the spam that carries it; instead of disabling remote images to dodge pixels, the pixels are already blocked. The manual methods in this guide are the fallback when you are doing it yourself — and the reason an AI inbox is worth it is that it does all of them, continuously, so you do not have to.

How do you keep spam from coming back?

Stopping spam is not a one-time cleanup; it is a small set of habits that, once adopted, keep the inbox clean without ongoing effort. The good news is that the habits are light. The whole strategy collapses into a handful of reflexes: when junk arrives, mark it as spam rather than deleting it, so the filter keeps learning. When a specific sender will not quit, block the sender and, if they rotate addresses, the domain. When a real list you joined wears out its welcome, unsubscribe at the source instead of filtering forever. And when you hand your address to anything new, hand it an alias instead of your real address.

The deepest lever is the one that prevents future spam rather than managing current spam: guard where your address goes. Every new exposure is a future spam source, so the more you route sign-ups, downloads, and public postings through aliases, the fewer new sources you create. Combine that with checking which breaches have already caught your address — and changing passwords and enabling two-factor authentication where they have — and you shrink both the inflow of new spam and the damage from the leaks already out there. You cannot un-leak an address, but you can make every new one disposable.

It is also worth being honest about the limits of doing this manually. Even with perfect habits, you are still the system: still marking, still blocking, still deciding, still managing aliases, still the last line against the novel campaign no rule anticipated. That is exactly the work an AI inbox removes — an AI spam filter for the volume, an AI screener so unknown senders never reach you, one-tap blocking, and pixel protection by default, all on the provider you already use and without your mail being used to train anything. The manual playbook is the fallback for doing it yourself; the point of an AI inbox is that you no longer have to.

Whichever route you take, the destination is the same: an inbox where the mail that reaches you is mail you actually want, and the junk is handled before it becomes your problem. Do it by hand with the methods above, or let an AI inbox do it continuously — either way, the daily habit of deleting spam ends. Start with the highest-leverage move you are not already doing — usually marking as spam instead of deleting, and switching to aliases for new sign-ups — and build from there. If you want the whole thing handled for you on the address you already have, you can start free at app.aiemaily.com/signup.