Leave a comment
Get the GH Bookmarklet

Ask GH

I recently came across this post on r/entrepreneurs on how a student was able to mine 7000 emails via gmail's autofill feature. If you autofill a name, it provides you with the person's email address. He emailed all 7000 emails about his service and made $10K in a month.

My university allows us to keep our .edu email after we graduate. I just realized that we also have the same autofill feature. I'm wondering if it would be considered intrusive if I did the same thing and sent out an email to my alma mater to get pre-orders for the launch of my startup? OR would it be okay/well received? What do you think?

Here's the messaging I would send:


I’m a Stanford alum, and I started a thing. I am giving away a limited number of subscriptions for up to a lifetime of organic period goods at wholesale cost (*saving you up to $6/mo). For all current students, you can pre-order your first 3 months at wholesale cost here (subscription starts at $7/mo). It’ll ship out in April.

Cancel anytime. Try it risk free. Hate it? We’ll refund you in full. Our ultimate mission is to make high quality, organic period care accessible + affordable for all, ESPECIALLY for students, POC, and low income folks. WHY? Because we think everyone should have equal access to better period care. Let me know what you think! *Feedback is encouraged and welcomed!*



  • DF

    David Fintz

    8 months ago #

    I mean depends on where you are located but in theory (speaking of the EU) this would most likely be considered as spam (though this is not to be considered as some legal advice).

    Another thing though is that you can test emails with this simple tool: https://mailtester.com/ if you find the pattern for a addresses in a domain, then you can easily replicate that, so in my opinion it's not so much of an issue if the student in question could have found it that way.

    Another thing though is that we had a similar case in my university, and the student faced some disciplinary consequences (don't remember what) and the IT system was changed after that to avoid this issue.

    So all in all, great question, I'm not sure how I would deal with it, kind of a grey zone in a way.