Why is my email exposed when I contribute to open source?

Git records the author email on every commit. Once a commit is pushed to a public repo, that email is archived in the repo, mirrored by services like GitHub, and indexed by tools that scrape commit metadata. There is no retroactive fix. The address is searchable forever.

Won't a cover charge discourage real contributors from reaching out?

No. Known collaborators, maintainers you've responded to, and anyone on your mailing list are already on your guest list. A new contributor who genuinely wants to report a bug or propose a patch is one nickel away. Mass recruiter and vendor campaigns are what the cover charge filters out.

Does Rythm work if I use a plus-addressed or alias email for commits?

Yes. Rythm filters on whatever inbox you connect via Gmail or Outlook OAuth. If your commit email is a forward or alias that lands in that inbox, Rythm applies the guest list and cover charge to the delivered message.

Can attackers pay the cover charge to slip a supply chain phishing email through?

They can, and that is fine. Rythm is a bouncer, not a lie detector. The filter is sender intention, not content. A targeted attack that pays $0.04 is already a costly attack, and the message still reaches your inbox marked as paid, where your normal scrutiny applies.

Is Rythm built on open protocols?

Yes. Cashu for the bearer-instrument token and the Lightning Network for settlement. Both are open, documented, and implemented by multiple independent teams. We lean on open protocols because our users do.

Email Security for Open Source Maintainers (2026)

Every commit you've ever pushed doxxed your email. Here's how to keep recruiters, vendors, and supply chain probes out without blocking real contributors.

Your git commit email is not a mistake. It is a feature of a distributed version control system that needs a stable author identity. It is also permanently public. Every patch you have ever sent to a mailing list, every pull request, every commit on every public repo, broadcast the address in the clear and archived it in dozens of mirrors.

Once it is out, it is out. You cannot retract a commit. You cannot unpublish a Linux kernel patch. The address you used when you were a student contributing a typo fix to a documentation repo in 2016 is in a crawlable database somewhere right now, and recruiters, vendors, and increasingly the kind of people who try to slip a malicious dependency past a tired maintainer, have it.

This post is for the people who carry an open source project on their evenings and weekends, or full-time, and whose inbox has slowly become a reason to log off.

The Inbox of an Open Source Maintainer

Ask any prolific maintainer what their inbox looks like and you get the same shape. A handful of real collaborator threads. A mountain of recruiter outreach. A steady beat of vendor cold emails asking to “sponsor” a banner. The occasional well-targeted phishing attempt dressed up as a contribution offer or a support request. And, increasingly, supply chain reconnaissance. Someone probing to find out if you are the sort of maintainer who might merge a patch from a stranger without reading it closely on a Friday night.

None of this is new. What is new is the volume, the quality of the AI-written prose, and the fact that the legitimate community contributions you actually care about are harder and harder to find under the noise. As the industry has reported, AI-generated phishing grew roughly 204% in 2025 to 2026 (as reported by The European). The flood is not hypothetical.

Why Standard Advice Fails

“Use a separate email for commits.” This works until the project matters enough that people actually want to reach you there. Then you are back where you started, with a new address exposed and a new inbox to manage.

“Turn on aggressive spam filters.” Gmail and Outlook native filters are tuned for the mass-blast spam of ten years ago. A competent cold outreach shop looks indistinguishable from a human who wants to collaborate. Filters let it through. Real contributor mail sometimes gets junked. Either way, you lose.

“Go private.” You cannot. The git log is the git log. And even if you could, maintainers who do not publish a contact address get accused of gatekeeping.

The real problem is that reaching a maintainer is free. Anyone with a scraper and a send quota can hit you. The fix is not a better guess about who is real. The fix is to make the cost of reaching you nonzero.

The Sincerity Test

Rythm puts a bouncer in front of your inbox. Known collaborators walk right in. Everyone else either pays a small cover charge that you set (about four cents by default) or waits in a separate folder for you to review on your own time. The money settles straight to your own wallet.

A real community contributor who has a patch to propose, a bug to report, or a question about your API, will not blink at four cents. The reward for them is your attention. The cost for them is a nickel. That math is not hard.

A recruiter blasting a template to ten thousand GitHub profiles will not pay $400 to reach maintainers. A vendor running a cold-email sequence to every committer in a language ecosystem will not pay either. And a supply chain attacker running a probe campaign to find soft targets will think twice before leaving a payment trail on every attempt.

The filter is sender behavior, not sender content. This is the point. Deterministic, rule-based, not an AI guessing. You could beat a content filter with better prose. You cannot beat an economic filter with better prose.

The Guest List Builds Itself

You do not sit down and import a list of collaborators. When you connect Rythm to your Gmail or Outlook, it scans the people you have already been corresponding with and builds the guest list automatically. Reply to a patch submitter? They are on the list. Accept a PR and the submitter emails you a follow-up question? They are on the list. Subscribe to a project mailing list? Those addresses are on the list.

The guest list tends the project naturally. The community you have actually been engaging with stays reachable. The strangers who want your attention on their terms, not yours, are the ones who have to put a nickel on the line.

Nothing Is Deleted

The part maintainers worry about first. Rythm does not delete anything. Unknown senders who do not pay go to a separate folder called RYTHM: REJECTED. Nothing is lost. If a first-time contributor with a great patch sends you something, and they do not know about the cover charge, their mail is in that folder waiting. You drag it to inbox, they are on the guest list for next time, and the thread continues like any other.

This is the bouncer, not the firing squad.

What Rythm Does Not Do

It does not read your code review threads for you. It does not score your contributors. It does not scan message contents to guess intent. It scans for one thing (a payment proof) and discards the rest in memory. No content stored, no profile built on you or your collaborators.

It is not a cryptocurrency service. It is email processing software. Senders include a Cashu token in their email, Rythm parses it, verifies it, and melts it to your own Lightning wallet. Rythm is never in the money path. The subscription pays for the automation. See how it actually works if you want the full plumbing.

What It Costs You

$1.65 per month, cancel anytime. Works with Gmail, Google Workspace, Outlook, and Microsoft 365. Setup is about twelve minutes. CASA Tier-2 security audit completed, all 39 test cases passed.

The Quieter Benefit

The point is not the money. The point is that your email goes back to being a tool for communicating with the people who actually want to communicate with you. Contribution threads stop drowning. The weight of “I should really triage my inbox this weekend” goes away. Open source maintenance gets a little less like a second job and a little more like what it was supposed to be.

Your git commit email is public forever. Your attention does not have to be.

Your Git Commit Email Is Public Forever. Your Inbox Doesn't Have to Suffer for It.