Each instance's database contains the email addresses of local users only. Lemmy does not share email addresses between instances.
Viewing users' email addresses requires directly querying the database. They are not visible through the API.
this post was submitted on 15 Sep 2025
26 points (100.0% liked)
sh.itjust.works Main Community
8292 readers
4 users here now
Home of the sh.itjust.works instance.
founded 2 years ago
MODERATORS
Are ip addresses of posts stored? Or sessions?
~~I believe user IP addresses are stored and correlated with a user's session token. Those tokens are valid for a while. The database does not have a post-by-post record of a user's IP.~~
~~Disclaimer: I am not one of the admins with direct database access, so I cannot confirm that this is true. My statement above about IP addresses is secondhand information from memory. I may be wrong.~~
I should leave this to the professionals:
Good to hear, thanks!
The email is only stored locally and never used in federation.
So that's local admins only, and even then, only if you have access to the database itself.
Right now, that would be TheDude and me.
Emails aren't very useful to us admins.
Sure, spammers tend to use junk emails, but (some) legit users also do, so it's a bit moot to start looking at addresses en masse.
Basically the only time I even see any email address is if they have trouble with the initial verification email.
The email is very useful to allow users to reset their password, but that's an automated process, and not something we'd look at.
Peace
But my client on my phone has my email as well though, right? Unless I used the browser on my phone.
Yes, your email might be saved in some app you've used to login, including your browser's saved credentials thingy.
Thanks I appreciate the info!
if its anything like mbin,and i suspect it is, the email address is keyed from the user account but doesnt leave that instance and isnt available to anyone besides admin.
Admins, or anyone having access to your hypothetical instance database breach / leak
Just to confirm the gist of what the admins have been saying in here, they don't really care about your address or even the fact that you're registered with your daily one.
Source: My account has an obviously bogus e-mail address associated with it. (I don't remember what exactly). By applying what little charm I have, I still have a valid SJW account.
Sure, I won't be able to do password recovery via email and other QoL stuff, but that's a sacrifice I'm willing to make.
If you're really concerned about leaking your email address, I'd suggest using an anonymous mail service like https://anonbox.net/. Just create an one-time address for registration and don't forget your password ;). That way you don't need to trust the admins nor their server security.
My email provider also has a service where they give you a throwaway email address that's only valid for a month. Maybe yours does the same?
Thanks for the tip. I wasn't concerned about using my real email when I signed up for Lemmy when Trump wasn't the president. Not sure if it's possible to change the email tied to your account.