First, sorry for the long overdue reply.
I totally forgot all about it.
And, thank you for the answer.
Quote: Originally posted by Jenny Lee  |
Have in mind that not all email addresses using sub-domain are evil. That could lead into potential problems of denying a completely legit user that
tries to register. |
I really do not care that there is a valid use for subdomains in email. We are explisitly mass-deleting every single newly registered user – with
prejudice – which use a subdomain as the mail address.
The amount of link-spam from new users is unacceptable.
And they all have the fact in common that every new spam-user – yes, every single one – use subdomains as their email addresses. In all the years we
have run this forum, we have yet to see a single valid user that use subdomains in their email addresses.
(The spammers usually only put links in their bio and homepage fields, but that is enough. It is not allowed in our forum. They are deleted, with
prejudice.)
Quote: |
The best thing would be to use some social login integration(facebook, twitter you name it) and completely abolish registering by e-mail.
|
Unacceptable. That is a privacy violation. We will under no cirtumstances force people to have some kind of social media account in order to register.
If that is the alternative, we would rather disable new registrations all together.
Quote: |
1st. Using an online email verification api. They usually aren't free, but does the job perfectly. You don't have to worry about
losing legitimate users. It's very unlikely for them to false flag a spam email. |
No can do. We don't have the economy to manage that. (Yes, we really do have a lot of spam registrations, we will go over the free montly limit within
a week)
Quote: |
2nd. Using your own white(black)-list of email domains. |
We are
NOT creating a list of all possible valid domains. That is also not an acceptable solution.
For example, we are banning Gmail, Hotmail, Outlook, any kind of disaposable email address provider. and so on, because the vars majority of spam
registrations come from them. Even with those banned, we have a to large volume of spam users.
Quote: |
3rd. Using regex to deny sub-domain emails. (It's more complex.) |
This is exactly what we want – reject any email that uses a subdomain.
But we don't have the skills to code something like that, so we ask: is there an existing solution that does this?