Ban disposable or spam email hosts

Ban disposable or spam email hosts October 2018 Update

No permission to download

Boils

Member
Damn I really wanted this but I have no idea how to execute a SQL query tho, too bad it's only for expert users. :(
 

alexD

Well-known member
Check the tutorial video below if you have access to a phpMyAdmin interface.


Feel free to ask anything in case you get stuck.
 

ozzy47

Well-known member
Damn I really wanted this but I have no idea how to execute a SQL query tho, too bad it's only for expert users. :(
Should you attempt to run a query, make sure you do a full backup first, in case something blows up.
 

alexD

Well-known member
Thanks for this.

May i suggest adding YOPmail.com to the list.
That one already exists, the rule doesn't match any possible subdomains though.
Screenshot from 2018-06-25 18-24-35.png

can this added manualy inside XF2?

list of disposable email?
If you navigate:
Admin Control Panel → Users → User discipline → Banned emails
You can add the full list either automatically or selectively add any specific domains manually. This functionality is a XenForo core feature.
 

RoyalRumble

Active member
That one already exists, the rule doesn't match any possible subdomains though.
View attachment 178735


If you navigate:
Admin Control Panel → Users → User discipline → Banned emails
You can add the full list either automatically or selectively add any specific domains manually. This functionality is a XenForo core feature.
Thanks.

Odd, a member registered with it today and spammed - hence the prompt for me to reply here. Will take a look.
 

usAdultAds

Active member
I can see the reason for banning spam emails, but what is the true purpose? Every email is considered disposable, with the exception of having your own domain, then set up an email off your domain, and do you expect everyone to have their own email/domain?

So the question is:

What is not considered a disposable email?
 

alexD

Well-known member
with the exception of having your own domain
This is not really required, all you currently need is a single google account to confirm multiple users:
the-kenny@HN [1] said:
In Gmail, you can add arbitrary dots (.) to your email address and add filters based on it: f.o.o@gmail.com You can also append a plus-sign with arbitrary text on it: foo+asdfsdfaiugo@gmail.com Both will route mails to foo@gmail.com.
As said, you can add a filter to add a label to all mails to this address and skip inbox for them. That's what I do.
(it's very easy to create functionality to mitigate this for the very popular Gmail addresses -facebook has been doing it for a while- either in the core or with an add-on)


What is not considered a disposable email?
From my experience, disposable email hosts allow the easy creation of email addresses for people who want to register on websites without having to input their main email address (which might include their real name or other identifiable text - e.g. nicknames used publicly in the past).
I've grandfathered plenty of gmail accounts from when Google didn't require an SMS verification. Note that, nowadays, even using SMS verification isn't safe from spammers [2].


I like how reddit permits registrations without requiring an email [3]. If a person doesn't care for password recovery or doesn't want to subscribe to discussion or message notifications, they can postpone adding it until they change their mind or the system detects something unusual with their behavior. I have registered over 200 accounts there in the last 13 years just to post a message once and forget about it. I definitely wouldn't put myself to complete the whole registrations process (with disposable emails or not) this many times if I was required to confirm the email addresses.


[1] https://news.ycombinator.com/item?id=2447678 and https://support.google.com/mail/answer/7436150?hl=en
[2] https://www.thestar.com.my/tech/tech-news/2017/06/13/thai-police-bust-400000-sim-card-chinese-click-farm/
[3] https://news.ycombinator.com/item?id=17190631
 

alexD

Well-known member
I imported it but it only imported 983 items, any other way to import this?
That's probably because of a server timeout.
If you try re-importing the same file again (without deleting any of the existing hosts you've already added), I'd expect another 1K to be imported.

Try redoing the above step multiple times until all the records get imported.
 

alexD

Well-known member
Can you try to manually add a dummy email into that ban list? Enter for example: *@test.test to that field and Save. Then, try re-importing the xml.

If the problem persists, try to import the version attached in this post and let me know if it creates a new record: *@test2.test.

Are you able to upload other files to your server, such as post attachments?
Have any new server errors been logged?
Can you fire up the browser developer tools (press F12) and observe the output while you do the same actions like in your screencap above?
 

Attachments

Last edited:

Kent D

Active member
Can you try to manually add a dummy email into that ban list? Enter for example: *@test.test to that field and Save. Then, try re-importing the xml.

If the problem persists, try to import the version attached in this post and let me know if it creates a new record: *@test2.test.

Are you able to upload other files to your server, such as post attachments?
Have any new server errors been logged?
Can you fire up the browser developer tools (press F12) and observe the output while you do the same actions like in your screencap above?
.cf i don't think you should ban it
 

Citrus

Member
Can you try to manually add a dummy email into that ban list? Enter for example: *@test.test to that field and Save. Then, try re-importing the xml.

If the problem persists, try to import the version attached in this post and let me know if it creates a new record: *@test2.test.

Are you able to upload other files to your server, such as post attachments?
Have any new server errors been logged?
Can you fire up the browser developer tools (press F12) and observe the output while you do the same actions like in your screencap above?
Ah adding a dummy email first then allowed me to import, not sure why that was. Thank you.
 

JoyFreak

Formerly Zuse
It says in the overview that "The list was reduced from 7,350 hosts to 5,318 in the October update. " I just imported the latest xml and it says I have 11,364 items, 569 pages. Did I do something wrong?
 

JoyFreak

Formerly Zuse
You can manually delete any records that match the old xf_ban_email.reason value and then re-apply the new update.
SQL:
DELETE FROM `xf_ban_email`
WHERE reason = 'https://xenforo.com/community/resources/ban-disposable-email-hosts.5939/'
Even though that is just a cosmetic change, it will result to a more homogeneous result.
I was able to reproduce that, that's a cache issue, try pruning the cache by either executing the following SQL command:
SQL:
UPDATE xf_data_registry SET data_value = 'a:0:{}' WHERE data_key = 'bannedEmails'
Or alternatively, by manually banning a new host, e.g. *@000.test, which you then can delete. That should update the cache.

Afterwards, re-import the updated list.
I run this query, and like @Nirjonadda said, only 1322 rows affected. It went down from 11,364 items to 10,042 items. So I successfully run the second query to update the list in your second quote and but still same number of items. I can see the old reason "Datio/MailChecker" and the new ones "Ban disposable emails". How do I fix this?
 

alexD

Well-known member
@JoyFreak
Try this query too:
SQL:
DELETE FROM `xf_ban_email`
WHERE reason = 'Datio/MailChecker';
The latest update should have 5318 entries.
 
Top