Cut down on fake emails, do a DNS check on email domain before allowing registration to be submitted

[bzcomputers]

It would be nice if email addresses submitted in either the registration and/or contact forms were DNS checked to validate that the address is associated with a known good domain excepting email prior to allowing the registration/contact form to even be submitted.

This would help cut down on fake email accounts even being created. It should only take a couple seconds behind the scene and would likely be unnoticeable to the user when registering or using the contact form. Yes, users could still spoof their address with an invalid username and good domain, but I would say 9 times out of 10 they spoof with a bad domain. If a bad domain is found the form could just show the message "Invalid email, please enter a valid email address to create an account / send a message."

 

[Rhody]

most of them use gmail or yahoo or one of the common ones.

 

[bzcomputers]

I find most alter the domain name or extension to something that would not pass a DNS check ...lets see just today I had registrations with:

yahoo.comm
sympatico.cs
hotmail.com1939149
gmail.con
hotmail.co.ukk
bbtinternet.com
hotmai.com

all of which would fail a domain DNS check.

 

[Max Taxable]

Not sure but I think xon's signup abuse add-on addresses this?

 

[Kirby]

I like this idea.

While I don't think DNS verification would help much to combat spam, I do think it could help to reduce bad user experience / support workload due to typos in email addresses.

As XenForo already does include a library that is capable of doing this it should be very easy to add an option to use it

 

[bzcomputers]

Since I installed Kirby's add-on 6 months ago my bounced registration confirmation emails and in turn registration's stuck in the "awaiting email confirmation" have been reduced by about 80%. Whether it's someone with an email typo or purposefully trying to register with a bad email address, this seems to catch a majority of it. Saves admin workload removing accounts forever stuck in the "awaiting email confirmation state".

A simple email domain check can eliminate some workload on your admin(s). Hope to see it integrated into XF 2.3

Validate Email Domain

This really simple Add-on checks if the domain-part of an email is "valid", eg. if the domain can be found via DNS - if not the email address is rejected as invalid. Validation is done via the bundled version of...

xenforo.com

 

[Suzanne O]

Had this happen on my forum.
So i have a rule that if people deliberately fart about and not add a valid email address they have to re-sign up with a valid one. By valid it can be any email that they have actually had validated.

 

[Suzanne O]

Actually just had to fix up my own email account up because i looked at all of the current emails my host.
Try that if you're having problems.

 

[TPerry]

So i have a rule that if people deliberately fart about and not add a valid email address they have to re-sign up with a valid one.

Correct me if I'm wrong... but if one uses email validation and their email bounces... they aren't a member and either have to revalidate their address or simply not be a member already as long as one uses the bounce function?
What this is about is those that use a email address that is not DNS validated prior to continuing the registration process in case they spelled the domain wrong due to whatever reason.

 

[Rhody]

Correct me if I'm wrong... but if one uses email validation and their email bounces... they aren't a member and either have to revalidate their address or simply not be a member already as long as one uses the bounce function?
What this is about is those that use a email address that is not DNS validated prior to continuing the registration process in case they spelled the domain wrong due to whatever reason.

I was thinking the same thing. What good does putting a fake email in, if it will never pass validation?

 

[bzcomputers]

Correct me if I'm wrong... but if one uses email validation and their email bounces... they aren't a member and either have to revalidate their address or simply not be a member already as long as one uses the bounce function?
What this is about is those that use a email address that is not DNS validated prior to continuing the registration process in case they spelled the domain wrong due to whatever reason.

This stops invalid email domains from actually submitting the registration form. It does the check prior prior to accepting the registration form and tells the registrant their email is invalid and allows them to correct it before attempting to submit the registration form again. In turn it stops a large number of accounts ever ending up in the "Awaiting email confirmation" until eventually having to be deleted by an admin. This not only stops inadvertent email mistypes, but also stops users trying to gain access to your site without a valid email domain/registration.

For those with areas of your site that requires a registration account to access/view this is extremely useful. Without any type of email validation in place you end up with a lot of accounts sitting in the "Awaiting email confirmation" because many new users can be reluctant at first to enter a valid email - thinking an invalid email will get them the quick access they want, not knowing it will have to be confirmed first.

When "Register" is clicked with a bad email domain, this is what the user sees.

 

[isoloaare]

Simply add a second email address field for new users to be sure they are typing the correct email addresses before submitting the registration form. Simple

 

[bzcomputers]

Simply add a second email address field for new users to be sure they are typing the correct email addresses before submitting the registration form. Simple

This is true for those who accidentally make a mistake. The DNS check also catches those who intentionally misspell the domain name trying to give false contact information.

 

[Suzanne O]

I put everyone through the approval queue.
I get them to answer a question.
It's the only way to stop people from signing up with an obviously fake email address.

 

[bzcomputers]

I put everyone through the approval queue.
I get them to answer a question.
It's the only way to stop people from signing up with an obviously fake email address.

Which will work on a small/slow site, but manually approving a couple hundred a day on a busy site is not something an admin or mod wants to do day after day!

 

[Suzanne O]

Which will work on a small/slow site, but manually approving a couple hundred a day on a busy site is not something an admin or mod wants to do day after day!

Works perfectly on my site as i have a small membership base.
I also prefer it that way so i can let people bond better.

 

[Kirby]

Simply add a second email address field for new users to be sure they are typing the correct email addresses before submitting the registration form. Simple

That would be ... simply annoying for the majority of users who get the email address right with just one input control

Giving an error message to those who (intentionally or accidently) mess up the email is IMHO a lot more userfriendly than requiring everyone to input the email twice.

 

[Ivancas]

Not sure but I think xon's signup abuse add-on addresses this?

No, I think it doesn't