Cut down on fake emails, do a DNS check on email domain before allowing registration to be submitted

bzcomputers

bzcomputers

Well-known member
It would be nice if email addresses submitted in either the registration and/or contact forms were DNS checked to validate that the address is associated with a known good domain excepting email prior to allowing the registration/contact form to even be submitted.

This would help cut down on fake email accounts even being created. It should only take a couple seconds behind the scene and would likely be unnoticeable to the user when registering or using the contact form. Yes, users could still spoof their address with an invalid username and good domain, but I would say 9 times out of 10 they spoof with a bad domain. If a bad domain is found the form could just show the message "Invalid email, please enter a valid email address to create an account / send a message."
 
Upvote 19
I find most alter the domain name or extension to something that would not pass a DNS check ...lets see just today I had registrations with:

yahoo.comm
sympatico.cs
hotmail.com1939149
gmail.con
hotmail.co.ukk
bbtinternet.com
hotmai.com

all of which would fail a domain DNS check.
 
I like this idea.

While I don't think DNS verification would help much to combat spam, I do think it could help to reduce bad user experience / support workload due to typos in email addresses.

As XenForo already does include a library that is capable of doing this it should be very easy to add an option to use it :)
 
Since I installed Kirby's add-on 6 months ago my bounced registration confirmation emails and in turn registration's stuck in the "awaiting email confirmation" have been reduced by about 80%. Whether it's someone with an email typo or purposefully trying to register with a bad email address, this seems to catch a majority of it. Saves admin workload removing accounts forever stuck in the "awaiting email confirmation state".

A simple email domain check can eliminate some workload on your admin(s). Hope to see it integrated into XF 2.3

xenforo.com

Validate Email Domain

This really simple Add-on checks if the domain-part of an email is "valid", eg. if the domain can be found via DNS - if not the email address is rejected as invalid. Validation is done via the bundled version of...
xenforo.com xenforo.com
 
Last edited:
Had this happen on my forum.
So i have a rule that if people deliberately fart about and not add a valid email address they have to re-sign up with a valid one. By valid it can be any email that they have actually had validated.
 
Actually just had to fix up my own email account up because i looked at all of the current emails my host.
Try that if you're having problems.
 
aussiefooty said:
So i have a rule that if people deliberately fart about and not add a valid email address they have to re-sign up with a valid one.
Click to expand...
Correct me if I'm wrong... but if one uses email validation and their email bounces... they aren't a member and either have to revalidate their address or simply not be a member already as long as one uses the bounce function?
What this is about is those that use a email address that is not DNS validated prior to continuing the registration process in case they spelled the domain wrong due to whatever reason.
 
Tracy Perry said:
Correct me if I'm wrong... but if one uses email validation and their email bounces... they aren't a member and either have to revalidate their address or simply not be a member already as long as one uses the bounce function?
What this is about is those that use a email address that is not DNS validated prior to continuing the registration process in case they spelled the domain wrong due to whatever reason.
Click to expand...
I was thinking the same thing. :) What good does putting a fake email in, if it will never pass validation?
 
Tracy Perry said:
Correct me if I'm wrong... but if one uses email validation and their email bounces... they aren't a member and either have to revalidate their address or simply not be a member already as long as one uses the bounce function?
What this is about is those that use a email address that is not DNS validated prior to continuing the registration process in case they spelled the domain wrong due to whatever reason.
Click to expand...

This stops invalid email domains from actually submitting the registration form. It does the check prior prior to accepting the registration form and tells the registrant their email is invalid and allows them to correct it before attempting to submit the registration form again. In turn it stops a large number of accounts ever ending up in the "Awaiting email confirmation" until eventually having to be deleted by an admin. This not only stops inadvertent email mistypes, but also stops users trying to gain access to your site without a valid email domain/registration.

For those with areas of your site that requires a registration account to access/view this is extremely useful. Without any type of email validation in place you end up with a lot of accounts sitting in the "Awaiting email confirmation" because many new users can be reluctant at first to enter a valid email - thinking an invalid email will get them the quick access they want, not knowing it will have to be confirmed first.

When "Register" is clicked with a bad email domain, this is what the user sees.

1695486245924.webp
 
Simply add a second email address field for new users to be sure they are typing the correct email addresses before submitting the registration form. Simple
 
isoloaare said:
Simply add a second email address field for new users to be sure they are typing the correct email addresses before submitting the registration form. Simple
Click to expand...
This is true for those who accidentally make a mistake. The DNS check also catches those who intentionally misspell the domain name trying to give false contact information.
 
I put everyone through the approval queue.
I get them to answer a question.
It's the only way to stop people from signing up with an obviously fake email address.
 
aussiefooty said:
I put everyone through the approval queue.
I get them to answer a question.
It's the only way to stop people from signing up with an obviously fake email address.
Click to expand...

Which will work on a small/slow site, but manually approving a couple hundred a day on a busy site is not something an admin or mod wants to do day after day!
 
bzcomputers said:
Which will work on a small/slow site, but manually approving a couple hundred a day on a busy site is not something an admin or mod wants to do day after day!
Click to expand...
Works perfectly on my site as i have a small membership base.
I also prefer it that way so i can let people bond better.
 
isoloaare said:
Simply add a second email address field for new users to be sure they are typing the correct email addresses before submitting the registration form. Simple
Click to expand...
That would be ... simply annoying for the majority of users who get the email address right with just one input control :)

Giving an error message to those who (intentionally or accidently) mess up the email is IMHO a lot more userfriendly than requiring everyone to input the email twice.
 

Similar threads

K
Validate Email Domain
2
Replies
33
Views
2K
Ivancas
Ivancas
W
  • Question Question
XF 2.2 How to remove email field from registration form
Replies
4
Views
890
BassMan
BassMan
digitalpoint
Cloudflare optimizations for XenForo
7 8 9
Replies
175
Views
17K
digitalpoint
digitalpoint
Alpha1
Add-on Email Validation Checker (high affiliate commissions for developers)
Replies
6
Views
904
Alpha1
Alpha1
Ozzy47
[OzzModz] Building A New Forum Following 11 Useful Tips
Replies
8
Views
4K
Kleazy
Kleazy
Top Bottom