Normalize emails for uniqueness


Well-known member
Spammers leverage Gmail (and other email providers) ability to create multiple accounts using the same Gmail account, but each account has a "unique" email address by leveraging dots (".") and pluses ("+") in the email address.

For example, these all go to the same Gmail account inbox:

Dots are ignored and anything between + and @ are also ignored when routing to an inbox.

More info:

A few years ago I built an addon that normalized a user's email address with a preg_replace like so:

$normalizedEmail = preg_replace('/(?:\\.|\\+.*)(?=.*?@gmail\\.com)/m', '', $email);

The one I did was for Gmail specifically, but it looks some of the the major free email providers support the same thing now:

Anyway, long story short is you could add a hidden column to the xf_user table that stored the normalized email address that must be unique (and it's updated when the user's normal email is updated via the User entity). As a result you would cut out a whole lot of spammers that are using that to create multiple accounts.
Upvote 42
It would be nice to see this in core.. Until that time, maybe @Xon can add this to:
Complex software requires many hours of development and testing. If you consider what you get and how many hours go into it, then its very cheap.
Top Bottom