XF 2.1 Using Regex to block gmail spam accounts

Dermot

Dermot

Active member
See a lot of the following types of accounts signing up, examples are below ..

Code: 
s.a.m.p.l.e@gmail.com
g.m.a.i.l.i.s.o.d.d@gmail.com
l.o.t.s.o.f...d.o.ts@gmail.com
blah+lpewf@gmail.com

is using the registration regex below recommended.

Code: 
/(?:\.|\+.*)(?=.*?@gmail\.com)/gm

..and is it even supported?
 
Sort by date Sort by votes
Because gmail addresses are used almost exclusively by spammers here, we have completely blocked gmail.

No matter how powerfull your RegEx will be, whoever wants to get through will get through. Therefore, completely block gmail and make it known in the registration form.
 
Upvote 0 Downvote
Masetrix said:
Because gmail addresses are used almost exclusively by spammers here, we have completely blocked gmail.

No matter how powerfull your RegEx will be, whoever wants to get through will get through. Therefore, completely block gmail and make it known in the registration form.
Click to expand...

While that is an option, i'd rather not block a popular e-mail domain entirely if i don't need to.
 
Upvote 0 Downvote
In case anyone doesn't know why spammers use that format for email, it's because Gmail (and a lot of other email providers) ignore periods and anything after the plus when routing email to the mailbox. As an example, the following emails will all end up in the same Gmail account:

johnsmith@gmail.com
john.smith@gmail.com
john.s.m.i.t.h@gmail.com
john.smith+xenforo@gmail.com (like maybe you want to use a unique email anywhere you sign up to track where the origin of spam if from).

You basically can have an infinite number of email aliases automatically. The problem is that for spammers, they can create an infinite number of XenForo accounts without needing to create additional Gmail accounts (they can all have unique email addresses that go to the same inbox).

For one of my sites it became so problematic that I ended up hooking into the User entity so that when the email was set or changed, it would internally "normalize" the email (remove anything between the + and @ and remove all . characters and use that for comparison for unique email addresses on accounts.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

polle
  • Question Question
XF 2.2 Rule to block spam accounts using gmail
Replies
3
Views
182
Ozzy47
Ozzy47
M
Expand your Youtube tutorial series and docs to cover more of the basic setup and features
2
Replies
26
Views
2K
TPerry
TPerry
Miri
  • Question Question
XF 2.2 Simplifying access through social accounts on Xenforo
Replies
5
Views
807
digitalpoint
digitalpoint
MapleOne
  • Question Question
XF 2.2 Block email address: ericjonesmyemail@gmail.com
Replies
1
Views
3K
Dragonfruit
Dragonfruit
Larry Barasch
  • Question Question
XF 2.2 Russian spam
Replies
8
Views
2K
Baby Community
Baby Community
Top Bottom