Discussions

email validation?

+
0 Votes
Locked

email validation?

NOW LEFT TR
It occurs to me that the problem with TR and trolls could be wiped out if the submitted e-mail address was validated before access to posting is allowed.

I had a little investigation and noticed that you can create an account and start posting without any ?validation?. Now with 99% of other forums making you submit a valid e-mail address and then confirming by mail / link - should TR not do the same??

The current system seems lazy.
+
0 Votes
NOW LEFT TR
Collapse -

Nevermind: without a fix nothing will be for the better.

+
0 Votes
onbliss
Collapse -

If I wanted to post gibberish, I can create "n" number of yahoo or hotmail accounts, and use them to circumvent the e-mail validation process. If I am so bent to cause havoc, I would consider e-mail validation as only a minor inconvenience.

Spuddy has to just get bored with what he is doing, and he will go away.

+
0 Votes
Tony Hopkinson
Collapse -

TR could stop the full stop after the name (now two) drivel very easily though.
The email would make Spuddy sort of trackable, but it might put off new posters, making TR look like some less reputable sites, who only exist to collect email addresses.

+
0 Votes
Tig2
Collapse -

Since Spud boy likes to target me for some reason, I have put a lot of thought to the problem. I don't know what the right solution is.

I have to agree with Tony and Onbliss though. I can create any number of valid email addresses and circumvent the check process so I don't think that email validation would be the right answer. I just can't think of what the right answer would be.

I do know that the situation is somewhat self correcting. No matter what, we always seem to catch this clown and call him on it. Very fortunately, I have gotten a peer message every time he shows up with yet another mis-spelling of my ID. So that tells me that folks are aware of the juvenile and recognise that it isn't me.

Sheesh! How silly must some people be???

+
0 Votes
DanLM
Collapse -

With regard to the email validation thing. An email is sent to dingdong@spuddy.idiot.com. idiot must click to a confirmation screen, with the ip shown(no proxy's allowed). If they still continue on their merry way, you firewall the ip.

Using regex, only allow so many occurrences of a given alias. I know that they use some type of db here, ive seen error messages with the sql in it. Triggers with sql that issue notifications or blocks when a regex of a known alias appears, but is NOT that alias(extra letter, what ever). Admin comes in and eats the person alive.

The one thing I'm not real thrilled about with TR, you can change your alias. Well, stop that. Pick your alias, and go with it.

I am a errr, what ever tech on an irc network. We have fought the battle of spam bots and stuff. regex, enforce validation. Your people will moan and groan a bit, but when they recognize it is for their protection. They understand and go with it.

Also, every posting board that I have ever admined. I see the ip of the poster because I am the admin. Bloody block that ip completely. That falls under, go away twit. leave us alone.

With regard to stopping proxy's. There is various list's out there with known open proxy's. Unfortunately, there is always new ones. Spoofing ip's has become such an art form, but most case's simple protections will stop the script kiddies. And I would guesstimate that this person is nothing but a script kiddy. If it is found that this person keeps coming back, under the same ip and pretending to be tigger. This is a case of stalking, miss representation. Contact the isp(doesn't usually do squat, but you never know).


Dan

+
0 Votes
onbliss
Collapse -

...to firewall the IP. I think each time we post something here, they have our IP address. So having an email-validation process entails maintaining extra piece of code :-)

+
0 Votes
DanLM
Collapse -

Your right, they have to have our ip. Most boards I've used can block ip's at the board, you wouldn't want to necessarily firewall. Thats a bit of overkill.

But, think about it. The changing of the alias, or at the registration and chosing of an alias. Using a regex type query, you could check for someone trying to spoof another persons alias. That would only require extra code at two area's to stop this type of crap.

I don't know, I was trying to offer sugestions.

Dan

+
0 Votes
Tony Hopkinson
Collapse -

they want to if you get a false positive on a soundex or regex, but that would be a small price to pay to annoy the crap out of Spuddy.

+
0 Votes
onbliss
Collapse -

... you are just trying to get TR to start using Perl :-), your favorite. The first that comes to mind when somebody mentions regex is Perl.

+
0 Votes
DanLM
Collapse -

Lol, they should have done the whole site in Perl. Hehehehe, then we wouldn't have all these problems.

Dan