Don't allow multiple variations of the same gmail address about smf HOT 18 CLOSED

Not only that, stripping all the "." would affect also the domain, so that email addresses like: [email protected] to myname@mydomaintld, something that probably we don't want...

Probably to have something like that the best is "cleanup" the email addresses before they are saved into the database and then strip the "." php-side and do the ban query on the "clean" email.
I would also restrict this behaviour to certain domains only, and of course have the list of domains changeable somewhere in the admin area (anti-spam?) :P).

from smf.

Is this something we should implement? If strpos gmail, strip all periods prior to instance of @?

from smf.

The email spec states that some other things like + are also legal but are
not separate addresses.

On Thu, Dec 6, 2012 at 10:22 AM, Matthew K [email protected] wrote:

Is this something we should implement? If strpos gmail, strip all periods
prior to instance of @?

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/240#issuecomment-11089439.

from smf.

No. Just... no.

from smf.

What part you don't agree with live627? The entire gmail (maybe others) discussion or one of the other suggestions?

from smf.

I see this becoming a form of voodoo magic. What happens when someone signs
up with a Gmail account that has a dot in it?

EDIT: I didn't know that Gmail discarded dots in their accounts. And I even
use them as my email provider! Fancy that...

II think my argument is null and void.

On Sat, Dec 8, 2012 at 6:22 AM, emanuele45 [email protected] wrote:

What part you don't want live627? The entire gmail (maybe others)
discussion or one of the other suggestions?

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/240#issuecomment-11158611.

from smf.

I agree with not implementing it. It has come up before. If people are
having an issue with it, it should be addressed with a customization. Can
you ban with a regular expression? That would be a better feature.

On Sat, Dec 8, 2012 at 1:22 PM, John Rayes [email protected] wrote:

I see this becoming a form of voodoo magic. What happens when someone
signs
up with a Gmail account that has a dot in it?

EDIT: I didn't know that Gmail discarded dots in their accounts. And I
even
use them as my email provider! Fancy that...

II think my argument is null and void.

On Sat, Dec 8, 2012 at 6:22 AM, emanuele45 [email protected]
wrote:

What part you don't want live627? The entire gmail (maybe others)
discussion or one of the other suggestions?

—
Reply to this email directly or view it on GitHub<
https://github.com/SimpleMachines/SMF2.1/issues/240#issuecomment-11158611>.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/240#issuecomment-11161701.

from smf.

@joshuaadickerson Banning with regular expressions wouldn't do any good here unless you can somehow say "match this string with 0 or 1 dots after each character except the last one", and even then that would only work for one specific address.

I don't want to ban all dotted gmail addresses as there are legitimate uses for the feature (though I can't see any reason why you'd need to use more than one dot, and have banned "..*@gmail.com" on at least one forum), but it's a bit annoying that there's no easy way to prevent this obvious workaround.

from smf.

As of now, SMF could see "[email protected]" and "[email protected]" as two completely different email addresses, although if you email both, it'll go to the same account. I personally see this as a flaw in how SMF handles Gmail addresses, which theoretically then should be resolved.

It'd be as simple as stripping periods ahead of the @ symbol and THEN seeing if a member is registered with that email. Heck, you could even save them however they were entered, and then when doing the search just do the same regex.

from smf.

And all of that pales into insignificance when you realise that any domain that uses Google Apps can potentially do exactly the same thing...

from smf.

@Arantor Google Apps treat dots in the email address strictly. So [email protected] is a different box than johndoe@ and john.do.e@

from smf.

http://support.google.com/a/bin/answer.py?hl=en&answer=33386

from smf.

Huh, I thought it did. Wish I'd have known that last week, I could have saved myself a silly amount of work.

from smf.

Reminder: https://support.google.com/a/answer/33386?hl=en less than a month away. Should this issue be closed?

from smf.

Google Apps and Gmail are two different things as pointed out previously and in that link.

from smf.

I misunderstood the the link as saying. I thought it was saying various dots within a gmail would no longer work or be considered different email addressed.

from smf.

I think we can close this, since it only affects a single service (GMail), it wouldn't be worth putting forth the effort to put it into effect. There are other, better way at preventing spam.

from smf.

Admins themselves can get around this by creating a ban .@gmail.com and disallowing it to register. SMF only uses * for the wildcard and uses the literal .

from smf.