HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Email whitelist?
Newtex
New
I have an email banning rule that works great, but it's slightly too generic atm and making it less generic would let bots pass through. If I was able to whitelist a certain email provider then it would be perfect. Is there any way to do that?
0
Comments
What is your current rule and how implemented?
That would not help - As I understand what you wrote:
You got a rule
A*@example.ban
But it is to generic as everyone starting with A gets banned.
So you want to whitelist
*@example.ban
Which rule then gets presedence?
Maybe your case is more clear when I see your reply to donshakespeare
@Kaspar
That's a silly example and has nothing to do with domains. I clearly write that this is about email providers, not names.
@donshakespeare
My rule is *@*.*.*
So far it has banned 5000 invalid users from spam domains matching that pattern.
2 were valid.
Those two valid users had *@yahoo.co*.*
If I could whitelist *@yahoo.co*.*, that would be great.
"a distinct subset of the Internet with addresses sharing a common suffix or under the control of a particular organization or individual."
You want to whitelist the subset of common suffix, which is a domain or part of its name, not the organization or individual which is providing said domain.
I have not tested this and do not know if it works "as is" with the current vf version but it is a start.
@Newtex Can you provide a sample of that pesky email being used by bot?
By now I haven't understood how that rule is applied. A plugin for such a purpose would be short:
That "magic" there could be a preg_match and the whitelist could be written in the config to make it flexible:
$pattern = Gdn::config('Plugins.SomePlugin.WhitelistPattern').
If you put also that blacklist into a config setting, that would make a decent plugin.If you prefer to ban such users instead of hindering them from registration, you could use the afterRegistration event instead.