gmailnator.com - change of logic required #297
Comments
|
@michield It seems more complex than this. Try generating more addresses; they have a variety of different types. I don't know if you could reliably block most of this, but I do notice that most of their usernames that use the '[email protected]' format have 'tmp' at the end of the 'XXXX' part, e.g. So not sure if this library can do it, but a custom solution could create a heuristic to check for |
|
Actually if you use https://www.gmailnator.com/bulk-emails and generate the full list over and over, clean it up by removing all the '+YYYY' parts and all the dots ( |
|
Yes, considering they offer a mailinator like service, which allows you to read the mails for a short while, they must have a fixed set of mailboxes set up on Gmail that they pop. Some spidering tool could just fetch them all. |
|
Why don't you just disallow emails that contain "+"? This would fix all of it and also the possibility to mass create accounts with the plus trick. |
|
It's not a bad idea at all for signup. Some services may already have valid users registered with that format though, so if they do mail-checking in bulk post-signup, this wouldn't work well. |
|
Closing because it had no updates. |
PR #289 adds the gmailnator.com domain
However, looking at gmailnator.com, the problem is that they create gmail addresses.
So, the logic would need to change. Eg they generate
[email protected]
which means that [email protected] needs to be blocked.
They are using the gmail-+ trick: https://gmail.googleblog.com/2008/03/2-hidden-ways-to-get-more-from-your.html
The text was updated successfully, but these errors were encountered: