Block All Variations of a Google Address

We encourage users to post events happening in the community to the community events group on https://www.drupal.org.
mlncn's picture

Google lets you put any number of periods in your gmail address, and it ignores all of them when receiving mail for you.

Try it; it's fun!

Spammers have taken advantage of this, unfortunately, to spam more and more easily.

If you see a Gmail address with about as many periods as letters, it is probably a spammer. If that address turns up twice, differing only by the number or placement of periods, it is pretty certainly a spammer.

Wouldn't it be nice if blocking one such address prevented any others from registering? If there isn't already a module for that (or almost that?), i'll make one.

This module does not automatically block registration with such addresses, but once you block one address, it will block any more from registering.

The only existing modules i can find in the general idea space, searching the web and d.o for drupal module block all variations of google address and block email from registering, were not suitable for extension.

This would be a Drupal 7 module, though i would welcome patches to backport it.

Background: Notes and links related to blocking gmail address variants.

Am i wrong? Is this out there already, or an appropriate module to offer a patch to?

Comments

2 Modules come to mind

mikeytown2's picture

http://drupal.org/project/email_verify
http://drupal.org/project/duplicatemail

Never tried them but they might do it; or accept a patch that will do it

How to do it

mikeytown2's picture

I think this will work:

hook_user - insert
check $account->mail for gmail account
if gmail, strip all periods before the @
strtolower the whole thing
user_save

have a batch process that does this when you install the module; to scrub your old data.

duplicatemail has that issue

ilo's picture

duplicatemail has that issue open already for months..
http://drupal.org/node/792276

In Drupal 6 you could block

megan_m's picture

In Drupal 6 you could block certain email addresses through the Access Rules interface. We have been doing this to block any emails that match the pattern %.%.%.%.%@gmail.com (you decide how many separators you want to allow - there could be legitimate reasons for this). This was removed in 7 - here's a thread that explains why (I haven't read the whole thing):

http://drupal.org/node/228594

What we really want here is to prevent these users from registering. I don't know about you, but I don't care if they can see the site as long as they can't register and post anything.

Looks like the user restrictions module replicates this functionality ?? Has anyone tried it? If it works the same way as the D6 access rules I suppose it would have the same performance issue if it's running on every page load. It would be nice if maybe that module would allow you to check this just on registration.

Use spambot

AFowle's picture

I run a small handful of sites using Drupal's multisite, all from the same IP address. Updating the access rules for all sites when I have been hit on one was tedious. Using the spambot module, which only requires configuration once on each site solved the problem (mainly). I used a single API key to register all the sites on one account at stopforumspam. I know that there are other, similar modules.

Combating Spam and Bots

Group organizers

Group categories

Modules

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: