Registrations should require a valid email address and temporary/disposable (e.g. temp-mail.org ) email services should be rejected.
Note this should not be implemented as a whitelist; “obscure” email services such as Protonmail, Tutanota and personal email servers should be allowed.
Pros:
- Cuts down on the number of trolls attempting to register, reducing load on mods and admins.
- Improves our standing with other instances.
- Ensures users have the ability to reset their password.
Cons:
- Has privacy concerns - people may not want to associate their email address with everything.
- Users may not (and perhaps should not have to) trust the admins of this instance with their email.
- May not be supported well by Lemmy, and/or require a blacklist that needs updating.
Aye and nay in the comments, please.
What problem do you want to solve by disallowing anonymizers/disposables but allowing other email providers where users can create and delete aliases at will?
Edit after discussion about captchas: Nay
So I guess it comes down to ease. With anonymizers/disposables, you instantly have an email address once you open the page. With other email providers, you typically need to go through a registration process, often with a captcha. Time to spin up is slower.
Doesn’t defeat everybody or make it impossible to make multiple troll account, but ends up costing a bit more effort. The less convenient it is to do, the fewer people will bother.
Though someone else’s comment here re: there being something of an arms race finding non-blocked temp mail providers is valid. How much effort is required to keep up?
So… What you really want is a captcha on the registration page of this instance? Fine by me.
So we already have that. What I mean is an additional layer by requiring email addresses that have a more cumbersome registration process (not all that cumbersome for a legit user, cumbersome for someone trying to flood an instance).
Anyone can make a couple hotmail (for example) accounts, but it’s a bigger pain in the ass than going to a temp mail site and getting a ton of inboxes going. Effort v. Incentive is the idea here - if you’re a troll just trying to disrupt for the sake of disruption, if it takes you 5-10 minutes per account creation attempt from start to finish, you’re probably going to focus your efforts on something faster to spin up. A latched door prevents opportunists and all that.
Does it stop everyone/the most dedicated trolls? No. But it narrows the funnel.
Edit to acknowledge after reading more of this thread and thinking about it more, I’ve voted Nay - let’s see if the instance CAPTCHA is a sufficient barrier for this purpose first.
I really feel like it’s just too easy to whip an email together with Gmail for this to have much impact. I like the goal here but I think we would need to find a different solution.
The effort is placed on the wrong people when trying to maintain a blacklist of emails.
Maintaining a blacklist is lots of effort for the admins.
The normal users we want to join are inconvenienced.
The spammers are using automated tools, so they don’t have any burden and get in anyway.