IT.COM

Banning Free eMail Accounts - Code Needed

NameSilo
Watch
Impact
11,335
I need some code for my registration form which prevents free email accounts from signing up. I actually want to only ban msn/hotmail/outlook/live email accounts (because their servers are always on some blacklist), but it would be interesting to see some code banning most free email accounts.

I'd also like to ban all those temporary email accounts.
 
0
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Their is no real good way of doing this as you would manually need to add new temporary email domains.

But it could be something like this.

Code:
function emailcheck($email) {
$blacklist = array(
"hotmail",
"outlook",
"live",
"msn",
"gmail"
);

$email_split = explode('@', $email);
$email_domain =  explode('.', $email_split[1]);

if (in_array($email_domain[0], $blacklist)) {
	return TRUE;
	} else {
	return FALSE;
	}
}

if(emailcheck('[email protected]')) {
echo 'Blacklisted!';
} else {
echo 'Safe';
}

If you wanted to expand the list you could can just Google for them essentially.

https://gist.github.com/adamloving/4401361
 
Last edited:
2
•••
Could the blacklist array hold over 500 variables without any problems? Or is there some better way to make the array by having some hardcoded, like in your example, and the rest coming from a list? Would this best be handled by two routines? One for the free accounts and one for the temporary list at github. It would seem more natural to include the extension, at least for all those temporary addresses, even if it does increase the size of the array

---------- Post added at 01:56 PM ---------- Previous post was at 01:26 PM ----------

I actually like not using the extension for the free email accounts because that takes care of any regional country variations.
 
Last edited:
0
•••
Could the blacklist array hold over 500 variables without any problems? Or is there some better way to make the array by having some hardcoded, like in your example, and the rest coming from a list? Would this best be handled by two routines? One for the free accounts and one for the temporary list at github. It would seem more natural to include the extension, at least for all those temporary addresses, even if it does increase the size of the array

---------- Post added at 01:56 PM ---------- Previous post was at 01:26 PM ----------

I actually like not using the extension for the free email accounts because that takes care of any regional country variations.

It shouldn't be an issue having that many items in the array, 500 isn't really large in the grand scheme of things.

That's actually the reason I parsed the domain out, the odds of a cctld or another tld in the list being used by someone signing up is most likely insignificant .
 
0
•••
So you are suggesting I add all those github temporary domains to the blacklist array rather then call them from a file? Wouldn't it be better from a file because when it changes I only need to add to the file and not change the code?
 
0
•••
So you are suggesting I add all those github temporary domains to the blacklist array rather then call them from a file? Wouldn't it be better from a file because when it changes I only need to add to the file and not change the code?

You could do it whichever way you like the most, performance wise it won't matter.
 
0
•••
WHMCS is doing this already. :)


reference:
http://docs.whmcs.com/Security/Ban_Control
Banning Email Domains

With WHMCS it is possible to ban email domains from signing up. This is useful if you want to block customers signing up using free email accounts.

To enable this feature, simply go to Setup > Manage Banned Emails. You will then see a list of all the currently banned email domains and the number of times a customer has attempted to signup using them.

To add a new banned email domain, click the Add tab at the top of the page and then enter the email domain you wish to ban, for example "hotmail.com".
Auto Ban Control

WHMCS by default blocks any users IP who attempts to login to the admin area with a valid username and incorrect password three times or more. The length of this ban by default is 15 minutes and is designed to prevent hackers being able to endlessly try different password combinations in order to gain access to your admin area. You can however alter the length of this ban to increase or decrease it by going to Setup > General Settings > Other tab > Exceeding Invalid Login Attempts Ban Time
 
0
•••
WHMCS is doing this already. :)


reference:
http://docs.whmcs.com/Security/Ban_Control
Banning Email Domains

With WHMCS it is possible to ban email domains from signing up. This is useful if you want to block customers signing up using free email accounts.

To enable this feature, simply go to Setup > Manage Banned Emails. You will then see a list of all the currently banned email domains and the number of times a customer has attempted to signup using them.

To add a new banned email domain, click the Add tab at the top of the page and then enter the email domain you wish to ban, for example "hotmail.com".
Auto Ban Control

WHMCS by default blocks any users IP who attempts to login to the admin area with a valid username and incorrect password three times or more. The length of this ban by default is 15 minutes and is designed to prevent hackers being able to endlessly try different password combinations in order to gain access to your admin area. You can however alter the length of this ban to increase or decrease it by going to Setup > General Settings > Other tab > Exceeding Invalid Login Attempts Ban Time

This is only in relation to WHMCS and not something non-related like a custom script, forum, wordpress, etc

Unless I'm misreading something on that page?
 
0
•••
Depending on your needs, you could cost yourself some business by implementing this.

I have numerous business sites, but I still use hotmail, yahoo and gmail for my email needs. I just find it easier. I can't be the only one.
 
0
•••
I know. But at the same time about 90% of the people who sign up with these free accounts (excluding gmail) are just freeloading and contribute nothing. Those who sign up for temporary accounts are 100% freeloaders. So it's a toss-up. I might add that this is not a business website.

I exaggerate a tad when it comes to MSN Accounts. But the problem with them is their servers are always being blacklisted. Which plays havoc with the sign-ups as well as any newsletters sent.
 
0
•••
Back