电子邮件验证
[英]Email verification
问题描述
I'm creating a newsletter subscription app.
我正在创建一个时事通讯订阅应用程序。 I want to implement email verification to prevent spam/bot signups (well, at least so I can delete them afterwards).我想实施电子邮件验证以防止垃圾邮件/机器人注册(好吧,至少我可以在之后删除它们)。 I've been struggling with confirmation key but though of a simpler solution:我一直在为确认键而苦苦挣扎,但有一个更简单的解决方案:
- User clicks submit -> is inputed into database (verified = 0)用户点击提交 -> 被输入到数据库中(验证 = 0)
- User receives generic email ("Click me to verify") -> Verified page (verified = 1)用户收到通用电子邮件(“单击我进行验证”)-> 已验证页面(已验证 = 1)
Would this work?这行得通吗? Are there any potential issues which might come up?是否有任何可能出现的潜在问题?
5 个解决方案
解决方案1
1 已采纳 2013-08-07 17:54:16
If your problem is Spam Bots, you should use CAPTCHA: http://www.google.com/recaptcha This will help you against most of them.如果您的问题是垃圾邮件机器人,您应该使用 CAPTCHA: http : //www.google.com/recaptcha这将帮助您抵御大部分垃圾邮件。
Your solution is good, if you want to prevent random user using the site, the problems that it solves is that user must put some effort in to it.你的解决方案很好,如果你想防止随机用户使用该站点,它解决的问题是用户必须付出一些努力。
Also if you want to save some bandwidth, you can realy go in to email checking: http://www.serviceobjects.com/blog/hot-topics/email-validation-whitepaper/另外,如果您想节省一些带宽,您可以真正进入电子邮件检查: http : //www.serviceobjects.com/blog/hot-topics/email-validation-whitepaper/
Hope it helps希望能帮助到你
解决方案2
1 2013-08-07 17:54:56
you keep captcha protection, it will reduce the bot attacks by many times.你保持验证码保护,它会减少很多次机器人攻击。 And the solution you choose is totally fine.您选择的解决方案完全没问题。
解决方案3
0 2013-08-07 17:24:44
That seems like a fine solution.这似乎是一个很好的解决方案。 Then test to make sure the user is verified before sending.然后进行测试以确保用户在发送前已通过验证。
解决方案4
0 2013-08-07 17:28:07
是的,这是很好的电子邮件验证解决方案,但不能解决垃圾邮件机器人注册的问题。
解决方案5
0 2019-04-12 22:03:40
Yours solution is good, but you will send email before validation.你的解决方案很好,但你会在验证前发送电子邮件。 It's not always good.这并不总是好的。 If I want to abuse your system I just can submit lots of nonexistent mails to yours registration form.如果我想滥用您的系统,我可以向您的注册表提交大量不存在的邮件。 And you will be blocked from main email services.您将被阻止使用主要电子邮件服务。 To prevent it you can do email verification before sending email, at least you can check MX records existence or you can integrate with external email validation api .为了防止它,您可以在发送电子邮件之前进行电子邮件验证,至少您可以检查 MX 记录是否存在,或者您可以与外部电子邮件验证 api集成。 Anyway - you should check email address before sending to avoid bounces.无论如何 - 您应该在发送之前检查电子邮件地址以避免退回。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.