After user registers, i send an email with a guid link which user clicks to validate the registration. So it confirms the email exists, but how does that help fight spammers? Cant bots 'click' same link back to the site and validate registration just the same? Its late, maybe im missing something.
+2
A:
You're right, it doesn't prevent spammers. All it does is create another obstacle for users trying to use your site/service/app. Is that something you really want? You should be removing obstacles, not creating them. It sounds like you're solving a problem you don't even know you're going to have or not.
John Sheehan
2009-02-28 06:33:13
so why does anyone bother with such validation?
zsharp
2009-02-28 06:37:25
Because they don't care about their users. At scale, it might be necessary. But getting popular enough to need something like this should be your first priority and one way to deter getting popular is to be a pain in the ass for potential users.
John Sheehan
2009-02-28 06:38:58
And users just love being able to enter in other peoples emails to sign them up to get mails from companies. It isn't to make it a pain in the ass... it is to stop people from being a pain in the ass to other people.
TofuBeer
2009-02-28 07:24:53
Again likely only a problem if you're popular. Focus on the popular problem first
John Sheehan
2009-02-28 07:41:40
+1 I firmly agree with this - there is no need at all to verify email on sign-up, unless you are planning on sending a bunch of emails to that address and don't want to be accused of spam. Sending a courtesy email on signup is ok.
thomasrutter
2009-02-28 11:46:06
+6
A:
It makes sure that the user is the actual owner of the e-mail address. You don't want them to enter in just anyone's e-mail address and start having messages from your site e-mailed to random people.
yjerem
2009-02-28 06:36:07
+8
A:
It verifies:
- the user has typed their e-mail correctly (since this is the only way you have of contacting them, lets get it right)
- the e-mail address exists
- it is owned by the person requesting the page
Indeed - it doesn't prevent bots from accepting e-mails from their own e-mail account, but it stops them accepting e-mails from my account... this in turn keeps you out of the legal quagmire of being accused of spamming some random Jo. Everyone wins.
Marc Gravell
2009-02-28 06:43:02
A:
It all depends on how much you think your users will tollerate.
If you running an online store you want to minimize the number of roadblocks along the way or the user may drop out prior to completion of a purchase.
If it is an online forum or similar then the user may be open to going through more hoops.
If its a free online newspaper that requires validated registration to simply read, people may just go elsewhere instead of bothering.
You need to balance what the user will tollerate with the site needs and offerrings.
schooner
2009-02-28 11:32:26
A:
I have a gmail account with a short user name and am often getting email not intended for me, often sensitive stuff like password data or shipment IDs. This happens because some people simply don't know their own email address. If there was some email verification, I wouldn't have to suffer this and their privacy would be preserved.
flodin
2009-02-28 11:42:30