Support

Pre-sales

#26963 Feature suggestion: Admin Tools - Blocked email domains - reverse list

Posted in ‘Pre-sales and Account Questions’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

joomlaboy
Hello,


it would be nice if we could use this Admin Tools feature: "Blocked email domains" for the registration as an include list (reverse the current functionality) so we can only allow certain email domains.

nicholas
Akeeba Staff
Manager
I suppose the use case is only allowing people from a certain organization (e.g. college or company) to self-register an account. This can be done sideways by requiring admin approval for accounts or writing a script which runs periodically and blocks accounts with emails coming from other domains. It's not a security / anti-spam feature, it's a business policy feature. As such it has no place in Admin Tools.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

joomlaboy
I didn't see this feature and thought oh great I will build my business policy to allow only users of my organization to register. I didn't have any business policy in mind.

I was messing with it and just thought that it would be handy if it was possible to allow only certain email domains to register and block any other registration attempts - especially since the opposite of this feature is already there.

At the other hand, even if we look at it from a business policy point of view, it can still still be considered a security feature to some extent.

And in any case, to the grade excluding some email domains is a security feature, I don't see why including only some isn't the same.

Cheers

nicholas
Akeeba Staff
Manager
Excluding (blocking) some known spammer domains is a matter of spam prevention. If I know that scammyspammer.eu is a nefarious operation which employs cheap labor to register to sites and post comment spam then it makes sense to block user registration from that domain name outright.

On the other hand, how the heck is it an anti-spam measure if I only let people from goodguys.eu register a user account? What about people with an email from honestgentlemen.co.uk? Or polykalapaidia.gr? Adding dozens or hundreds of domains in a whitelist sounds like you need to think about your anti-spam policy a little more.

The only valid domain white-listing has NOTHING to do with security and EVERYTHING to do with a naive, dangerous and bad implementation of business policy. If you think really hard about it you will see that in all those cases you thought whitelisting makes sense you are either confused (and better off with a blacklist of spammy domains) or you were looking for a CRM or a controlled registration system (think about JomSocial, Community Builder or even subscription software which only allows you to subscribe if you use a coupon code).

However, I will assume you have a valid use case. Let's hear what is your use case. Why do you need this feature?

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: Typically we work Monday to Friday, 9am to 7pm Cyprus timezone (EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets, but we cannot respond to them, outside of our working hours.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!

Summer vacations: Our support will be closed for replies and new tickets from August 6th to August 21st, 2022 due to summer vacations.