this post was submitted on 09 Feb 2024
89 points (88.7% liked)

Programming

17364 readers
152 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev



founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] hansl@lemmy.world -4 points 9 months ago (3 children)

There are also cases where you want to have a disallow list of known bad email providers. That’s also part of the parsing and validating.

[–] Tramort@programming.dev 24 points 9 months ago (2 children)

It's a valid need, but a domain blacklist isn't part of email parsing and if you conflate the two inside your program then you're mixing concerns.

Why is the domain blacklist even in your program? It should be a user configurable file or a list of domains in the database.

[–] Black616Angel@feddit.de 1 points 9 months ago

You are right in that it isn't (or shouldn't be) part of the parsing, but the program has to check the blacklist even if it's in a database.

[–] hansl@lemmy.world 1 points 9 months ago

We were discussing validation, not parsing. There’s no parsing in an email. You might give it a type once it passes validation, but an email is just a string with an @ in it (and likely some . because you want at least 1 TLD but even that I’m not sure).

[–] pkill@programming.dev 9 points 9 months ago* (last edited 9 months ago) (1 children)

fuck any website that requires an account to just READ it's stupid content and at the same time blocks guerrillamail/10minutemail (looking at you, Glassdoor,I don't want to get fucking spam just so that I can check approximate salary in a company)

[–] hansl@lemmy.world 3 points 9 months ago

Sounds like your gripe is with people requiring accounts for reading public content, and not with preventing usage of automated email creation and trying to limit bots on your website.

[–] ono@lemmy.ca 1 points 9 months ago* (last edited 9 months ago)

disallow list of known bad email providers.

Imagine giving someone your phone number, and having them say you have to get a different one because they don't like some of the digits in it.

I have seen this nonsense more times than I care to remember. Please don't build systems this way.

If you're trying to do bot detection or the like, use a different approach. Blacklisting email addresses based on domain or any other pattern does a poor job of it and creates an awful user experience.

(And if it prevents people from using spam-fighting tools like forwarding services, then it's directly user-hostile, and makes the world a worse place.)