Why use this service? A respectful and thoughtful question/debate #872
Comments
|
I don't know about domain blocklists being "popular" but they are extremely valuable and important for keeping spammers under control. Disposable domains do have a purpose and I personally use them regularly (multiple times per week). That being said, the reason that I use this list is because spammers create dozens of disposable emails per day to comment on my site. Without this list the only alternative is to turn off comments entirely which is obviously not ideal. |
Thanks for the reply @Paxamime. This ended being discussed more in #846 I understand the desire to reduce comment spam, but wouldn't comment moderation be a more appropriate tool for the job? |
|
Our site receives close to 10,000 spam messages per month from authenticated users. There is no way to moderate that without a significant amount of cost. |
I'm trying to understand the legitimate use cases for a list like this. It seems to me that the costs of using a list like this would far outweigh its benefits, but maybe I'm missing something? Below are the pros/cons I've thought of for using this list, based on the assumption that users of this list aren't evil spammers and email recipients are using a cloud based email service (I use gmail in my examples, but any cloud service like hotmail would work equally well and most of these arguments would also apply to traditional fat email clients).
Note this list is named "disposable-email-domains" but it actually contains more domains than that. In addition to domains are used for temporary (disposable) email addresses it also contains email forwarding domains. A temporary/disposable domain contains email addresses that exist only for a short period of time. A disposable domain allows their users to easily/quickly create email addresses that have a temporary lifespan (hours, days or # of emails forwarded). The user of this email address most likely has no-intention of checking this email address again after the initial sign-up.
An email-forwarding domain works similarly to some temporary domains in that it makes it easy for users to create multiple email addresses. Unlike a disposable email address, these users generally intend on using their forwarded email address forever. The reason the forwarded email service is used to allow the user to turn off email addresses if they fall into the hand of spammers (or the service they signed up with doesn't honor their later opt-out request). Another overlapping reason is that many users of these email forwarding services care strongly about their privacy and want to remain private by not using a single email address with multiple services. Unlike many disposable email addresses providers, most email forwarding services are paid services.
So with my definitions of email forwarding services out of the way I can finally get to the reasons I've thought of to use this list:
The first reason seems like the most legitimate to me, however I suspect this doesn't occur often. While this does make it more difficult for a single person to create more than one account it's certainly not foolproof (I'm not aware of any limit of the number of gmail addresses I can create an use for example). So for this reason to make sense you must be running a service that is both big enough to care about users creating a lot of accounts and also small enough that they don't care about more sophisticated users/attackers that could use other (non-disposable email address) methods of creating multiple accounts. For example, I know Facebook doesn't depend on blocking disposable email addresses as a way of blocking account creation. Are there really a lot of business/services that fall into this category?
At the first glance reason 2 may seem legitimate for a business like an email newsletter that makes its money based off advertising/traffic from people reading/receiving its newsletter. However users have other ways to stop receiving your email like:
IMHO reason 3 is an invalid reason to use a disposable email address list. As illustrated with my reason 2 counter-arguments its impossible to ensure a user even receives your email, so reading is that much more difficult. To ensure someone reads your newsletter you must require some action from the users (click a link, reply with a code they read in your newsletter, etc.). This has nothing to do with blocking certain types of emails.
So I see a narrow use case for reason 1 with disposable/temporary email addresses, but why would anyone want to block a privacy focused email forwarding service like SimpleLogin?
There are also email forwarding services that blur the line between disposable email addresses and privacy focused email forwarding services. SpamGourmet for example is dedicated to avoiding spam and its email addresses are temporary (20 forwards) by default. However it also allows you to easily make a forwarded email address permanent by whitelisting email addresses and/or domains.
I would think that the risk of your emails not reaching legitimate users (that care about privacy and not getting spammed) would outweigh the risks of someone using a disposable email address for most companies/services. I know when I encounter a company or service that won't accept my email address I usually stop trying so use that service or sign up with a junk gmail account I never check.
So what am I missing? Why are these email domain blacklists so popular? And why do they contain email forwarding domains (and not just disposable email domains)?
The text was updated successfully, but these errors were encountered: