Making WordPress.org

Opened 5 weeks ago

Last modified 5 weeks ago

#7337 new enhancement

Enhancement: Create 'allow list' for domains to register on .org

Reported by: ipstenu's profile Ipstenu Owned by:
Milestone: Priority: normal
Component: Login & Authentication Keywords:
Cc:

Description

Now that we have a lot of great tools to help lessen the spam drama on .org with new registrations, we have a new issue.

Sometimes legit companies get caught.

Like automattic.com :D

We have a section for 'banned email domains' and I think we need one for 'allowed email domains'

After all, even if someone makes a fake account with (say) @realcompany.com, they won't get the link to log in because it's sent via email!

It would allow us to permit domains and save a bit of manual effort.

Change History (3)

This ticket was mentioned in Slack in #meta by courtneyengle. View the logs.


5 weeks ago

#2 @Otto42
5 weeks ago

Pfft. You can never trust those automattic.com people. 😉

The only question I have is how much does it actually help us with the registration checks, as in do we get a lot of say those automattic.com emails in the pipeline that get blocked? Some statistics may help here.

Adding an allowlist may be simple to do, but would it be helpful, really? I mean statistically, given that most blocked emails I've seen are gmail ones.

#3 @Ipstenu
5 weeks ago

Not a huge amount for automattic specifically, but pretty much every SEO company gets flagged (because spammers love SEO). Most of the banned DOMAINS are those disposable ones. I wasn't even thinking about the individuals.

Note: See TracTickets for help on using tickets.