isaiah
commented
11 years ago If I understand you right, being able to check if an email address is registered on this site is not a problem, no?
Open klondi opened 11 years ago
isaiah
commented
11 years ago If I understand you right, being able to check if an email address is registered on this site is not a problem, no?
hwoarang
commented
11 years ago To be honest I don't understand the problem...
klondi
commented
11 years ago It is a problem, a spammeer can just check which addresses on his list are registered and which not and use that to target spam and phising attacks.
It may also be considered an issue under European data protection laws.
It's possible to use this form reply on wether an e-mail is or not on the DB to check which e-mails of those on the list are in it. This can be fixed by sending the same reply always.