Email on signup

[skid9000]

Hello,

i'm dealing with a lot of spambot coming to our misskey instance, the obvious response would be "use re/hCaptcha" which i would respond no because the ethics of this instance isn't compatible with theses 3rd parties tools.

So is it possible to get the option as an admin to require new users to provide an email address and verify it ? (the instance send an email with a token, etc...).

Obviously some bots are sophisticated enough to pass that check but that's better than nothing.

[okpierre]

@skid9000 go to www.example.com/instance/settings and configure email server configuration and smtp server configuration

[skid9000]

hm, yeah it's configured, but that doesn't solve my issue :thinking:

[kazu0617]

If the bot server and the mail server are hooked up, I don't think it would work because they could be breached at that point. You can create countless email addresses as long as you have a server... I don't think it is necessary to remove Capcha, even signing up, just for third party tools.

[skid9000]

This issue has been fixed, i've forgot to close it.

You can create countless email addresses as long as you have a server...

I litteraly said in my first message :

Obviously some bots are sophisticated enough to pass that check but that's better than nothing.

I never said this would fix spambot issues entierly, but it would reduce it. (which is better than nothing)

Also just for info, both hCaptcha and reCaptcha are illegal to use in Europe due to GDPR and schrems II (which prohibits the use of software made by USA companies), so for European instances manager, it is a legal necessity to be able to disable them.

Unless there is an alternative made by an European company which would be implemented by Misskey, there is no other legal solution to solve the problem entierly.