Registrations should require a valid email address and temporary/disposable (e.g. temp-mail.org ) email services should be rejected.
Note this should not be implemented as a whitelist; “obscure” email services such as Protonmail, Tutanota and personal email servers should be allowed.
Pros:
- Cuts down on the number of trolls attempting to register, reducing load on mods and admins.
- Improves our standing with other instances.
- Ensures users have the ability to reset their password.
Cons:
- Has privacy concerns - people may not want to associate their email address with everything.
- Users may not (and perhaps should not have to) trust the admins of this instance with their email.
- May not be supported well by Lemmy, and/or require a blacklist that needs updating.
Aye and nay in the comments, please.
Nay
Anonymity, as a general rule, is something we should work to get back. Email is just one small hurtle to overcome in a registration process, sure, for both good and bad actors. It’s not a way of screening bad actors (human or bot alike).
A captcha, combined with an application with a list of manually reviewed questions if needed, would be best if bots and bastards become a problem. I wonder if there would be a good way of delegating the review process to volunteers.
Perhaps provisional approval, followed by posting in a welcome/introduction thread? Anyone failing to post or who gets their post downvoted is purged?
Nay After reading other comments here, I went nay because it seems we have recently added a captcha. I am one of the people who was attracted to this server because it didn’t require an email signup. Im not a troll, I’m just privacy minded.
Privacy minded people are good to have on a server because we will actively protect our privacy and report to other users of the platform when it becomes invasive. People who ‘dont care’ and willing throw their email in anywhere aren’t always superior contributors to privacy-minded folks who are careful where they interact on the internet.
edit: I am coming back to possibly change my vote to ‘yes’ or to at least ask about other options after reading this post about bots defeating the captcha / new versions of lemmy possibly not supporting it https://sh.itjust.works/post/277350
I also want to say in general that I would not be adverse to TheDude having a strong voice / opinion in the implementation of technical details like this where they may understand more or have more experience than the average user of a social network.
Nay. Too many of our members are here with one of the driving reasons being that we do not have an email requirement. The privacy concerns alone in the Cons list is enough to warrant extreme caution.
Aye, especially if voting here influences the future of the instance. Maybe voting should be only allowed if the user is verified?
Nay. Trolls will troll. I’d rather add a captcha to make it harder for bot level trolling.
Aye
Nay
I’d rather Lemmy reimplement a captcha system or something more effective. Like others have said, it’s just too easy to circumvent a blacklist, not to mention using email aliases. Hopefully the API gets locked down so there won’t be any way to create an new account through it, but until those things happen the only ways to safeguard the signup process are manually reviewing user signups, which is unrealistic at scale, or whitelisting email domains, which is also problematic to put it mildly.
+1 for captcha. Are there any open source captcha providers?
What problem do you want to solve by disallowing anonymizers/disposables but allowing other email providers where users can create and delete aliases at will?
Edit after discussion about captchas: Nay
Nay - trolls will always find a way to circumvent all but the most locked down instances. Additionally being able to register without an email allows users who live in authoritarian countries where our kind of content would be illegal to participate more safely. The real solution is to defederate with the most abusive instances and moderate our community as needed.
Nay
If bots become a significant problem I don’t mind if we implement it but we’re just not there yet.
Nay, if we do blacklist we’ll end up with not solving the problem for additional resources - trolls will find temporary email nobody banned in minute or two. Trolls will troll, and if we will just waste resources on pretending we solved the problem, there would be less resources to actually ban trolls.
I don’t think that’s the correct way of thinking either. People still break laws irl, does that mean laws in general are useless? Of course trolls will find obscure temp email services, but by banning the main ones, even just from the first page of a Google search result, would deter a significant amount of bad actors. Makes modding this instance just a bit easier.
Plus, I don’t think implementing a blacklist is even that hard on the coding side. Though I have no idea how Lemmy works so YMMV.
Nay
Nay. I’d much rather use an invite system than try to blacklist emails.
deleted by creator