remix logo

Hacker Remix

Ask HN: How to Block Spam Mails?

5 points by mpaepper 2 days ago | 8 comments

For my SaaS, a lot of fake accounts are created which seem to be automated bots from @mail.ru @bk.ru @list.ru etc domains.

Now of course I could set up a manual block list or so, but I was wondering how you are doing it?

Is there an existing service or at least a good block list that I can already use?

Thanks!

[Edited for clarity]

curious_curios 2 days ago

Put your site behind cloudflare with geo and bot blocking should eliminate the vast majority of them.

mpaepper 2 days ago

Yeah, Cloudflare is a good idea, that should probably help block them before even getting to the site.

Bender 2 days ago

This is not an answer to your question but existing sanctions should allow you to configure your application to reject any email addresses that use the .RU TLD. Not a long term fix but may buy you time to configure restrictions on the front end whichever direction you decide to go.

joey_spaztard 2 days ago

For clarity:

Do you mean "I want to block incoming spam email to my email addresses" or "I operate an email mailing list and I want to block bots from joining the list" ?

mpaepper 2 days ago

I mean I run a SaaS and get many fake registered users / bots.

What I did for now is:

- Added a honeypot field (invisible to users, but bots might fill it) -> if it's filled, instant reject - Added a check for spammy domains -> if it's from such a domain, instant reject

ATechGuy 2 days ago

Honeypots may be skipped by bots. My simple solution to this is to create an input/text field in the account creation form, add a placeholder text "I am human" and ask the user to enter what they see (i.e., placeholder text). I've never received any fake/spam account since I incorporated this technique.

ciwolex 2 days ago

This is smart. Are there scenarios you've noticed that it doesn't work?

mpaepper 2 days ago

I've just added it :D

But I would guess that there will be new domains that I don't have in my blocklist and then I need to add them again and I would like to have this as a crowdsourced effort.