How can we improve Mailgun's Validation service?

← Validations

Provide security from e-mail validation abuse

Provide improved security from abusive/malicious/duplicate e-mail validations. currently the mailgun system is setup to accept validations without any checks or limits (other than your monthly limit set in your account). A malicious user or failure in code could generate hundreds or even thousands of duplicated e-mail validations without warning and mailgun would expect payment for these validations. The end result is you could be paying for e-mail validations that some malicious person generated or from some unknown failure on your web server. Currently Mailgun makes it difficult to determine where the abuse / trouble is coming from since there is no log reported for e-mail validations. The log is not the only answer, Mailgun needs to offer protection of duplicated requests much like a credit card does for duplicated transaction.

3 votes
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Danil Smirnov commented  ·   ·  Flag as inappropriate

    I would suggest two relatively easy-to-implement improvement on the validations security:

    1) Allow users to define allowed Referer header value and then drop requests with different value

    2) Introduce daily limit in addition to the monthly one, which will further mitigate the abuse threat

    Please vote for this!

Validations

Categories

Feedback and Knowledge Base

(thinking…)