Block free email accounts from submitting form - spam-prevention

I am having issues with spam form submissions. I set up a honeypot but are still receiving spam via free email accounts. Whats the best way to stop free email accounts ( gmail.com , yahoo.com, hotmail.com ..etc) from being captured by my form.
Thank you!

Related

Disconnect Salesforce before disconnecting the associated email address

I am trying to disconnect one of my email addresses (a corporate address) from my personal Trailhead account.
a) From https://trailblazer.me/settings?lang=en_US and then...
b) From section "EMAIL ACCOUNTS Manage your connected email accounts", when clicking the button "Disconnect" next to the corp. email address I want to disconnect, Salesforce shows me this red message:
I have disconnected any Salesforce Account and I have even tried to perform the disconnection of the email address from a different laptop but I am getting the same above mentioned red message again.
How can I get over this red message and effectively disconnect the corporate address? Should I perhaps wait 24 hours?
Thank you very much.
Answer from Salesforce Team which has resolved the issue:
Thanks for getting in touch with the Trailhead help team.
You have two salesforce orgs connected to the trailhead. Please check
any of the salesforce org use the email id which you are trying to
disconnect. If yes, please disconnect that org before you try to
remove the email id.

Validate user registration with firebase

I am new to Firebase. I have a custom subscription page with email and password.
In the webApp I am working on, I would like to send an activation email every time someone subscribes. However, I would like this email to be sent to an administrator instead of being sent to the user itself.
I do not want the users to activate their accounts, but an administrator, who does not know anything about programming.
Is there an easy way with firebase to do such a thing?
Thank you!
PS: I am using firebase with ReactJS, if this helps :-)
Firebase has an example of sending emails through Gmail. Please see the link. You can store and read the administrator email address in the firebase db. In the email to the administrator, you direct the admin to click the link to your webapp to activate the user.
https://github.com/firebase/functions-samples/blob/master/quickstarts/email-users/functions/index.js

Block spam emails in cake php website - mandrill

I have this listing site built up in cake php. The site has profile pages containing contact forms to contact these profile owners. I have integrated mandrill to this site to manage email notification sendings.
If a general visitor contact the profile owner then email goes to three people
To the Profile owner
To the site Admin
To visitor as well.
Now the problem is certain domains are continuously trying to send spam messages to my clients.
I have tried following to block these emails:
From Mandrill Settings, I have blocked these emails. This method works
perfectly in blocking all 3 emails initiated by spammer's email but then I
cannot block such emails all the time, as this doesn't block whole domain.
In mandrill Outbound, I have set up Rules to block emails which contain spammy content. But then I can only prevent email sending from my site to these emails and NOT what these email addresses send to my clients. As this only work for outbound emails and not inbound emails.
I have also added math captcha tool (as mandatory obviously) in the forms.
The site is hosted on Linux server. is there any way to prevent these spam emails by setting some rules like
if the email address or body contains words like 'seo, promotion..'
then Reject email
So it will block all such emails:
seo#example.com
abc#seo.com
a.bc#hostsite.com
Thank you for reading and sorry if I am confusing you.
Any help would be appreciated.

Email confirmation best practices for mobile apps

So I'm writing a mobile app and have reached a point where I need to allow users to register a username. I'm doing this by asking for an email address, username and password.
Typically, it's been normal to set this sort of thing up on the web by having the user confirm his email address by clicking on a link sent to his inbox.
Needless to say, on a mobile app this is a bit clunky as the user will be redirected out of your app and into his browser.
So I had a look at how other mobile apps are doing it (WP7) and was surprised to see that DropBox and Evernote both allow you to sign up without confirming your email address. The end result of this is that I was able to sign up with completely bogus email addresses and/or valid email addresses that don't belong to me.
I assume this is done on purpose.
Your thoughts?
I came across the same issue when writing a social networking style app. I chose to have the user create a username and then provide and email and password. I do not verify the email address and I've never attempted to send any email to them (yet).
What I would suggest would be alternate ways to validate a users email address. My app allows users to do Facebook Connect. All they have to do is log into Facebook, and the app talks to Facebook to confirm that they are using a valid email address. No need to verify it with a URL in an email.
I believe Twitter has a similar service and there may even be a few others that provide an API.
I've also discovered that a lot of people just want to tinker around in the app and not create an account at all. It's definitely a balancing act
I'd say it depends on your app and how important it is to ensure users have valid email addresses. In an app I'm creating now, we want to discourage users from signing up with multiple bogus accounts (because our system could be gamed that way) so we're not allowing users to log in until their email address if verified. On other sites however, it might not be such a big deal so why bother users with that extra step?
As for a mobile device, I don't see why you can't still send a verification email that sends them to your website to verify their email address. There are plenty of mobile apps that also have a website users can log into to manage their account.
Another option is have multiple "states" for users. Before they validate their email, they are in a "pending" state. Once they click it, they're in an "active" state. If you store the createDate for the user, you can periodically remove pending users older than 1 week (or however long).
The bonus is that you can easily add more states, such as suspended or deleted.
Personally, I wasn't too happy for users to create accounts with any old email address.
I think a few decent options are:
send a confirmation email with a link that uses a Custom Url Schema to redirect back to the app (although this is only good if they use the link on the same device)
send a short PIN in the email for them to enter back in the app.
send a confirmation email with a web link, have your server confirm the valid email/token, and have your app check the account status either periodically or with some sort of realtime tech like SignalR or Firebase.
I prefer the last one, although hardest to implement. A user might well have their phone in their hand and their laptop next to them, register in the app and try to click the link in the email that just showed up on their laptop. I like the idea of the app then just "knowing" that they've validated.
Do you have a web server? Write a web service that does the validation for you on the server side, and sends back the result.
Either you can use some platform, such as Facebook connect as #Brian replied above, or you may give users a reasonable timeframe to verify, for example, a few days or even a week. After that, the account gets removed.
You can even have your app issue notifications to remind the user to verify his account (such as every day, or on the last date of the verification.
Don't ask for email confirmation on mobile and allow the user to use the service. When the user is using a PC, then ask the user to confirm his email.
I won't defend my recommendation because most of the solutions here are valid. There isn't one correct way. You asked for ideas and here's one.
A good strategy is to allow people to use as much of your app as possible given the amount of data they've provided.
For example, in the case of a newsreader you might let someone browse your app without registering, then require an account for offline syncing, and a verified email for alerts. Always give people a good reason to take the next step, and build engagement first, then people will forgive you pestering them later.

Salesforce setup an Approval Process with email template help

New to Salesforce and having some issues with the Approval Process setup. I have combed the web looking for solutions but nothing is working, uhg.
I have a multi set approval process in place and that part is working fine, what I need is a email template (Which I think I have but not a good one) that I can reply Yes, Y, Approve or No, N, Reject, etc... to approval/reject the case.
When the approver replies by email it just sends me an email to the case owner and not to salesforce, what am I doing wrong?
Sorry I don't think I should post any code here as it pertains to internal operations.
Thanks for any help on this,
--Phill
Ok well after much search on the web I did find the solution for replying by email, very simple.
Under:
Set up -> Create -> Workflow & Approvals -> Settings
You need to enable Email Approval Response option, this will generate an email that looks to be from the user who created it but when you hit reply you will see the user to whom you're replying to will change to the SF Approval Process Reply email.

Resources