app/models/screened_email.rb
has should_block?
should filters off screened email addresses of known spammers.
Levenshtein Distance
The filter works on levenshtein distance between the screened email (known SPAMmer) and the new email address.
I believe the levenshtein distance should be calculated only on the user part of the email address (i.e. anything preceeding @
) because users from the same domain are much more suspicious than the same user from a different domain.
For example, say the distance limit is set to one character:
Screened email: john@iibm.com
Incoming email: john@ibm.com (Blocked now, shouldn’t)
Incoming email: john1@iibm.com (Blocked now)
Suggested modification is either:
-
Limit levenshtein distance to portions of email addresses before @
, or
-
Have two levenshtein distance limits, one for the portions before @
and one for after.
Screened Emails Limit
In addition:
screened_emails = ScreenedEmail.order(created_at: :desc).limit(100)
limits the search to only 100 screened email addresses. I understand that this is for performance reasons, but shouldn’t this limit be a system setting?
Feature to block entire domain?
In addition to blocking email addresses similar to a screened email, it would be nice to be able to block the entire domain. This is theoretically possible with domain blacklist
, but it is a hassle. Just having an extra option on the User
page that says Delete User and Block Entire Domain
will make it much simple to manage.