Validating unique email ignoring gmail or other services aliases

Question

The scenario is I would like to only accept a unique email address from a persion ignoring gmail aliases (and if any other services do something similar)

The reason for this is we are giving away a limited amount of discount codes and to be fair we don't want someone claiming a large amount with only one email address.

From my understanding:

• If gmail.com or googlemail.com then remove the + and anything after as that is the alias.
• If is gmail then remove any dots from the username as they are ignored. john.smith@ is the same as johnsmith@
• Don't just invalidate the + symbol as it is valid for email addresses.

Are there any other services I need to be aware of that allow one to alias their email address into multiple forms and any additionl considerations for my scenario.

Update I do have a database to store submissions with email addresses and claimed codes.

I also understand that it's difficult to stop people claiming multiple codes outright. Disallowing aliases is simply there to possibly reduce it.

Cheers.

Answer 1

Writing code to ignore a handful of known alias formats in a single service (like Gmail) isn't a big deal. However trying to prevent a single person from claiming multiple discounts based on email address alone is kind of an impossible task.

There are a LOT of different ways to create new email addresses and aliases. For example, there are services out there that let you create disposable emails, through which you can have as many different addresses as you need. Also, for as low as a few dollars, you can get your own email host with your own domain, where you can register a bunch of addresses and/or a catch all address.

It would take an exorbitant amount of resources to try to prevent anybody determined to claim a bunch of your discounts. Not without other identifying methods, other than email address.

I would consider adding other validation methods. Depending on what you are doing, that might be things like linking to Facebook, or even asking for credit-card details for verification.

Answer 2

in this case you can use Regex. with this code you can convert an email array to alias array (you can customize symbol pattern for each mail-service) :

Code:

$mails = ['[email protected]', '[email protected]', '[email protected]'];
$valid_mails = [];
$pattern = "/^(?P<name>[A-Za-z0-9._+\-\']+)@(?P<mail>[A-Za-z0-9.\-]+)\.[A-Za-z]{2,}$/";
$symbol_pattern = ['gmail'=>'/(\.|\+|-)/','yahoo'=>'/(\.)/'];
foreach ($mails as $key=>$mail) {
    $valid_mails[$key] = preg_replace_callback($pattern, function($match){
        global $symbol_pattern;
        return preg_replace($symbol_pattern[$match['mail']], '', $match['name']);
    }, $mail);
}
var_dump($valid_mails);

Output:

array(3) { [0]=> string(9) "johnsmith" [1]=> string(9) "johnsmith" [2]=> string(9) "johnsmith" }