Last modified: 2014-05-07 21:53:34 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T14767, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 12767 - Account created even when email bounces
Account created even when email bounces
Status: NEW
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
unspecified
All All
: Low normal with 1 vote (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-01-24 02:08 UTC by Radon210
Modified: 2014-05-07 21:53 UTC (History)
8 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Radon210 2008-01-24 02:08:07 UTC
On Wikipedia at [[WP:ACC]] when accounts are created, sometimes the email does not exist and the email bounces the account is still created and the password is permanently lost.  If posse please change the software so that an error message will appear when attempting to create an account by email and the email bounces.
Comment 1 ais523 2008-01-24 08:44:21 UTC
This bug relates to the creation of accounts 'by email'. Sometimes the email cannot be sent (maybe because the email address is invalid); in such cases, an error message appears saying that the email could not be sent but the account is created anyway, meaning that the account is unusable (nobody has the password and the email is invalid) and a bureaucrat needs to be involved to rename the account out of the way. Desired behaviour would be to delete the account again if the initial emailing of password fails, for by-email creations only.
Comment 2 Brion Vibber 2009-07-20 04:32:11 UTC
Hmm, this might be a little tricky to implement as the wiki by default will have no way to know if sending succeeded or failed beyond the first leg (getting it to the local SMTP server), which will probably only check for basic format validity.

There's a couple ways to consider going...

Generally, being able to mark the account as being in a pre-confirmed state would probably be good here. (Eg, if we know that the user hasn't yet logged in to activate the account, it's left marked as awaiting confirmation.) We could go on from there to allow admins/crats to change the email and resend when an account's still in this state, so a misspelling can be corrected easily.

A more complex route would be to create some kind of feedback mechanism whereby MediaWiki could receive notifications of bounce messages, so that in at least some cases we could confirm that the mail *did not* reach its destination.

In the case where we fail the mail right off, we should be able to detect that too...
Comment 3 deltaquadwiki 2010-08-19 01:01:32 UTC
I just had the same issue, but it's not that the email was sent, but didn't get through the system without a nice red warning saying something like invalid email.

The original error caused by https://jira.toolserver.org/browse/ACC-175.
Comment 4 Nemo 2012-07-26 15:09:02 UTC
(In reply to comment #2)
> Generally, being able to mark the account as being in a pre-confirmed state
> would probably be good here. (Eg, if we know that the user hasn't yet logged in
> to activate the account, it's left marked as awaiting confirmation.) We could
> go on from there to allow admins/crats to change the email and resend when an
> account's still in this state, so a misspelling can be corrected easily.

Wouldn't it be easier (not easy) for the account to simply expire if not confirmed, after a few days? This is what most websites do.
Comment 5 Nemo 2013-11-12 15:37:18 UTC
(In reply to comment #2)
> Hmm, this might be a little tricky to implement as the wiki by default will
> have no way to know if sending succeeded or failed beyond the first leg
> (getting it to the local SMTP server), which will probably only check for
> basic
> format validity.

That was split to bug 46640.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links