[keycloak-user] Fake and trash email addresses
a.stanik at avm.de
a.stanik at avm.de
Mon Dec 18 08:43:17 EST 2017
Dear keycloak community,
there are several fake and trash email provider which allow you to send
and receive emails with a fake acount (a list can be found here:
https://www.mogelmail.de/). Some of these websides provide inbox access
without any protection which is a point of attack for hackers (e.g.
https://www.byom.de/nachrichten/privatdetekteien?m=bla or
https://www.trash-mail.com/posteingang/).
We would like to secure our customers from using such fake accounts for
transaction email in keycloak. Therefore, we propose this as feature of
keycloak that could be managed in the email tab of realm settings (admin
console).
If this feature would be interesting, we could impletent this
functionality and create a pull request?
Best regards
Alex
Dr. Alexander Stanik
AVM GmbH
IT - Backend Services
Phone +49 30 39976-7510
Mobile +49 152 5259-7510
a.stanik at avm.de
avm.de
AVM Audiovisuelles Marketing und Computersysteme GmbH, Alt-Moabit 95,
10559 Berlin, Germany
HRB 23075 AG Charlottenburg, CEO (Geschäftsführer): Johannes Nill
More information about the keycloak-user
mailing list