Hello, Creating spam app is quite trivial, so my concern in that issue is more a malicious attack that is aimed on blacklisting an application using Kecloak. This can be achieved by subsequent registration with random emails within the same domain (for example, gmail.com). I'd like to extend that question, is Keycloak generally prepared to detect such suspicious activity and block anormal traffic, especially flowing from one origin? Btw. The default mail messages seem to be very 'spam friendly' , they get caught by spam filters in short time. Best regards, Lukasz Lech -----Original Message----- From: keycloak-user-bounces(a)lists.jboss.org [mailto:keycloak-user-bounces@lists.jboss.org] On Behalf Of Katarzyna Sycz Sent: Mittwoch, 20. März 2019 10:52 To: keycloak-user(a)lists.jboss.org Subject: [keycloak-user] KEYCLOAK-9790 and KEYCLOAK-9789 Hello, We started using the Keycloak lately and we want to implement and adjust it for our clients. However, we found two issues and I would like to ask you for an answer. Unfortunately, I was not able to find a solution or information in the docs. Issues: https://issues.jboss.org/browse/KEYCLOAK-9790 https://issues.jboss.org/browse/KEYCLOAK-9789 Kind regards, Katarzyna Sycz -- [image: Eventival logo] <https://www.eventival.com/> *Katarzyna Sycz* Junior Software Developer katarzyna.sycz(a)eventival.com +420 <+420608632508>773 978 859 www.eventival.com _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user