question

msmall avatar image
msmall asked

Best practices for avoiding spam flags on email verification?

Hi all -

We have a game which uses email authentication for player accounts for data backup and retrieval. We currently are not sending an initial verification email, but we are using SMTP for password recovery.

The reason we stopped using STMP for the initial email verification was because the volume of broken or erroneous emails that users were putting in caused gmail to flag our account for spam violations. I believe at the time we were using a basic email-formatting-check to verify that the address adhered to basic formatting, but we didn't run a more extensive check before kicking off the email to SMTP. When I download run our email list through an email list service, we're seeing fairly high numbers of bogus emails or typos, and that's why we're triggering the fault with google.

How are other people dealing with this issue? Are there particular pre-checks you do before sending to SMTP? Or are you using an SMTP service that doesn't care if the email is valid or not (and if you do this, is there a risk of being blacklisted?)

Thank you,

Matt

Account ManagementAuthentication
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Seth Du avatar image
Seth Du answered

I will leave this thread open to other developers in this forum, but, I will also provide some explanations of current PlayFab email system.

There are 2 email addresses in a Player account – Contact email and Login email. Login email is for the login purpose, and almost all email-related API will send to Contact Email Address, except SendAccountRecoveryEmail API. Meanwhile login email doesn’t require verification, and if it is fake, players are not able to recover the account. In terms Contact email, there is a state property in player’s profile that marks if this email address is verified. I believe you may add additional verification steps for a player and get EmailVerificationStatus before any email-sending APIs are called, to reduce the abusive uses.

Moreover, PlayFab also provides customized API policy, please refer to API Access Policy - PlayFab | Microsoft Docs. If you have concerns of the use of SMTP, I suggest you denying all Client email-related APIs and define them in Cloud Script/Azure Function, where any customized verification steps can be added.

10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.