DEV Community

Discussion on: Rethinking email confirmation

Collapse
nektro profile image
Meghan (she/her)

Would this approach not be a perfect storm for spam/dos? Imagine a URL that ingests these email addresses, say https://thewebsite.com/api/signup_step1?email={insert}. What's stopping someone from downloading a list of 306 million email addresses and sending them all to that URL?