I think currently the best option to keep an eye on user accounts is to require admin approval with some text they have to write.
Requiring email does not stop spammers at all these days. It basically just ensures people can reset their passwords.
this post was submitted on 07 Jun 2023
11 points (100.0% liked)
Lemmy
12802 readers
36 users here now
Everything about Lemmy; bugs, gripes, praises, and advocacy.
For discussion about the lemmy.ml instance, go to !meta@lemmy.ml.
founded 5 years ago
MODERATORS
Do you think it would be important to have it enabled so that everyone who joins has a recovery factor? Mabye reduce the number of lost accounts?
I don't make it mandatory on our instance, but the amount of people that forget their passwords is staggering. I think many people just don't bother with remembering their passwords at all and just depend on the password reset feature when they switch devices or so.
I've found email verification is finnicky to say the least. The Lemmy UI has some issues with users being stuck with spinning icons at various points for a start.
In the back end... email is a pain. If you're using a public cloud VM and using the Lemmy provided docker/ansible postfix image, your users are unlikely to receive the verification emails as your server's IP address is likely n a DNSBL somewhere.
If you use a third party SMTP service you may have more luck... but even then you'll likely have issues.
I've disable email verification for these reasons, and rely on the answer to the signup question to vet applicants.
view more: next ›