Check usernames for reserved email addresses, subdomains, or Unix usernames.
When you let users of a webapp create their own usernames, and this name is used in an email address or Unix user, it is important to check against some common usernames, like ‘root’, ‘postmaster’, and ‘postfix’. This library is an attempt for that.
You should check the following:
- The address in your WHOIS, wich may be used for things like registering a TLS certificate. It should really be something like hostmaster@ anyway, so this should not be an issue.
- If you make Unix accounts with these names, check which names occur in /etc/passwd (and possibly /etc/group).
License: BSD 2-clause
- Security StackExchange: What email addresses are treated as trusted
- Postbit reserved username list
- /etc/passwd and /etc/group on my laptop (Debian testing/stretch).
- shouldbee’s list
- kwappa’s list
Image via xkcd.com