I know that some people are against the idea of diaspora* forcing people to provide a valid email address or to confirm their real identity in any way.
But is there a reason why podmins should not be able to configure their individual pod to require a valid email address?
I ask because this was raised recently by a podmin whose pod has been the target of a sustained campaign of spam/spoof account sign-ups. Their concern seems valid; if a pod is being targeted in such a way, or if a podmin is more comfortable with requiring email confirmation, why should they not be able to protect their pod or reduce the amount of maintenance required to keep on top of such accounts?
I think this woul be a good option in the pod configuration. It should be set to
FALSE by default, to be enabled only if the podmin requires it.
Whether or not the pod requires email verification could be exposed in the node-info, so that Pod Uptime and the Federation stats site could show whether or not email is required when someone is choosing a pod.