[openstreetmap/openstreetmap-website] Prevent blocked users from signing up with the "same email address" again and again (Issue #4206)

[SomeoneElseOSM]

### Problem

Currently we're seeing at least one person creating a large number of vandal accounts.  It has been suggested that they're using the same canonical email address for this - just varying with e.g. a plus sign.


### Description

The PR for rate limiting https://github.com/openstreetmap/openstreetmap-website/pull/4198/files checks the rate for a "canonical email address".

We should prevent a user who is currently blocked from OSM from using the same canonical email address to sign up again.

Whilst this wouldn't be a panacea (someone can always register a domain and define a luser_relay there), it would raise the bar and slow down users who may, for example, only be in possession of a Google or Microsoft account.

### Screenshots

_No response_

-- 
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/4206
You are receiving this because you are subscribed to this thread.

Message ID: <openstreetmap/openstreetmap-website/issues/4206 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20230826/bbbac540/attachment.htm>