I think you've proably nailed it there--- I personally always prefer the 'more elegant and simple solutions to the page-long, need-a-phd-to-understand, solutions. The proof is in the pudding, as they say! I guess a combination of server-side and client-side is the best case. On Fri, 8 Oct 2004 10:19:59 -0700 (PDT), Edwin Horneij <ed_horneij at yahoo.com> wrote: > Where I work we are somewhat lax about what we will allow the user to > enter in the "email" form field, and then we send an email containing > the URL of a validation page to the address furnished by the visitor. > The user's account is only activated once the user goes to that page > and clicks on the submit button of a validation form. Every so often we > purge old accounts that were never activated.