[rogerbinns]

In what way does Persona prevent abuse? All you validate is email receipt which can be trivially fudged using mailinator.

It is far better to deal with this sort of thing at the "transaction" level - eg use a captcha or similar for the second and subsequent conversions from a particular IP address.

[shantanubala]

It's just a rough barrier before I set up something a little better, though I already have logging at the transaction level set up. Even using Mailinator requires a little bit of work, so I figured Persona was a good starting point -- I'll look into adding a "try it out" area on the home page that doesn't require you to sign up though.