Comment by direwolf20

If you used a username, you wouldn't have this problem. As it stands, signing up someone else's address for a lot of sites to spam them with confirmations is already an attack vector that's used in the wild. And that's legitimate spam and should be reported as spam and sites that do this are spam amplifiers.