1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Email Validator

Discussion in 'PHP' started by Trance-formation, Jan 19, 2005.

  1. #1
    I am experimenting with an email validation script based on the one found at http://www.zend.com/zend/spotlight/ev12apr.php. I know the regular expression format check is not great, and I'm working on a new one, but I'm particularly keen on the idea of connecting to the mail server to validate the existence of the address.

    I have read that this can be problematic, because some servers block such requests (because its one way that spammers collect email addresses). Does anyone have any thoughts or experience with this?
    SEMrush
     
    Trance-formation, Jan 19, 2005 IP
    SEMrush
  2. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    64
    Best Answers:
    0
    Trophy Points:
    0
    #2
    The commands you are looking for are VRFY and EXPN (SMTP). They indeed are blocked on most servers because of the hackers and spammers. There are other "unofficial" techniques as well.

    If you want to work with *your* SMTP server (e.g. your own mailing list, etc), you can configure it to process these commands and hide it behind a relay or two. If you want to poke other people's servers that *will be* considered as hacking and you or your ISP may be contacted by the security officer of those companies and your ISP may terminate your contract.

    J.D.
     
    J.D., Jan 19, 2005 IP
    Trance-formation likes this.
  3. Trance-formation

    Trance-formation Peon

    Messages:
    598
    Likes Received:
    12
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Thanks for that... I'll just play safe and validate the format and rely upon a response to sign up email within two weeks.
     
    Trance-formation, Jan 19, 2005 IP
  4. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    64
    Best Answers:
    0
    Trophy Points:
    0
    #4
    If you want to parse messages yourself, take a look at the RFC 2822, which describes message format.

    If you want just to parse headers, regular expressions will work just fine - read text line-by-line and use regex to break lines down to tokens. If you want to parse entire messages, this would require significant development effort (thinking of multipart messages - HTML, MIME, etc).

    J.D.
     
    J.D., Jan 19, 2005 IP
  5. Trance-formation

    Trance-formation Peon

    Messages:
    598
    Likes Received:
    12
    Best Answers:
    0
    Trophy Points:
    0
    #5
    All I want to do is eliminate bogus sign ups to my website (www.training-directory.org.uk)... while trialling/beta testing it, I've had a few (though not many) .

    Easiest way round, since they all recieve an email on sign up with a password so they can log in and enter their detals, is simply remove them if they have not logged in within 7 days of sign up.
     
    Trance-formation, Jan 19, 2005 IP
  6. mushroom

    mushroom Peon

    Messages:
    369
    Likes Received:
    15
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Here is the expression I use
    $validemailexpr="^[0-9a-z~!#$%&_-]([.]?[0-9a-z~!#$%&_-])*" ."@[0-9a-z~!#$%&_-]([.]?[0-9a-z~!#$%&_-])*$";
    	if (!eregi($validemailexpr,$email))
    PHP:
    And as others have said the best you can do is verify the exisitance of the mail sever.
     
    mushroom, Jan 19, 2005 IP
    Trance-formation likes this.
  7. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    64
    Best Answers:
    0
    Trophy Points:
    0
    #7
    I would also add maximum length for each part:

    (chars){1,32}

    This will protect you from all sort of bad things.

    As for the mail server, it may not work sometimes - properly configured SMTP servers accept connections only if they originate from the SMTP ports.

    J.D.
     
    J.D., Jan 19, 2005 IP
  8. slipwalker

    slipwalker Guest

    Messages:
    2
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #8
    ...and how about those free/anonymous email accounts ?
    is there any way to block people from using those ( untraceable ) accounts for signing up on a site ?...

    i mean, of course there's one way, which is having a listing of the ( thounsands ? ) domains, check the request against this list and forbid those that match...
    but such list exists and is ( freely ? ) available ( and maintened ) somewhere on the net ? i've never seen anything like this... although i haven't looked too hard...
     
    slipwalker, Feb 2, 2005 IP
  9. J.D.

    J.D. Peon

    Messages:
    1,198
    Likes Received:
    64
    Best Answers:
    0
    Trophy Points:
    0
    #9
    You can reject domains that are known to be open relays (i.e. those that are misconfigured and often used by spammers). There are several sites you can use to check if the IP address matching the domain name in question is black-listed (e.g. dsbl.org, ordb.org).

    As far as anonymous accounts go, say at hotmail.com, I don't think there's a reliable source that will tell you that a particular email address is a throw-away address (heck, I have seen businesses using accounts at aol.com as their email addresses!).

    J.D.
     
    J.D., Feb 2, 2005 IP
  10. Las Vegas Homes

    Las Vegas Homes Guest

    Messages:
    793
    Likes Received:
    59
    Best Answers:
    0
    Trophy Points:
    0
    #10
    This is also a major concern in the real estate industry, you have several people use your system to register and they use bogus email address. We have been trying to look at a way to curb this as well. One problem you run into however, if lets say you also ask for a phone number is I have had clients that mispelled their email address by mistake but supplied the right phone number. So if you prevent them from signing up if their email doesnt verify, you might lose some real customers.
     
    Las Vegas Homes, Feb 3, 2005 IP