Check existence of email address?
Moderator: General Moderators
Check existence of email address?
I'm wondering how I might go about checking to see if a user supplied email address exists. In other words, I've already checked to make sure it's a valid email address, now I want to go a step further and attempt to verify the email address' existence with the supplied domain. For instance, the user supplies "joe.soenso@yahoo.com" and I verify with yahoo.com servers that "joe.soenso" is an acceptable address.
My vague understanding is that there's no standard protocol to do this -- you have to initialize sending an email to the supplied address, and if the server immediately rejects the email, you know the address is no good. If the email begins to go without a problem, you stop sending the email as to not actually send an email, but you can assume to some extent that it is a real address the server will accept (with some discrepancies, not completely reliable, but you can at least weed out some).
If anyone could point me in the right direction in how to implement this in PHP, I'd be very grateful!
Thanks,
- aaron
My vague understanding is that there's no standard protocol to do this -- you have to initialize sending an email to the supplied address, and if the server immediately rejects the email, you know the address is no good. If the email begins to go without a problem, you stop sending the email as to not actually send an email, but you can assume to some extent that it is a real address the server will accept (with some discrepancies, not completely reliable, but you can at least weed out some).
If anyone could point me in the right direction in how to implement this in PHP, I'd be very grateful!
Thanks,
- aaron
Maybe I didn't explain it correctly or else I don't understand what you are implying:
1) I do not want to send an email at all. I want to determine if an email address is a real address.
2) I know how to send an email, but I don't know how to determine if the server rejected or accepted the email -- especially mid-stream.
1) I do not want to send an email at all. I want to determine if an email address is a real address.
2) I know how to send an email, but I don't know how to determine if the server rejected or accepted the email -- especially mid-stream.
There are 2 functions you can use
to check for email server: for a so called MX record
http://php.net/getmxrr
http://php.net/checkdnsrr
Notice:
These both functions are not implemented on Windows platforms.
But there are workarounds to do the same check on Windows.
See the code in the ccontributed comments to those functions
On windows you can use follwing:
Here is the function I use.
However this function does not check if found mail server
is currently active up and running.
If not valid,
the result return is either 'not valid STRING' or 'not valid DOMAIN'
to check for email server: for a so called MX record
http://php.net/getmxrr
http://php.net/checkdnsrr
Notice:
These both functions are not implemented on Windows platforms.
But there are workarounds to do the same check on Windows.
See the code in the ccontributed comments to those functions
On windows you can use follwing:
Code: Select all
exec('nslookup -type=MX '.$domain,$output);However this function does not check if found mail server
is currently active up and running.
If not valid,
the result return is either 'not valid STRING' or 'not valid DOMAIN'
Code: Select all
<?php
function checkEmail($email){
if(!preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/',$email))
return 'Not a valid email string';
list($dummy,$domain)=split('@',$email);
$mx=false;
exec('nslookup -type=MX '.$domain,$output);
foreach($output as $line)
if(preg_match('/^'.$domain.'/',$line))
$mx=true;
if($mx==false)
return 'Not a valid email domain';
return true;
}
$email = 'webmaster@mysite.com';
$result= checkEmail($email);
if($result===true)
echo $email.' ...Valid Email';
else
echo $email.' ...Sorry! ('.$result.')';
?>Thanks phpBuddy,
However, if I follow correctly, that is only checking to make sure the domain exists and if it is a mail server. That's a good step, but what I actually want to do is go one step further and attempt to verify the existence of a specific email with that server.
I am on a Unix box, btw.
However, if I follow correctly, that is only checking to make sure the domain exists and if it is a mail server. That's a good step, but what I actually want to do is go one step further and attempt to verify the existence of a specific email with that server.
I am on a Unix box, btw.
This subject has been thoroughly discussed in lots of places. The only way you can truly determine that a email address has a person at the other end who reads the mail is to send an email that requests a confirmation. Anything short of that may be a good indicator, but that's all. And if you start sending a lot of confirmation requests, you may get on the bad side of a lot of people.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
Any particular mail server can be configured to reject any lookups. There is generally nothing you can do except validate the format of the email and send the mail out.. no harm done. If the user does not enter the correct email address, then shame on them.
//points to Chris Corbyn
//points to Chris Corbyn
Last edited by John Cartwright on Wed Nov 21, 2007 10:46 pm, edited 2 times in total.
That's exactly what I'm lookin' for, homie: a good indication of the existence of an email address without sending an email confirmation.Anything short of that may be a good indicator, but that's all.
At any rate, I found what I was looking for:
http://us2.php.net/fsockopen
If you scroll down near the bottom of the comments you'll see someone using sockets to communicate with a mail server(search for "another_mail"). So I can do(fputs calls in bold, server response in italics):
HELO mydomain.com
250 hello back
MAIL FROM: <whatever@wherever.com>
250 sender ok
RCPT TO: <whatever@wherever.com>
250 recipient ok [OR] 550 No such user
QUIT
So that is a decent indication if the email address is good or not, though not perfect -- for instance, Yahoo seems to always say OK. But it's exactly what I wanted for my purposes.
- Kieran Huggins
- DevNet Master
- Posts: 3635
- Joined: Wed Dec 06, 2006 4:14 pm
- Location: Toronto, Canada
- Contact:
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Bad bad bad idea! Never do things like this. Your own DNS server could be having issues, their DNS server could be having issues and it's just a wasted effort. If you need to know an email address exists you probably want to know that *because you're sending mail to it*. Send an email to it and ask for some sort of response; be it a reply or a link click. It's that simple and it's practically a standard practise. We're all familiar with those emails saying "go to the URL below to activate your account" or whatever. Bear in mind that MX records will be multiple values and they can change regularly. Real mail servers will retry sending emails periodically if the MX server is down -- your PHP script isn't likely to leave the user waiting up to 72 hours before deciding if the address really exists.phpBuddy wrote:There are 2 functions you can use
to check for email server: for a so called MX record
http://php.net/getmxrr
http://php.net/checkdnsrr
Notice:
These both functions are not implemented on Windows platforms.
But there are workarounds to do the same check on Windows.
See the code in the ccontributed comments to those functions
On windows you can use follwing:Here is the function I use.Code: Select all
exec('nslookup -type=MX '.$domain,$output);
However this function does not check if found mail server
is currently active up and running.
If not valid,
the result return is either 'not valid STRING' or 'not valid DOMAIN'Code: Select all
<?php function checkEmail($email){ if(!preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/',$email)) return 'Not a valid email string'; list($dummy,$domain)=split('@',$email); $mx=false; exec('nslookup -type=MX '.$domain,$output); foreach($output as $line) if(preg_match('/^'.$domain.'/',$line)) $mx=true; if($mx==false) return 'Not a valid email domain'; return true; } $email = 'webmaster@mysite.com'; $result= checkEmail($email); if($result===true) echo $email.' ...Valid Email'; else echo $email.' ...Sorry! ('.$result.')'; ?>
Well, I do not totally agree 'it is bad'.Bad bad bad idea! Never do things like this.
At least not bad, bad bad! It certainly will not hurt anything.
From your expression it may sound as if it is a REALLY DANGEROUS thing.
I am fully aware there are plenty of situations, where any simple or more advanced email test will fail.
This has been told in posts above here.
califdon expressed it well.
In fact the origin of my code is taken from a Tutorial at http://www.devshed.com .The only way you can truly determine that a email address has a person at the other end who reads the mail
is to send an email that requests a confirmation.
Anything short of that may be a good indicator, but that's all.
About ways to try and validate emails.
Here are more PHP Tutorials: http://www.devshed.com/c/b/PHP/
Regards
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
I disagree. You're impacting in a negative way on your users. That's a bad thing. In business that costs you a lot of money. That's a bad thing. I can't possibly think of a way that function won't hurt anything, from where I'm sitting it can only introduce significant bugs that just live there silently. Seriously, don't ever use something like that in your code it's just wrong.phpBuddy wrote:Well, I do not totally agree 'it is bad'.Bad bad bad idea! Never do things like this.
At least not bad, bad bad! It certainly will not hurt anything.
From your expression it may sound as if it is a REALLY DANGEROUS thing.
But it is not.
- superdezign
- DevNet Master
- Posts: 4135
- Joined: Sat Jan 20, 2007 11:06 pm
Just because it's in a tutorial doesn't make it right.phpBuddy wrote:In fact the origin of my code is taken from a Tutorial at http://www.devshed.com .
About ways to try and validate emails.
Especially with the thousands of bad PHP tutorials out there.
Me and many others will use something like in that devshed tutorial.
Does not matter what you say.
There are scripts and situation where you can have use for it.
As well as there can be applications where you will do it some other ways.
Frankly speaking:
Nobody likes to be told what to do or not to do.
Unless you are in war,
you are the police
or a child is about to do something bad, bad, bad,
there is no reason to telling people what to do.
And this is something I have learnt to avoid.
I can give an advice, though.
We have the freedom to make our own decisions.
And I like it!
Regards