Page 1 of 2
Check existence of email address?
Posted: Wed Nov 21, 2007 3:37 pm
by abeall
I'm wondering how I might go about checking to see if a user supplied email address exists. In other words, I've already checked to make sure it's a valid email address, now I want to go a step further and attempt to verify the email address' existence with the supplied domain. For instance, the user supplies "
joe.soenso@yahoo.com" and I verify with yahoo.com servers that "joe.soenso" is an acceptable address.
My vague understanding is that there's no standard protocol to do this -- you have to initialize sending an email to the supplied address, and if the server immediately rejects the email, you know the address is no good. If the email begins to go without a problem, you stop sending the email as to not actually send an email, but you can assume to some extent that it is a real address the server will accept (with some discrepancies, not completely reliable, but you can at least weed out some).
If anyone could point me in the right direction in how to implement this in PHP, I'd be very grateful!
Thanks,
- aaron
Posted: Wed Nov 21, 2007 4:10 pm
by feyd
Just let the full email go through.
Posted: Wed Nov 21, 2007 5:04 pm
by abeall
Maybe I didn't explain it correctly or else I don't understand what you are implying:
1) I do not want to send an email at all. I want to determine if an email address is a real address.
2) I know how to send an email, but I don't know how to determine if the server rejected or accepted the email -- especially mid-stream.
Posted: Wed Nov 21, 2007 5:26 pm
by phpBuddy
There are 2 functions you can use
to check for email server: for a so called
MX record
http://php.net/getmxrr
http://php.net/checkdnsrr
Notice:
These both functions are not implemented on Windows platforms.
But there are workarounds to do the same check on Windows.
See the code in the ccontributed comments to those functions
On windows you can use follwing:
Code: Select all
exec('nslookup -type=MX '.$domain,$output);
Here is the function I use.
However this function does not check if found mail server
is currently active up and running.
If not valid,
the result return is either 'not valid STRING' or 'not valid DOMAIN'
Code: Select all
<?php
function checkEmail($email){
if(!preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/',$email))
return 'Not a valid email string';
list($dummy,$domain)=split('@',$email);
$mx=false;
exec('nslookup -type=MX '.$domain,$output);
foreach($output as $line)
if(preg_match('/^'.$domain.'/',$line))
$mx=true;
if($mx==false)
return 'Not a valid email domain';
return true;
}
$email = 'webmaster@mysite.com';
$result= checkEmail($email);
if($result===true)
echo $email.' ...Valid Email';
else
echo $email.' ...Sorry! ('.$result.')';
?>
Posted: Wed Nov 21, 2007 6:34 pm
by abeall
Thanks phpBuddy,
However, if I follow correctly, that is only checking to make sure the domain exists and if it is a mail server. That's a good step, but what I actually want to do is go one step further and attempt to verify the existence of a specific email with that server.
I am on a Unix box, btw.
Posted: Wed Nov 21, 2007 7:45 pm
by phpBuddy
Yes, I know.
I only tried to answer question 1.
Because I do not know the second part.
Still you want to know this:
2) ..... how to determine if the server rejected or accepted the email
-- especially mid-stream.
Posted: Wed Nov 21, 2007 10:27 pm
by califdon
This subject has been thoroughly discussed in lots of places. The only way you can truly determine that a email address has a person at the other end who reads the mail is to send an email that requests a confirmation. Anything short of that may be a good indicator, but that's all. And if you start sending a lot of confirmation requests, you may get on the bad side of a lot of people.
Posted: Wed Nov 21, 2007 10:32 pm
by John Cartwright
Any particular mail server can be configured to reject any lookups. There is generally nothing you can do except validate the format of the email and send the mail out.. no harm done. If the user does not enter the correct email address, then shame on them.
//points to Chris Corbyn
Posted: Wed Nov 21, 2007 10:44 pm
by abeall
Anything short of that may be a good indicator, but that's all.
That's exactly what I'm lookin' for, homie: a good indication of the existence of an email address
without sending an email confirmation.
At any rate, I found what I was looking for:
http://us2.php.net/fsockopen
If you scroll down near the bottom of the comments you'll see someone using sockets to communicate with a mail server(search for "another_mail"). So I can do(
fputs calls in bold,
server response in italics):
HELO mydomain.com
250 hello back
MAIL FROM: <whatever@wherever.com>
250 sender ok
RCPT TO: <whatever@wherever.com>
250 recipient ok [OR]
550 No such user
QUIT
So that is a decent indication if the email address is good or not, though not perfect -- for instance, Yahoo seems to always say OK. But it's exactly what I wanted for my purposes.
Posted: Thu Nov 22, 2007 9:54 am
by Kieran Huggins
I have a feeling that spam counter-measures will make this approach somewhat useless - it's better to send a confirmation e-mail. Also, don't forget that you're testing for account ownership as well as existence.
Posted: Thu Nov 22, 2007 7:53 pm
by Chris Corbyn
phpBuddy wrote:There are 2 functions you can use
to check for email server: for a so called
MX record
http://php.net/getmxrr
http://php.net/checkdnsrr
Notice:
These both functions are not implemented on Windows platforms.
But there are workarounds to do the same check on Windows.
See the code in the ccontributed comments to those functions
On windows you can use follwing:
Code: Select all
exec('nslookup -type=MX '.$domain,$output);
Here is the function I use.
However this function does not check if found mail server
is currently active up and running.
If not valid,
the result return is either 'not valid STRING' or 'not valid DOMAIN'
Code: Select all
<?php
function checkEmail($email){
if(!preg_match('/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/',$email))
return 'Not a valid email string';
list($dummy,$domain)=split('@',$email);
$mx=false;
exec('nslookup -type=MX '.$domain,$output);
foreach($output as $line)
if(preg_match('/^'.$domain.'/',$line))
$mx=true;
if($mx==false)
return 'Not a valid email domain';
return true;
}
$email = 'webmaster@mysite.com';
$result= checkEmail($email);
if($result===true)
echo $email.' ...Valid Email';
else
echo $email.' ...Sorry! ('.$result.')';
?>
Bad bad bad idea! Never do things like this. Your own DNS server could be having issues, their DNS server could be having issues and it's just a wasted effort. If you need to know an email address exists you probably want to know that *because you're sending mail to it*. Send an email to it and ask for some sort of response; be it a reply or a link click. It's that simple and it's practically a standard practise. We're all familiar with those emails saying "go to the URL below to activate your account" or whatever. Bear in mind that MX records will be multiple values and they can change regularly. Real mail servers will retry sending emails periodically if the MX server is down -- your PHP script isn't likely to leave the user waiting up to 72 hours before deciding if the address really exists.
Posted: Thu Nov 22, 2007 9:00 pm
by phpBuddy
Bad bad bad idea! Never do things like this.
Well, I do not totally agree 'it is bad'.
At least not bad, bad bad! It certainly will not hurt anything.
From your expression it may sound as if it is a REALLY DANGEROUS thing.

But it is not.
I am fully aware there are plenty of situations, where
any simple or more advanced email test will fail.
This has been told in posts above here.
califdon expressed it well.
The only way you can truly determine that a email address has a person at the other end who reads the mail
is to send an email that requests a confirmation.
Anything short of that may be a good indicator, but that's all.
In fact the origin of my code is taken from
a Tutorial at http://www.devshed.com .
About ways to try and validate emails.
Here are more
PHP Tutorials:
http://www.devshed.com/c/b/PHP/
Regards
Posted: Fri Nov 23, 2007 1:34 am
by Chris Corbyn
phpBuddy wrote:Bad bad bad idea! Never do things like this.
Well, I do not totally agree 'it is bad'.
At least not bad, bad bad! It certainly will not hurt anything.
From your expression it may sound as if it is a REALLY DANGEROUS thing.

But it is not.
I disagree. You're impacting in a negative way on your users. That's a bad thing. In business that costs you a lot of money. That's a bad thing. I can't possibly think of a way that function won't hurt anything, from where I'm sitting it can only introduce significant bugs that just live there silently. Seriously, don't ever use something like that in your code it's just wrong.
Posted: Fri Nov 23, 2007 9:41 am
by superdezign
phpBuddy wrote:In fact the origin of my code is taken from
a Tutorial at http://www.devshed.com .
About ways to try and validate emails.
Just because it's in a tutorial doesn't make it right.

Especially with the thousands of bad PHP tutorials out there.
Posted: Fri Nov 23, 2007 11:05 am
by phpBuddy
Me and many others will use something like in that devshed tutorial.
Does not matter what you say.
There are scripts and situation where you can have use for it.
As well as there can be applications where you will do it some other ways.
Frankly speaking:
Nobody likes to be told what to do or not to do.
Unless you are in war,
you are the police
or a child is about to do something bad, bad, bad,
there is no reason to telling people what to do.
And this is something I have learnt to avoid.
I can give an advice, though.
We have the freedom to make our own decisions.
And I like it!
Regards