Email Validity

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
Pazuzu156
Forum Contributor
Posts: 241
Joined: Sat Nov 20, 2010 9:00 pm
Location: GA, USA
Contact:

Email Validity

Post by Pazuzu156 »

In the email system I have on my website, I get loads of spam from fake emails because there isn't an email authentication set. How do I go about setting this up?
- Kaleb Klein
------------------------------------
Web Developer | Software Developer
https://kalebklein.com
PGP Key: https://keybase.io/pazuzu156
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: Email Validity

Post by social_experiment »

Pazuzu156 wrote:I get loads of spam from fake emails because there isn't an email authentication set.
Are you refering to something similar to 'CAPTCHA' or a way to see if an email address exists?
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
User avatar
Pazuzu156
Forum Contributor
Posts: 241
Joined: Sat Nov 20, 2010 9:00 pm
Location: GA, USA
Contact:

Re: Email Validity

Post by Pazuzu156 »

CAPTCHA is later for me :p.. No I'm looking to see if the e-mail they provide currently exists.
- Kaleb Klein
------------------------------------
Web Developer | Software Developer
https://kalebklein.com
PGP Key: https://keybase.io/pazuzu156
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: Email Validity

Post by social_experiment »

I have no idea how to do this but here is two url's that you might find useful, HTH.
http://stackoverflow.com/questions/5655 ... g-an-email & http://www.expertcore.org/viewtopic.php?f=67&p=1531
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Email Validity

Post by Mordred »

morganlawerence
Forum Newbie
Posts: 1
Joined: Thu Jan 13, 2011 2:11 am

Re: Email Validity

Post by morganlawerence »

I am getting loads of spam from unknown emails because there is no email authentication set..
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Re: Email Validity

Post by John Cartwright »

You shouldn't ever require to actually validate on the users server whether the email exists or not. In fact, there may be valid configurations which will deny such probing, or reroute to specific addresses.

Your best bet is to simply send an email to the email address with a confirmation link. If the email does not exist, then no confirmation link.

Again, there are ways to circumvent this (by trapping all emails on said server into a single pipe), but then again you would still want to implement a captcha to reduce automated requests in general.
User avatar
Pazuzu156
Forum Contributor
Posts: 241
Joined: Sat Nov 20, 2010 9:00 pm
Location: GA, USA
Contact:

Re: Email Validity

Post by Pazuzu156 »

How would I go about implementing a captcha in because I want to eliminate the spam populating in my inbox and my guestbook from computer generated posts.
- Kaleb Klein
------------------------------------
Web Developer | Software Developer
https://kalebklein.com
PGP Key: https://keybase.io/pazuzu156
Post Reply