Checking Valid Email Address : 1

[1DMF]

I currently use the nslookup module to check valid mx records for email validation with the following..

use Net::Nslookup;
    my $email = $cgi->param('email');
    $email =~ s/[A-Za-z0-9.-_]+\@//g;
    my @mx = nslookup(domain => "$email", type => "MX");
    if(!@mx){print "Location: [URL unfurl="true"]http://mydomain/error.html\n\n";[/URL] exit();}

I want to take it to the next level and actually do a connect to the mail server and ask if the recipient mailbox exists.

Is this possible in perl and if so how do I go about it?

Which module would I need?

Thanks,
1DMF

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!

 

[KevinADC]

Email::Valid has some builtin methods for checking if an email address exists. Probably uses Net:NS but I'm not sure.

------------------------------------------
- Kevin, perl coder unexceptional!

 

[tujchl]

searching on the CPAN, maybe you will waste some time but finally you will find right module
good luck!!

 

[ishnid]

According to the Email::Valid docs, it will check that the address is well-formed and if a mail host exists for the domain in question. They say it's impossible to check if a specific address exists without actually attempting to send a mail to it. See also perlfaq9.

 

[1DMF]

Hi Ishnid,

I thought I would have to do some kind of dummy send or at least connect to the mail server and query it.

I thought this is what mail servers do to send mail.

I was hoping I could use the following steps somehow.

1. connect to mail server
2. obtain result (ie status 200 OK)
3. make request to send mail to recipient
4. obtain result (not sure what is returned for invalid address)

I don't mind if I have to send a dummy email and capture response before adding email address to the system.

Is there a module or method available to achieve this?




"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!

 

[travs69]

Why not just send a validation email then? Send an email to the email address, have them reply back with "Ok" or Yes or something and look for that? I'm sure there's a module for that to btw

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Travis - Those who say it cannot be done are usually interrupted by someone else doing it; Give the wrong symptoms, get the wrong solutions;

 

[KevinADC]

Yep, the only way to know for sure is send and then recieve an email. But you may never get a response, so don't have your script sitting there waiting for a response.

------------------------------------------
- Kevin, perl coder unexceptional!

 

[stevexff]

SMTP supports the VRFY verb (at least in the RFC). So you can in theory do a VRFY username and get a response back. Apparently older implementations used to support VRFY * which would return a list of all mail addresses on the server. (Imagine that). This spammer's wet dream is however disabled by most sane sysadmins. Although looking at my inbox, I'm inclined to give my ISP a call just to check...

Steve

[small]"Every program can be reduced by one instruction, and every program has at least one bug. Therefore, any program can be reduced to one instruction which doesn't work." (Object:erlDesignPatterns)[/small]

 

[1DMF]

hmm, what to me seemed like a simple task in theory would appear to be a nightmare!

I can see the problem with VRFY returning a full list when using a wildcard, but querying a specific email addy isn't a biggie surely?

I don't want a verify email mechanism, this is simply a newsletter subscription which when an email is supplied I wan't to check it is completely valid before I get the email to add them to the newsletter distribution group.

I've had a couple of bounce back with 'mailbox doesn't exist', so wanted to block these attempts to sign up.

Why someone would bother to signup to a newsletter with a bogus email is beyond me, I'm assuming this is some bot doing this, it makes no sense to me why a real person would bother.



"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!

 

[audiopro]

I tried email checking myself a while back but gave it up. I found that there were a lot of valid addresses which users no longer checked so they did not get the email.

I have a couple of sites where people sign up for info and get quite a few bogus sign ups. I introduced a captcha which reduced the number of bad submissions considerably but there are still a few, which have been entered manually. Logging the IP address and only allowing 3 attempts also works.


Keith

http://www.studiosoft.co.uk

 

[Kirsle]

It seems like I saw a module on CPAN a while back that checks the validity of an e-mail address by connecting to its server... essentially,

220 remotehost.net ESMTP Sendmail
HELO my.domain.com
250 Hello my.domain.com
MAIL FROM: auto@my.domain.com
250 2.1.0 auto@my.domain.com... Sender OK
RCPT TO: test@remotehost.net
250 2.1.5 test@remotehost.net... Recipient OK
RSET
250 2.0.0 Reset state
QUIT
221 2.0.0 remotehost.net closing connection

So you go through the whole SMTP transaction up until you'd send DATA, and instead you send RSET and QUIT... that way, you see that the mail server was ready to accept mail to the recipient but you bail out before actually sending it mail.

I don't remember the name of the module that did this, though.

-------------
Cuvou.com | My personal homepage

perl -e '$|=$i=1;print" oo\n<|>\n_|_";x:sleep$|;print"\b",$i++%2?"/":"_";goto x;'

 

[1DMF]

Exactly what I was looking for Kirsle.

Perhaps I can use the SMTP module for this?

I don't mind hand rolling something, issuing the SMTP command, any pointers as to the module required for the connection and issuing the commands?

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!

 

[Kirsle]

http://search.cpan.org/~ilyam/Mail-CheckUser-1.21/CheckUser.pm

This seems to be the one I saw that does something like this. If not it should be easy to roll your own with IO::Socket... connect, wait for any automatic packets, send your HELO, MAIL, RCPT, RSET, and QUIT and watch for the status codes in the replies.

-------------
Cuvou.com | My personal homepage

perl -e '$|=$i=1;print" oo\n<|>\n_|_";x:sleep$|;print"\b",$i++%2?"/":"_";goto x;'

 

[1DMF]

spot on, i'm going on holiday in a couple of days for my Stag Reunion, so will try it when I get back.

Getting fed up of people signing up to my newsletter with bogus email addy's.

Why do people even bother, if it is a real person filling in the 'join' form field.

The mind boggles as to why some people do things, hopefully this will help considerably.

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!

 

[Kirsle]

It might be possible it's not a human putting that much free time to waste submitting bogus e-mail addresses (but I wouldn't rule it out as a possibility). Sometimes forms get submitted by stupid spam bots that are too curious about where the form goes. They don't care what the form does, they just search out forms and fill in all the fields with crap (sometimes they distinguish "email" fields from "comment" fields and try to fill in data that they think will pass any filters).

I wrote an article about 'em here:

http://www.cuvou.com/doc/submitter.html

-- as well as how to stop them. If you add CSS-hidden form fields and then check if their values have been modified from the defaults, ya know a stupid bot has filled them with crap and submitted them.

-------------
Cuvou.com | My personal homepage

perl -e '$|=$i=1;print" oo\n<|>\n_|_";x:sleep$|;print"\b",$i++%2?"/":"_";goto x;'

 

[1DMF]

Well the only fields on the form is an email addy text box and a submit button, so I'll give the email validation a try and let you know how I get on.

"In complete darkness we are all the same, only our knowledge and wisdom separates us, don't let your eyes deceive you."

"If a shortcut was meant to be easy, it wouldn't be a shortcut, it would be the way!