Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Email Validation...
- Thread starter perlone
- Start date
On *nix at the command prompt(assuming you have Perl installed), just do
perldoc -q mail
here is just one of the topics that came up:
---------------------------------------
=head2 How do I check a valid mail address?
You can't, at least, not in real time. Bummer, eh?
Without sending mail to the address and seeing whether there's a human
on the other hand to answer you, you cannot determine whether a mail
address is valid. Even if you apply the mail header standard, you
can have problems, because there are deliverable addresses that aren't
RFC-822 (the mail header standard) compliant, and addresses that aren't
deliverable which are compliant.
Many are tempted to try to eliminate many frequently-invalid
mail addresses with a simple regexp, such as
C</^[\w.-]+\@([\w.-]\.)+\w+$/>. It's a very bad idea. However,
this also throws out many valid ones, and says nothing about
potential deliverability, so is not suggested. Instead, see
,
which actually checks against the full RFC spec (except for nested
comments), looks for addresses you may not wish to accept mail to
(say, Bill Clinton or your postmaster), and then makes sure that the
hostname given can be looked up in the DNS MX records. It's not fast,
but it works for what it tries to do.
Our best advice for verifying a person's mail address is to have them
enter their address twice, just as you normally do to change a password.
This usually weeds out typos. If both versions match, send
mail to that address with a personal message that looks somewhat like:
Dear someuser@host.com,
Please confirm the mail address you gave us Wed May 6 09:38:41
MDT 1998 by replying to this message. Include the string
"Rumpelstiltskin" in that reply, but spelled in reverse; that is,
start with "Nik...". Once this is done, your confirmed address will
be entered into our records.
If you get the message back and they've followed your directions,
you can be reasonably assured that it's real.
A related strategy that's less open to forgery is to give them a PIN
(personal ID number). Record the address and PIN (best that it be a
random one) for later processing. In the mail you send, ask them to
include the PIN in their reply. But if it bounces, or the message is
included via a ``vacation'' script, it'll be there anyway. So it's
best to ask them to mail back a slight alteration of the PIN, such as
with the characters reversed, one added or subtracted to each digit, etc.
--------------------------------------
HTH.
Hardy Merrill
Mission Critical Linux, Inc.
perldoc -q mail
here is just one of the topics that came up:
---------------------------------------
=head2 How do I check a valid mail address?
You can't, at least, not in real time. Bummer, eh?
Without sending mail to the address and seeing whether there's a human
on the other hand to answer you, you cannot determine whether a mail
address is valid. Even if you apply the mail header standard, you
can have problems, because there are deliverable addresses that aren't
RFC-822 (the mail header standard) compliant, and addresses that aren't
deliverable which are compliant.
Many are tempted to try to eliminate many frequently-invalid
mail addresses with a simple regexp, such as
C</^[\w.-]+\@([\w.-]\.)+\w+$/>. It's a very bad idea. However,
this also throws out many valid ones, and says nothing about
potential deliverability, so is not suggested. Instead, see
,
which actually checks against the full RFC spec (except for nested
comments), looks for addresses you may not wish to accept mail to
(say, Bill Clinton or your postmaster), and then makes sure that the
hostname given can be looked up in the DNS MX records. It's not fast,
but it works for what it tries to do.
Our best advice for verifying a person's mail address is to have them
enter their address twice, just as you normally do to change a password.
This usually weeds out typos. If both versions match, send
mail to that address with a personal message that looks somewhat like:
Dear someuser@host.com,
Please confirm the mail address you gave us Wed May 6 09:38:41
MDT 1998 by replying to this message. Include the string
"Rumpelstiltskin" in that reply, but spelled in reverse; that is,
start with "Nik...". Once this is done, your confirmed address will
be entered into our records.
If you get the message back and they've followed your directions,
you can be reasonably assured that it's real.
A related strategy that's less open to forgery is to give them a PIN
(personal ID number). Record the address and PIN (best that it be a
random one) for later processing. In the mail you send, ask them to
include the PIN in their reply. But if it bounces, or the message is
included via a ``vacation'' script, it'll be there anyway. So it's
best to ask them to mail back a slight alteration of the PIN, such as
with the characters reversed, one added or subtracted to each digit, etc.
--------------------------------------
HTH.
Hardy Merrill
Mission Critical Linux, Inc.
- Status
Similar threads
