[EMAIL PROTECTED] resolves by every test, even vrfy recpient checks appear return the standard results from a locked down mail server.
Email: [EMAIL PROTECTED] User: b.gates Domain: microsoft.com MX 10 = mailb.microsoft.com [131.107.3.123] <- 220 inet-imc-03.redmond.corp.microsoft.com Microsoft.com ESMTP Server Tue, 21 Jan 2003 18:10:05 -0800 -> HELO localhost <- 250 inet-imc-03.redmond.corp.microsoft.com Hello [127.0.0.1] -> MAIL FROM:<[EMAIL PROTECTED]> <- 250 2.1.0 [EMAIL PROTECTED] OK -> VRFY b.gates <- 252 2.1.5 Cannot VRFY user, but will take message for <[EMAIL PROTECTED]> -> VRFY <[EMAIL PROTECTED]> <- 252 2.1.5 Cannot VRFY user, but will take message for <[EMAIL PROTECTED]> -> RCPT TO:<[EMAIL PROTECTED]> <- 250 2.1.5 [EMAIL PROTECTED] -> RSET <- 250 2.0.0 Resetting -> QUIT <- 221 2.0.0 inet-imc-03.redmond.corp.microsoft.com Service closing transmission channel Any server side testing of an email adress is imho pointless. Email a password for general but b.gates@microsoft ain't my address. and IU'd probably be willing to put money on the fact that any address translating however approximately to bubba gates at a microsoft domain isn't checked except once every six months for new funny hate mail to foward around the office. I also have a couple of addresses that would violate most extremely retentive verification. I've got a couple of blahlah.blahblah.com email addresses. And one blahblah.blahblah.blahblah.com not to mention the .com.au style addresses. I've also got one that I use fairly regularly as an anti spam defence with 40 or 50 characters before the @ and very few of my mail addressess can be pinged, vrfy'd or otherwise existence checked. Spammers have to work to qualify my addresses ;> I generally either email passwords to my users if I need to verify the address, or treat any adress recieved as suspect and probably invalid. <[EMAIL PROTECTED]> wrote in message news:22138@cfaussie... > > Yes I beleive you are right, in most cases it will be the best solution to send an email with the password. Actually my initial discussion was not based on checking if the email exists or not, but it became a topic. I just wanted to correct myself. > > PS. If you would do it via telnet it would be better to do it the following way; > telnet to host on port 25 > HELO [domain name] > MAIL FROM [email address] > > Which would return > 220 www.safe-mail.net ESMTP Exim 3.22 #1 Tue, 21 Jan 2003 18:40:39 -0500 > 250 www.safe-mail.net Hello host [x.x.x.x] > MAIL FROM: [EMAIL PROTECTED] > 250 <[EMAIL PROTECTED]> is syntactically correct > > > > Yes, and you can use nslookup or similar to find the MX record for the > > domain (which is a special type of DNS record listing the mail servers for > > a domain). Then you could telnet to each listed mail server. But I think > > that if something goes wrong and you get complaints from your users, you > > would have a rather tough time figuring out where your verification > > procedure went wrong. > > > > The method of emailing people a random password or token and requiring them > > to enter it is IMHO a much safer way of verifying not only the validity of > > an email address, but that the person signing up actually has access to it. > > > > Also the 'resolve host and then telnet' approach feels a bit like shooting > > mozzies with anti-aircraft artillery... > > > > Viktor Radnai > > Web Developer, National E-Commerce, Ernst & Young > > Direct: +61 2 9248 4361 > > > > > > > > > > "Taco Fleur" > > <[EMAIL PROTECTED]> To: "CFAussie Mailing List" <[EMAIL PROTECTED]> > > Sent by: cc: > > [EMAIL PROTECTED] Subject: [cfaussie] RE: RegEx for email checking > > mon.com.au > > > > 22/01/2003 10:19 AM > > Please respond to "CFAussie > > Mailing List" > > > > > > > > > > > > I just wanted to comment on my own message, regarding the checking of > > email for existence.. > > > > I just remembered that it is possible to perform a session via telnet to > > the mailserver checking if it will accept any messages to the email in > > question. > > > > > > --- > > You are currently subscribed to cfaussie as: > > [EMAIL PROTECTED] > > To unsubscribe send a blank email to > > [EMAIL PROTECTED] > > > > MX Downunder AsiaPac DevCon - http://mxdu.com/ > > > > > > > > > > -------------------- > > NOTICE - This communication contains information which is confidential and > > the copyright of Ernst & Young or a third party. > > > > If you are not the intended recipient of this communication please delete > > and destroy all copies and telephone Ernst & Young on 1800 655 717 > > immediately. If you are the intended recipient of this communication you > > should not copy, disclose or distribute this communication without the > > authority of Ernst & Young. > > > > Any views expressed in this Communication are those of the individual > > sender, except where the sender specifically states them to be the views of > > Ernst & Young. > > > > Except as required at law, Ernst & Young does not represent, warrant and/or > > guarantee that the integrity of this communication has been maintained nor > > that the communication is free of errors, virus, interception or > > interference. > > > > Liability limited by the Accountants Scheme, approved under the > > Professional Standards Act 1994 (NSW) > > -------------------- > > --- You are currently subscribed to cfaussie as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] MX Downunder AsiaPac DevCon - http://mxdu.com/
