What are you using?

code frog 0

http://support.microsoft.com/kb/153119[^] This is pretty much what is going on in a nut shell...

Kent Sharkey

I'm obviously not getting something, but why not simply send out an email with a link to confirm the address (after the regex test)? Alternately, the only additional step that MX verify seems to be doing is something like this[^]

-------------- TTFN - Kent

Ed Poore

A quick solution would be to use the existing zmailer.org script, if you issue a WebRequest to e.g:

http://zmailer.org/cgi-bin/mxverify-cgi?DOMAIN=`{EMAILADDRESS}`&SUBMIT=SUBMIT+KV9.FI+NETWORK

And then parse the result looking for the "Apparently OK" message. It might be worth asking them first just to check they have no problems, explain that it's a temporary stop-gap while you write it properly ;)

M Harris

This regex will verify any RFC 822 email address:) (?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?: (?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\. |(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?= [\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"( ?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \ x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\ [([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t]) *(?:[^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[ \["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])* ))*|(?:[^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|( ?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))* "(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\". \[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\ ]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)? [ \t])*(?:[^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\ Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \x00-\x1F ]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\] \r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^() <>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@ ,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(? :(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\ n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(? :\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[ ^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["() <>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\ r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \x00-\x 1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[ \]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^ ()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()< >@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>( ?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r \n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:( ?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ \t])*(?:(?: (?:[^()<>@,;:\\".\[\] \x00-\x1F]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\ ["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?: (?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \

Gary R Wheeler

:omg:

---

Software Zen: delete this;

Fold With Us![^]

Scott Dorman

It's very difficult to get a single Regex that will properly validate ALL of the possible variations in the RFC. There is a MailAddress[^] class available in .NET 2.0 that does a pretty good job of parsing an email address, but even that misses some of the more complex RFC patterns. The best way to do it is to actually write a tokenizer, but that is a lot of work. Why is full RFC compliance necessary? Generally you only need to validate the "commonly used" formats, which the MailAddress class should do for you.

----------------------------- In just two days, tomorrow will be yesterday.

Mike Dimmick

As a mail admin I'll point out that very few domains will actually handle the SMTP VRFY command, as of course spammers can use it to verify whether their mailing list is accurate. Those that do often implement tarpitting[^] to slow down the spammer. Exchange Server 2003 SP2 supports tarpitting when run on Windows Server 2003 SP1 (I know because I've implemented it). It won't help you for any of my email addresses, for my ISP will accept anything at my demon.co.uk subdomain. However, the MX refuses attempts to VRFY.

Stability. What an interesting concept. -- Chris Maunder

code frog 0

Is it feasable that you could at least verify the domain was real?

Mike Dimmick

Yeah - do a DNS lookup for MX records for the domain. If present, it will accept email. I don't think you can do this with the Windows Sockets DNS APIs, though, you'll probably have to actually send a request to the DNS servers yourself. The IP Helper APIs will tell you what DNS server to use. You might find that source to an open-source version of nslookup is available, or some other library of DNS tools. You could probably screen-scrape the output of that command instead.

Stability. What an interesting concept. -- Chris Maunder

M Harris

The regex i posted does validate every possible variation in the RFC. Hence why it is so very very very long (6.5kb). The regex comes from a perl module which does RFC validation on email addresses, i admit that it does go way way over the top. It also allows you to send an email to say, bob@home - which, while valid your server is probably never going to be able to deliver the mail to. But it will make sure that an email address is completely valid, no more mark.harris@itvision.com.au not being a valid email address, as so many websites say.

-- Real programmers don't comment their code. It was hard to write, it should be hard to understand.