h a l f b a k e r yi v n i n seeks n e t o
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
Don't you hate it when you attach a large file to an email
and
waste time sending it only to find that your intended
recipient has changed their email address {or you
mis-typed) and you have to
repeat the process?
Why can't an email program like Eudora or Outlook "ping"
the
account
before wasting the ISP's space and your time just
to
verify that the address you're using is valid?
Sounds like a nice patch that could be sold as a download.
SMTP protocol - RFC 821
http://www.ietf.org/rfc/rfc0821.txt Read this to learn how the SMTP protocol works. [danielsf, Oct 04 2004]
SMTP Email Address Validation
http://coveryourasp.com/ValidateEmail.asp Complete with source code. [DrCurry, Oct 04 2004]
[link]
|
|
If there were a quick and easy way to do this, it would certainly be abused by spammers, unfortunately. |
|
|
That's okay. Let them have at it. It's no bother to anyone
as the spam would have gone through anyway. |
|
|
Both Eudora and Outlook remember email addresses and have address books, meaning that you are only likely to mispell the address on the first message. You're not protected against people changing their addresses, but slinging out a ping message every time you send an email is a sledgehammer to crack a nut. |
|
|
To keep my email list current, I routinely send out mass emails from one of my vanity sites to everyone in my address book. |
|
|
> If there were a quick and easy
way... |
|
|
There *is* a quick and easy way to
do this. Follow me. Open Telnet on
your computer (Open a
"Command' or "Terminal" window
and type "Telnet" |
|
|
Type:
o gateway-r.comcast.net 25 |
|
|
When connected, you'll have a
conversation like this (the lines
beginning with numbers are the
server's responses): |
|
|
220 comcast.net - Maillennium
ESMTP/MULTIBOX rwcrgxc51 #50 |
|
|
helo danserver.starseven.net |
|
|
mail
from:anyaddress123@starseven.ne
t |
|
|
rcpt to:validaddress@comcast.net |
|
|
rcpt
to:invalidaddress@comcast.net |
|
|
551 not our customer
____________________
How this works: |
|
|
1. You look up the MX record for
the domain in the e-mail address
(here it's gateway-r.comcast.net
for @comcast.net), with nslookup. |
|
|
2. You connect to the server given,
on port 25 (SMTP). |
|
|
3. Say HELO followed by a domain
(most any domain will do) |
|
|
4. Say MAIL
FROM:address@address.com
(doesn't matter since we're not
really going to send a message) |
|
|
5. Say RCPT
TO:address@inquestion.com |
|
|
If the address is valid (i.e. there is
a mailbox on that server for said
address), the server will say "250
ok"
If not, then it will say "551..."
It will also say 551 if you have the
wrong server (for example if you
said joe@aol.com to comcast's
SMTP-in server). |
|
|
6. Close the connection and report
the results to the user. |
|
|
Of course, this is too time-
consuming to do _manually_ for
each message. But you could write
and debug a program in 10
minutes that would do that task in
under a second. |
|
|
If this was useful to spammers,
they would surely have already
implemented it, but why should
they care if some address is valid
or not? Do you think they put real
return addresses on their
messages? It's not like they care if
they bounce. Any time spent
validating addresses is time better
spent spamming more. |
|
|
In conclusion, this would be a very
simple program extension (or even
a quick little standalone applet). |
|
|
How does it do that before the email is sent kreuner? |
|
|
I can only get it to inform me if the sending failed (i.e. hotmail tried to deliver the message, but the recipient didn't exist) not do it before the message is sent. Are you sure this is baked kreuner? |
|
|
The problem is, most wrong addresses do belong to someone. Like telephone numbers. |
|
|
//some SMTP servers may not give you a straight answer about the validity of your RCPT TO: arguments to thwart attempts at harvesting (the more direct VRFY command is often disabled for the same reasons)//
I would say any correctly configured SMTP server would behave that way. I used to work for a major security vendor, and having the VRFY command enabled on your server was considered a vulnerability of your site. (Lets hackers find out account names, so they can then try to break into them). Likewise on returning useful error codes on RCPT TO. |
|
|
See link for Asp code for this type of email checking. As noted in the article, this only checks for bounced mail. |
|
| |