> "Steve Werby" <[EMAIL PROTECTED]> writes:
> > Like Tom said, use regex to check the email is of a valid format. A
small
> > percentage of servers can be contacted to find whether an email address
is
> > valid, but fewer and fewer are allowing this so it's completely
unreliable.
"Arcady Genkin" <[EMAIL PROTECTED]> wrote:
> There's a nifty little open source program called `vrfy' which does
> nice things about email veryfication. Finding it is left as an
It is a cool tool, but like I said in my email most servers won't allow you
to test email address validity. It's possible using the command VRFY or the
even more dangerous EXPN to determine whether an email address is valid or
in the case of EXPN to expand an alias to return a list of all recipients.
It's a good idea to disable these commands on the server so spammers can't
easily determine valid email addresses, malicious folks can't get a list of
all of your employee email addresses and hackers can't determine valid
usernames to attack the server with. FYI, in sendmail both commands can be
disabled by making sure PrivacyOptions is set as follows:
PrivacyOptions=noexpn novrfy
Or you can set them to the following which goes a little further:
PrivacyOptions=goaway
So unfortunately vrfy will only be useful when checking servers that haven't
disabled that command. :-(
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
