* on the Mon, Oct 13, 2014 at 11:51:04AM +0200, li...@rhsoft.net wrote: >> Is there any way of asking Postfix if it thinks it is capable of >> delivering a message to a particular email address, in real time? >> >> With Exim installed, I could just do a >> "sendmail -bv some.addr...@example.com" and check the exit code. >> With Postfix installed, the exit code is always 0 and the result >> of the lookup is emailed to me instead. >> >> This functionality is very useful for doing "real time" email >> address validation when email addresses are posted from web forms > > you should avoid that for two reasons: > > * automated form submits may lead in blacklisting because > it results in a delivery attempt behind the scenes > http://www.postfix.org/ADDRESS_VERIFICATION_README.html
Address verification is always a guess. You're assuming that by address
verification I'm talking about actually connecting to the remote SMTP
server and sending "RCPT TO". I'm not talking about that, I'm talking
about asking Postfix if the syntax of the address is valid and if the
DNS is set up suitably to be able to potentially be able to deliver
the message. I.e, are there valid MX records etc. That is how Exim
does it at least.
> * if your webserver is able to execute shell commands
> the setup is highly questionable
I don't agree. Executing the following Perl from a CGI script is
completely safe:
my $valid = eval {
open(my $output, '-|', '/usr/sbin/sendmail', '-bv', $email_address);
close $output;
return $? == 0 ? 1 : 0;
};
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
