[Please don't top-post above the text you're replying to.] "bruce" <[EMAIL PROTECTED]> writes: > if you were creating a web app with an email form... rather than try > to check if the email is valid...
Where did I advise not checking? I advised the only kind of check that actually works. > you'd create something to allow anyone to potentially spam the hell > out of a system... If the system allows anyone to register email addresses rapidly and continually send emails, *that's* what needs to be fixed. > my two cents worth... try to verify/validate that the email is > valid, and possibly belongs to the user... I hope you're not seriously suggesting that any kind of "validation" of the text of an email address, without any attempt to use that email address, can give any information about whether that email address "belongs" to the user of a web application. There are basic checks that can be done to say "no, this is not an email address"; for instance, if there's no '@' symbol at all, it doesn't meet RFC 2821's definition of an email address. But if one reads that specification, it's astoundingly liberal on what *is* permitted in an email address; any attempt to throw out strings of characters as "not an email address" is either doomed to discard many perfectly valid email addresses, or to be hideously complex and prone to failure. My understanding of the "validation" that was being discussed was that it was not "does this email address belong to a particular person?", but rather "if I attempt to use this string of characters as an email address, can I expect messages to be delivered?" The former is flatly impossible by an examination of the email address. The latter is seductive, but also practically impossible short of actually sending a message. -- \ "About four years ago, I was -- no, it was yesterday." -- | `\ Steven Wright | _o__) | Ben Finney -- http://mail.python.org/mailman/listinfo/python-list
