email address validation

Hey guys...

  Can anyone tell me if you might know of a mod or way to check for a "valid" email address during the join process?

If you speak about if the email really exits then you can query the mail servers via php if the address exists or not. That's what I am doing. Something similar what I wrote for myself is here

https://code.google.com/p/php-smtp-email-validation/

Services like this do the same

http://tools.email-checker.com

Thank you Dately, Yes, that sounds like what I need. 

Problem with that is a lot of SMTP servers now accept the request even if the email address does not actually exist. Search google on validating email. This is because the method is used too frequently by both websites and spammers. So most of those requests now get ignored and returned as ok to reduce load on the servers. Look this up using google. You will see many people have mentioned this.

Also many spammers actually use real throw away email addresses to get around that problem. Though my tests when developing my filters i found this to be ineffective. Out of hundreds of spam signups on my test sites per day, only a small few would bounce back the welcome email.

In short, it does not work, or has very little effect.

So they give false positives now if the mail account doesn't exist? That looks to me these email providers not follow the RFC anymore. I already mentioned before in another thread they might block a site just checking for mail addresses by this method because they not send any email if used to oftwn, but if they now even give false positives that's crazy. I am not at my PC right now but tomorrow I will post my code here. Yet I had no non-working email, which often occured when trying to send mass emails through dolphin. So I was sure it still works.

Beside spammers setting up their own mail servers (cannot be so many or?) do u have a known provider I can test with?

Blocking sometimes yes. Which i forgot to mention i think it's also risky to use this method as it might get you on block lists.

Anyhow, yea, many are just accepting them without actually validating the address exists. There is another reason for this as well. Some run mail relays for their entire network and the account may not exist on that server, so cannot be verified at that point. But yes, the ones that are just accepting without verifying could be considered a false positive.

You can test with any smtp server. Sent it a completely bogus address that should fail and see how many accept it. I ran into a couple several months back. I do not remember them. There are not that many, but the problem is still there and others have run into it as well which is the reason i see posts on it when doing google searches.

The risk of getting banned for using that method is not a risk i am willing to take. I can't believe i forgot to mention it in my last post. It's one of the reasons it's not in my product. I can't put a feature like that in a commercial product if that may be the result.

Anyhow. As i mentioned. It's the number of spammers using real addresses that makes it unworth it for the most part. It just does not stop enough spammers.

Someone once had a "Live Join" mod in the market, but I don't see it any more.  If I remember it correctly, it used an ajax "email validaton" where it would send a code to the email address, and you had enter the received code on the join form, or else you could not submit the form.

 
That is a nice way to validate, and because an actual email is getting sent would not result in a ban. However it also seems like a pain in the keister for those joining the site.

 Its like pre-email validation instead of after join email validation. I like the idea :D

No, not hallucinating.  I did a search out on the net to see if something would show up and I found someone listing modules about a possible conflict and they listed Live Join version 1.0.4 by harvest-media.com

The more I think about it, the more I'm leaning toward hallucination.  While I am 100% certain there have been live form field validation mods for the join form, those mods may not have included live email confirmation. I may have been thinking of a vBulletin mod for live email confirmation that I've used.

I just checked my code and must revoke my statement that i use this method for join authentication. Because of fears my server would get banned i never added it to the join process, instead i use dolphins join authentication for new users.

As Deano already explained there is no real protection against fake email addresses. I currently block most trash-mail providers to make it even harder for them. But i still use this method if a new user is a referral of another user upon join. I check if the invitor not just want to earn points on my site by adding new users referring to him.

To get rid of the fears that they will block my site after a while by just querying their mail servers i moved the check to a script on another domain that i call from my site. The script is based on the below solution and it works pretty well. If it fails for any reasons (see Deano's responses) it doesnt harm my site because it only controls if a user can earn points for a referral or not.

http://www.php.net/manual/it/function.getmxrr.php#64117

I cannot recommend it for the join process because it takes a while until the server query finishes and it does't help much against spammers using trash-accounts etc. there is no real protection against fake accounts in my opinion

No there is not!!
But i use the activate account and complete join by email that is send to the emailaddress they have given.
So in other words... as long as they don't complete the registration proces the account is blocked and can't login!!

 There is this module for live form field validation for the join form (Advanced AJAX join page), not sure if it included live email confirmation or just checked whether an email address was already used. http://www.boonex.com/m/Advanced_AJAX_join_page