Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to check if an email address is real or valid using PHP

I found some websites that claim to verify if email addresses are valid. Is it possible to check if an email address is valid using just PHP?

<?php     if($_POST['email'] != ''){         // The email to validate         $email = $_POST['email'];          // An optional sender         function domain_exists($email, $record = 'MX'){             list($user, $domain) = explode('@', $email);             return checkdnsrr($domain, $record);         }         if(domain_exists($email)) {             echo('This MX records exists; I will accept this email as valid.');         }         else {             echo('No MX record exists;  Invalid email.');         }     } ?> <form method="POST">     <input type="text" name="email">     <input type="submit" value="submit"> </form> 

This is what I have right now. It checks if the domain exist, but it cannot check if the user's email exist on that domain. Is it possible to do that using PHP?

like image 882
telexper Avatar asked Oct 09 '13 02:10

telexper


People also ask

How can I check if an email address is valid in PHP?

You can perform a PHP validation email by using the filter_var() function and passing the given email and filter id “FILTER_VALIDATE_EMAIL” as arguments. The stated filter id will check if the format of the email is correct according to the syntax in RFC 822.

Which are the two different ways to validate email addresses in PHP?

Explanation: In the above example, passing the input email address to the predefined function filter_var(), which takes two parameters as input email and second is type of email filter. This function filters the email and returns true or false. Method 3: Email validation using FILTER_SANITIZE_EMAIL filter.


2 Answers

You should check with SMTP.

That means you have to connect to that email's SMTP server.

After connecting to the SMTP server you should send these commands:

HELO somehostname.com MAIL FROM: <[email protected]> RCPT TO: <[email protected]> 

If you get "<[email protected]> Relay access denied" that means this email is Invalid.

There is a simple PHP class. You can use it:

http://www.phpclasses.org/package/6650-PHP-Check-if-an-e-mail-is-valid-using-SMTP.html

like image 181
Mohsen Alizadeh Avatar answered Sep 25 '22 06:09

Mohsen Alizadeh


You can't verify (with enough accuracy to rely on) if an email actually exists using just a single PHP method. You can send an email to that account, but even that alone won't verify the account exists (see below). You can, at least, verify it's at least formatted like one

if(filter_var($email, FILTER_VALIDATE_EMAIL)) {     //Email is valid } 

You can add another check if you want. Parse the domain out and then run checkdnsrr

if(checkdnsrr($domain)) {      // Domain at least has an MX record, necessary to receive email } 

Many people get to this point and are still unconvinced there's not some hidden method out there. Here are some notes for you to consider if you're bound and determined to validate email:

  1. Spammers also know the "connection trick" (where you start to send an email and rely on the server to bounce back at that point). One of the other answers links to this library which has this caveat

    Some mail servers will silently reject the test message, to prevent spammers from checking against their users' emails and filter the valid emails, so this function might not work properly with all mail servers.

    In other words, if there's an invalid address you might not get an invalid address response. In fact, virtually all mail servers come with an option to accept all incoming mail (here's how to do it with Postfix). The answer linking to the validation library neglects to mention that caveat.

  2. Spam blacklists. They blacklist by IP address and if your server is constantly doing verification connections you run the risk of winding up on Spamhaus or another block list. If you get blacklisted, what good does it do you to validate the email address?

  3. If it's really that important to verify an email address, the accepted way is to force the user to respond to an email. Send them a full email with a link they have to click to be verified. It's not spammy, and you're guaranteed that any responses have a valid address.

like image 35
Machavity Avatar answered Sep 21 '22 06:09

Machavity