Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I noticed that most scripts for e-mail validation do not use DNS information to ensure the given domain actually exists.
What are the reasons why one might not use DNS checks?
Does it actually reduce the number of fake e-mails or make a form more usable?
Example snippet:
$host = explode('@', $email);
if(checkdnsrr($host[1].'.', 'MX') ) return true;
if(checkdnsrr($host[1].'.', 'A') ) return true;
if(checkdnsrr($host[1].'.', 'CNAME') ) return true;
Most sites, especially ones that retain login information, send confirmation emails after you sign up. This not only confirms the email address is valid but also confirms that the email address belongs to the submitter. Having a DNS lookup would be redundant unless you wanted to tip off the user that they misspelled their email address.
And if I wanted to put in a fake email address, aaa@aaa.com (AAA, the auto club) and somebody@example.com (from RFC 2606) would both pass. I don’t think a DNS lookup would catch as many fake addresses as you think.