tags:

views:

674

answers:

7
+2  Q: 

Validating Email Address Component or Service - .NET

We are looking to improve our marketing email list by preventing fake emails from entering in the first place. We want to confirm that an email address exists (and that there is actually a mailbox for that email address).

Does anyone know of any services or components to validate an email address?

A: 

Hi Jeff, the following regular expression is an example of how you could validate an email address is in the correct general format:

(\w+@[a-zA-Z_]+?\.[a-zA-Z]{2,6})

For security reasons, very few email servers provide a function to remotely validate whether or not a mailbox exists, so it is very unlikely a service could provide this information with any reliability.

Hope this helps!

Adam

Adam Alexander  2008-11-12 20:26:43
This just validates that a string conforms to a particular format. But he asked how to confirm that a mailbox for an email address exists.
Eoin Campbell  2008-11-12 20:29:06
Hi Adam, This is the top level validation that we are already doing. We want to take it to the next level and validate that the domain exists and then that there is actually a mailbox by the name specified on the mail server.
Jeff Widmer  2008-11-12 20:32:28
I just thought I'd throw that regex in there in case you weren't already doing something similar. In response to your second question "Does anyone know of any services or components to validate an email address" I stand by my answer that a service or component can't very reliably give you that
Adam Alexander  2008-11-12 20:36:12
Domain you can do - just look up whether there's an MX record for that domain. Mailbox you can't (generally) without sending another email. See my answer.
Paul  2008-11-12 20:36:17
Sure, but the MX record could be pointing to an invalid hostname or IP. If it exists, port 25 may be closed but even if port 25 is open the server may not be configured to accept outside email. This question can be answered at many levels and I am not sure why my suggestions merited a down vote.
Adam Alexander  2008-11-12 20:41:20
You both went further and provided a procedure, when the question asked for a service or component. Nothing wrong with that, I upvoted you both. I was going for a more direct answer to his question which I believe was a reasonable answer also. I apologize if anyone feels this didn't add anything.
Adam Alexander  2008-11-12 20:50:28
Besides, that regex is so weak, there are plenty of invalid email addresses that would incorrectly pass...
Ricardo Villamil  2008-11-12 21:16:32
Yes, I believe my statement "an example of how you could validate an email address is in the correct general format" did not leave the impression the example was meant to be a complete and bulletproof solution. The inability to completely solve this was a big part of the point I was trying to make.
Adam Alexander  2008-11-12 21:26:50
+3  A: 

It would be quite trivial to do this yourself.

  1. Create a webform where the user can type in their email address. You could protect it with a captcha to prevent bots from hitting it.

  2. On submission, save the email address to a database along with a GUID, DateTime timestamp and IsActivated bit. The GUID uniquely identifies this subscription. The timestamp states an expiry time that the email address must be confirmed by.

  3. Send an email to the email address with a URL in it like.

    http://www.example.com/validate.aspx?g=GUID-GOES-HERE

  4. If user receives the email in their inbox & clicks the validation link before the timestamp for that GUID/Email expires, then you activate their account.

  5. At regular intervals you could have a job remove rows from the table that have never been activated where the activation window has expired.

Eoin Campbell  2008-11-12 20:27:45
Hi Eoin, This is a great idea but would add too much development time to our current order processing engine and change email address page. We don't want to have to change how customers sign up for our products but just hook into the current checkout and change email address pages.
Jeff Widmer  2008-11-12 21:14:56
+3  A: 

You can't really validate an email address without sending a message to it, and perhaps not even then (you may or may not get an error response or error message).

And if you're sending an email to validate it, you're probably going to irritate your recipients, unless you add value in that email.

The normal way of doing this is to send an email to the address you're given, which contains a unique link which when the user visits it, confirms that the user had received the email and (presumably) really wants your email in future. Was this what you meant, or did you really want to validate the message without sending an email to the user?

If it is, there are any number of list managers that can do this (for instance, Gnu mailman). Searching for "email list managers" shows up many more, including firms that will manage the list for you.

Paul  2008-11-12 20:29:55
A: 

There are several levels of email validation and I've got source to do them all. However, I despise your line of business and would never share them with you...

Just to clarify - I don't despise you, Jeff... Just your line of business.

mson  2008-11-12 20:33:10
Hi mson,Not sure i understand your answer or why you would despise my line of business... we just want to make sure we have a clean list of email addresses when people order our product.
Jeff Widmer  2008-11-12 20:35:50
mson: would you add more explanation - this answer can easily be accepted as offensive.
Sunny  2008-11-12 20:37:25
Not entirely sure it was a helpful response to the question to let us know your opinion on the poster's business.
Paul  2008-11-12 20:38:15
+1  A: 

Here is an article on what we want to do: http://www.coveryourasp.com/ValidateEmail.asp

We want to do DNS Validation and SMTP Validation. We already have Simple Validation in place.

Jeff Widmer  2008-11-12 20:51:57
You may validate for a valid domain, but you can't validate for an existence and status of an account/inbox without sending a message and getting a response back via a unique URL click from the email.
Kon  2008-11-12 20:55:47
Good link with several options
Adam Alexander  2008-11-12 20:55:50
If you use simple validation as described in that article, you're actually denying a great many valid email addresses. The valid email syntax is surprisingly complex, so the best validation technique really is to try to send an email.
Greg D  2008-11-12 20:56:30
My completely valid personal email address "fails" the SMTP check on that page.
Paul  2008-11-12 20:57:07
Hi Paul, Does you personal email address pass this components test: http://www.aspnetmx.com/demo.aspx.
Jeff Widmer  2008-11-12 21:12:28
A: 

I found these two components:

We most likely will be going with one of them. Probably go with aspNetMx from Advanced Intellect (at least that is where I am leaning right now). The sample test on http://www.aspnetmx.com/demo.aspx worked for my email addresses (valid and not valid).

And will probably just go with DNS Validation and not SMTP validation since a couple comments have indicated that SMTP validation is not 100% accurate and also the amount of delay that occurs with SMTP validation.

-Jeff

Jeff Widmer  2008-11-12 21:11:35
A: 
 2010-05-08 22:27:16

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?