Does anyone check the domain of an email address as part of their verification steps? eg. Confirm that gmail.com exists if the user specified [email protected] as their address.
I should note that in my webapp an existing user can forward invites to their friends. I have no need to verify those invites at all. Rather, I just want to warn my user if a typo etc. may be sending an invite to the wrong person. Is this even worthwhile to do?
You could do a dns lookup on the mx record. Here's an example at Code Project:
http://www.codeproject.com/KB/IP/dnslookupdotnet.aspx
That should answer your question as asked, but as a side note I agree with @Franci that the old standby of sending a verification message is better. If someone's done everything else right to fool your validation, you're really not buying much in also checking the domain.
I usually let whatever mail component I use take care of domain validation. If it gives an error you can handle it in code, and decide if you want to show it to the user or not.
The websites that need to validate the user email address usually send an email to that address with a validation link. Checking the domain for the email does not buy you much, since people usually give fake emails on an existing web email provider (usually @gmail.com, @yahoo.com or @hotmail.com)
If you want to still validate the domain, you should do a DNS check for an MX record for that domain, instead of just checking if the domain is registered.
Update: Note that the domain part of an email can actually be an IP address (even though this form is strongly discouraged). In this case, you can't verify reliably if there is an SMTP server at that address, unless you actually attempt to connect to it over SMTP. Which is essentially the same as sending an email.
It's definitely possible to check if the domain is a valid mail server. Give these instructions a try.
You could execute this command in the console
nslookup -q=mx gmail.com
and parse the output for rows containing MX after the hostname
gmail.com MX preference = 40, mail exchanger = alt4.gmail-smtp-in.l.google.com
gmail.com MX preference = 20, mail exchanger = alt2.gmail-smtp-in.l.google.com
gmail.com MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com
gmail.com MX preference = 30, mail exchanger = alt3.gmail-smtp-in.l.google.com
gmail.com MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com
But I wouln't recommend this kind of check in the first place. If a user doesn't want to give you his e-mail address he will always find a way to trick you. The only think you can do is send an email with a verification link.