views:

84

answers:

3

I'm working on a project which requires me to know with extremely high probability the availability of an e-mail account on a mail server (let's use Hotmail in this example.) I know that the VRFY command is often ignored (Hotmail says "I'll take a message" or something of the like when I try it,) so I'd like to know the best way to go about this. I've read that the following should be fairly accurate, but Hotmail gives me a pain about it:

EHLO hotmail.com
MAIL FROM:<[email protected]>
(Hotmail gives me the below error here)
RCPT TO:<[email protected]>

The error Hotmail gives me is:

550 SC-001 Mail rejected by Windows Live Hotmail for policy reasons. Reasons for rejection may be related to content with spam-like characteristics or IP/domain reputation problems. If you are not an email/network admin please contact your E-mail/Internet Service Provider for help. Email/network admins, please visit http://postmaster.live.com for email delivery information and support
Connection closed by foreign host.
[root@iago ~]# 

This isn't just a Hotmail problem; similar things have happened when I try it with other e-mail hosts.

On a side note, oh how I wish the finger protocol was still widely used...

+2  A: 

This whole approach is doomed to fail, for reasons which are probably obvious to you.

If, instead, you describe the problem this is trying to solve, I'm sure you'll get useful answers.

Edit

Just guessing here...you say they're not unsolicited, but it's a bad thing if they go into the bit bucket.

Therefore, either [1] it's costing you something to generate the content and/or send it out (are you sending huge files?) [2] if users give you bad email addresses and don't get what they asked for something very bad will happen (++angry users?).

Both scenarios are addressed by using a "confirmation email" process. When somebody gives you their email, send them a confirmation link, and tell them to expect it. If they don't get the email, they know something's wrong and the burden is on them. If they do get it, clicking on the enclosed link "proves" the address is good, at least for now.

egrunin
The problem is very simple: I want to accurately determine if an e-mail address is not only valid, but existent, without sending an e-mail.
Jason B
@Jason: *Why* do you want to do this? What are you going to do with this knowledge? Why can't you send an email in order to determine this?
Anon.
@Anon: I'll just preface this by saying that it's perfectly legal, etc. The project is something that hasn't been done before, so I can't really talk about it, but accurate e-mail validation is a must-have.
Jason B
But you can't have accurate email validation as you could never have 100% success from this method.
Well, doing a Regex won't cut it, so I suppose any additional help from this or any other similar method would help.
Jason B
@Jason - Hopefully it's a tool to help companies weed out expired/invalid email addresses from their mailing lists.
Gert G
+1  A: 

You can thank the spammers for the disabled VRFYs. What you could do is to do the mailout and weed out the email addresses for the emails that bounces back.

Edit: You can do the first weed out by buying the service from Verify Email address. I do suggest that you allow for the people to opt-out on future correspondence.

Gert G
If I do this on too wide of a basis, though, I'm gonna get blacklisted, and I don't know if I'm going to have the capital to rotate IPs and the like.
Jason B
@Jason: The way you're talking about this, it almost sounds as though you *are* planning a spam campaign.
Anon.
@Anon: I can assure you that I'm not. I get more than enough Viagra advertisements myself =P
Jason B
@Jason: You have a project, that wants to get access to a large number of existant email addresses, on a large enough scale that you're worried about being blacklisted, and you don't want to tell us what it is, yet you expect us to trust you when you say it's not sending spam?
Anon.
@Anon: If I wanted to run a spam campaign, I could just load all of the addresses into a mailing system and let it filter the bounces.
Jason B
@Jason: So why is this not an option for your actual project?
Anon.
@Jason - See my edit above.
Gert G
@Anon - He might have a valid reason of not wanting to have his email server blacklisted.
Gert G
@Anon: (this seems to be two-sided; do we really need to preface comments?) E-mailing people and filtering the bounces runs the risk of a spam filter not picking it up. I'd rather not have people complaining that they're getting "ping e-mails" or "spam" when it's not needed.
Jason B
@Jason: It seems silly, but without the preface, you don't get the handy-dandy notification that someone's replied :). At this point, I'm really curious as to why you need to ensure your list only contains valid emails, without ever sending anything to confirm that. The obvious thing I could think of is send them an email when they sign up and require them to opt-in, which will ensure their email is initially valid. The number of actually discontinued email addresses is sufficiently small that this should give you reasonable odds that it's still valid.
Anon.
@Gert: That got me thinking about other ways to solve the problem, and I think I got it. Once/if it's working, I'll post it here as the answer (if a better one doesn't exist) and credit you, too. Thanks!
Jason B
@Jason - An upvote for helping you get on track would have been nice. ;)
Gert G
@Gert: I'm sorry, I went information-crazy and started pounding out code. :P
Jason B
@Jason - Thanks. Good luck with the coding.
Gert G
A: 

Putting aside the question of why you want this, do you realize that such knowledge is practically useless? That an e-mail address exists guarantees absolutely nothing.

casablanca
I'm very well aware that it guarantees nothing, but it guarantees more than compliance with an RFC for e-mail address structure does.
Jason B