Results 1 to 2 of 2
  1. #1
    Join Date
    Dec 2002
    Location
    Australia
    Posts
    1

    Question Unanswered: e-mail syntax check - smtp

    Hi,

    I'm a newbie and have a problem with a surfer who is getting his giggles from submitting invalid e-mail addy's to my email form. Once the email is submitted the surfer is taken to a d/l page. The d/l page is written in php, so even though you can bookmark the d/l page, if you return without submitting an email addy, it returns an error. So one must gain access via the e-mail form page.

    Problem is this joker is taking up to 10 - 15 d/l of the file each day ( 260KB) work that out over a month & it turns into a major pain in the butt.

    To stop this I have tried detering this surfer with a echo of his IP addy
    on the d/l page & have given notice of this action under the e-mail
    form, however after a few days, its started again.

    Is there any way I can incorporate an e-mail syntax check - via the submitted domain's smtp mailserver, to see if this is a valid email addy?
    emails being submitted are like : wdgwndge@verio.net & so on.

    I have searched high & low,although I have found a couple for ASP have been unable to find for php. Any assistance on this is greatly appreciated, thank you


    // define some settings
    $to = "xxxxx@xxxxx.com" ;
    $from = "xxxxx@xxxxx.com";


    // make sure everything is filled in
    if (!strlen($_POST["email"]))
    die("You did not enter your e-mail!");


    // construct the body
    $body = "Name: $_POST[email]\n\n ";

    // send the email
    mail($to, $_POST["subject"], $body, "From: $to");

  2. #2
    Join Date
    Dec 2002
    Posts
    65

    Some input...

    Sorry but I don't know if what you're asking for is possible. I could see some potential problems with trying to generate a spam list with a utility that just does a brute force search for email addresses.

    Some things you may want to try:
    -If the user has a static IP you may want to block check the IP, of course this is pretty easy to get around depending on how sophisticated he/she is.

    -Have you tried contacting his/her ISP, maybe if you complain enough you can get them to warn or even remove service for this guy.

    -Incorporate some type of email authentication scheme where a unique ID/email pair is created when someone signs up which is sent to the email and before downloading this must be confirmed by following a link, entering it in a form, etc.

    Hope some of this helps.
    -b

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •