The Design of Software (CLOSED)

A public forum for discussing the design of software, from the user interface to the code architecture. Now closed.

The "Design of Software" discussion group has been merged with the main Joel on Software discussion group.

The archives will remain online indefinitely.

Why is real time email validation non existent?

There seem to be several components out there that do real time email validation of email addresses. They obviously use regular expressions but also claim to contact the SMTP servers to validate an email without sending a test message.

Just as an example:
http://www.strikeiron.com/ProductPricingDetail.aspx?p=179

How come no website I've ever registered for uses anything other than simple regular expressions? What's the catch here? Why don't more websites and applications simply contact the SMTP server for the domain instead of going through the process of sending you a vertification email and then asking you to click a link?
Praveen Angyan Send private email
Thursday, June 07, 2007
 
 
>> Why don't more websites and applications simply contact the SMTP server for the domain instead of going through the process of sending you a vertification email and then asking you to click a link?

They need to verify not only that the email address is valid, but also that the person claiming to own the addresss actually does so. Without that check, I could sign up any valid address (belonging, say, to someone else) to a mailing list.
Spider Send private email
Thursday, June 07, 2007
 
 
I agree with Spider. Validating through the SMTP server is helpful, but not sufficient. Just because somebody mistypes their e-mail address doesn't mean that what they typed is an invalid address. Happens all the time, especially in situations where someone's recently set up the account.

One could probably also make a case that in situations where the user's SMTP server is temporarily unavailable, it's better to have the message be queued by a smarthost for eventual delivery. I think you could argue that one either way.
clcr
Thursday, June 07, 2007
 
 
You must also realize that email validation is not the same as user validation.

Sending an email to verify that the user using the email is actually giving permission to use it is a fraud validation procedure on top of an email verification.
jane Send private email
Thursday, June 07, 2007
 
 
>> Why don't more websites and applications simply contact the SMTP server for the domain instead of going through the process of sending you a vertification email and then asking you to click a link?

Not all SMTP servers will respond with the message "this email address is valid" as that *used* to be used by spammers to determine valid email addresses by trial and error. As a result, most SMTP servers are configured to route those messages to /dev/null or to return a failure. Also, sending such requests can be used as a denial of service especially when trying all possible 1-8 letter + digit combinations of email addresses.
Peter Send private email
Thursday, June 07, 2007
 
 
But they do do real-time validation.  You either get the email or you don't.
Grant Send private email
Friday, June 08, 2007
 
 
The SMTP network is based on store-and-forward techniques anyway.  There is no requirement for SMTP servers to be up 24x7.

So why would anyone think such an "email validation" would occur in real time?
sheesh
Friday, June 08, 2007
 
 
>> The SMTP network is based on store-and-forward techniques anyway.  There is no requirement for SMTP servers to be up 24x7.

Okay, that might've been valid in the 1980s but something's wrong if in the year 2007 an email doesn't make it to my inbox within 30 seconds of the sender clicking send. 

I'm guessing it's two problems.  First, like others have said, just because an address is valid doesn't mean it's the correct address.  I have a couple of different addresses that are computer generated permutations of my full name.  I don't think I've ever done it but it's not inconceivable that someone might get these mixed up and accidentally enter one permutation instead of the other and accidentally happen upon someone else's address.  This is particular true of johnsmith123 accidentally entering johnsmith72. 

You also have the problem of people subscribing to a bunch of mailing lists with someone else's valid email address as a practical joke. I seem to remember this being pretty common about 10 or so years ago leading to the verification system that we see today. 

And finally, I think a fast, automated address validator would mostly be useful for spammers doing brute force address searches.
SomeBody Send private email
Friday, June 08, 2007
 
 

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
 
Powered by FogBugz