如何验证电子邮件地址的准确性

发布于 2024-10-17 06:35:03 字数 422 浏览 6 评论 0原文

我有一个注册用户使用的网络应用程序。这些用户拥有良好的电子邮件地址,我已通过传统方法向他们发送电子邮件验证链接(他们必须点击该链接)来验证这些地址。

但是,在此应用程序中,我的用户将提供第三方的电子邮件地址,该第三方不是我系统上的注册用户。然后,我的应用程序将向第三方发送电子邮件请求。

我正在寻找一种解决方案,使我能够捕获用户在网络表单上输入的任何问题或拼写错误。我正在寻找超出正则表达式检查的内容,以便解决诸如“[email protected]之类的问题]”当用户仍在网站上时将被识别为错误,因为“vom”顶级域无效。

谢谢

I have a web application that registered users use. These users have good email addresses that I have verified through the traditional method of sending them an email verification link that they must click on.

However, within this application my users will provide an email address of a third party, that is not a registered user on my system. My application will then send an email request to the third party.

I am looking for a solution that will allow me to catch any problems or typos that the user is entering on my web form. I'm looking for something beyond a regular expression check so that problems such a "[email protected]" would be identifed as an error while the user is still on the site, since the "vom" top level domain is invalid.

Thanks

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

孤单情人 2024-10-24 06:35:03

众所周知,SMTP 协议允许发送消息。然而,该协议的一部分是向 SMTP 服务器发出 HELO 并请求向用户发送电子邮件的许可。

通常 SMTP 服务器会拒绝向不存在的用户发送邮件,并且当服务器接受该地址时,该帐户很有可能存在。然后您只需断开连接即可,而无需真正发送电子邮件。恕我直言,这种方法是最合理的,并且其作用远远超出了仅使用正则表达式进行邮件地址验证的范围。

但是,如果目标 MX 主机只是将邮件传输到另一台服务器的一个跃点,则该跃点无法知道该地址是否确实存在,因此这并不是 100% 肯定。

The SMTP protocol allows sending messages, as everyone knows. However, part of the protocol is saying HELO to the SMTP server and to ask for permission to send the user an email.

Usually the SMTP server will deny delivering mails to users that do not exist, and when the server accepts the address, there is a fair chance that the account exists. You then just drop the connection without really sending an email. This approach is IMHO the most reasonable, and works far beyond just using regex for mail address validation.

However, if the destination MX host is just a hop that just transmits the mails to another server, the hop cannot know if the address really exists, so this is not a 100% positive.

灯下孤影 2024-10-24 06:35:03

与以往一样,除了尝试向电子邮件地址发送电子邮件之外,没有任何万无一失的方法来验证电子邮件地址的正确性。

我猜想这确实不是此类验证的选择,因此您能做的最好的事情就是使用了解当前 TLD 集的正则表达式。

有关更多信息,请参阅此问题

As ever, there is no bulletproof way to verify the correctness of an email address other than attempting to send an email to it.

I'm guessing that's really not an option for this sort of validation, so the best you can do is use a regex that knows about the current set of TLDs.

See this question for more.

¢好甜 2024-10-24 06:35:03

验证电子邮件地址存在很多问题。您可以编写一个非常长/复杂的正则表达式,但是世界可能会改变。 “vom”明天可能会成为有效的 TLD。

建议只有向该地址发送电子邮件才能确定电子邮件地址有效。我建议将 HELO 建议作为对输入的地址是否实际有效的快速而可靠的测试。

不过,从您的问题来看,您似乎希望检测/避免拼写错误。也许您只是不引人注意地通知用户“您的意思是“.com”吗?”。必须有一个有效 TLD 的白名单(也许调用 Web 服务来确保 TLD 列表(带有新的/删除的扩展名)。

还有关于加号是否有效和/或受支持的兔子洞讨论在各种 SMTP 服务器上。

There are a whole bunch of issues with validating an email address. You could write an incredibly long/complicated regex, but the world may change. "vom" could be a valid TLD tomorrow.

Suggest that only by sending an email to that address can you determine that an email address is valid. I'd suggest the HELO suggestion as a quick and solid test on whether the entered address actually works.

It sounds though, from your question, that you're looking to detect/avoid typos. Perhaps you'd just be notifying the user unobtrusively with "did you mean '.com'?". There'd have to be a whitelist of valid TLDs (perhaps calling a web service to ensure that the TLD list (with new/removed extensions).

There are also the rabbit hole discussions about whether a plus-sign is valid and/or supported on various SMTP servers.

神经大条 2024-10-24 06:35:03

您可以通过简单的 DNS 查找轻松验证邮件地址的主机名/域部分。

然而,没有简单的方法来验证用户名部分,特别是考虑到您很少可以在字典或其他东西中查找用户名的实际名称。

也没有安全的方法来查询邮件服务器的用户名。许多 SMTP 服务器都是简单的中继,不知道目标站点的用户列表。此外,许多邮件服务器实际上会接受发给无效用户的邮件,以避免垃圾邮件发送者通过暴力获取其实际用户列表的可能性。

唯一“安全”的方法是发送一条礼貌的消息要求确认,“MyService.com 中的用户 John B. 邀请您阅读他的时事通讯,您接受吗?”。如果您收到回复消息,您可以将该地址添加到每个用户的有效地址列表中,稍后您可以通过各种方式使用该地址来帮助您的用户避免将来出现拼写错误。

You can easily verify the hostname/domain part of a mail address with a simple DNS look-up.

There is, however, no easy way to verify the username part, especially considering the fact that rarely are usernames actual names that you can look up in a dictionary or something.

There is also no safe way to query a mail server for a username. Many SMTP servers are simple relays with no knowledge of the user list of the destination site. In addition, many mail servers will actually accept messages to invalid users, in order to avoid the possibility of spammers acquiring their actual user list by brute force.

The only "safe" way is to send a polite message asking for confirmation, "User John B. in MyService.com has invited you to his newsletter, do you accept?". If you get a reply message you can add that address to a list of valid addresses for each of your users, which you can use later in various ways to help your users avoid typos in the future.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文