Home

PHP Email Validator - Email MX DNS Record Check

Submitted by David Walsh on Thu, 2008/03/06 - 2:26pm.
  • Delicious
  • Digg
  • StumbleUpon
  • Reddit
  • Technorati
Tags:
Free Open Source Project Hosting Disappointed with SourceForge?
Host your project at JavaForge! JavaForge.com
Automate your reports FREE 90 Day Trial
iServer Express for BIRT eclipse.dzone.com

Validating an email address is one of the hardest feats on the web. A valid email can be marketing gold, but an invalid email address is dead weight. Not only does it require a CPU-taxing PHP regular expression ("/^[A-z0-9\._-]+"."@" . "[A-z0-9][A-z0-9-]*". "(\.[A-z0-9_-]+)*"."\.([A-z]{2,6})$/"), the regular expression can be useless even after it's validated for format if the domain doesn't exist. A regular expression simply wont do -- we need to think more low-level. What does email at any domain require? A DNS MX record. Well, PHP provides a great solution to validate that there's a MX record for the provided email address' domain.

The Code

function domain_exists($email,$record = 'MX')
{
	list($user,$domain) = split('@',$email);
	return checkdnsrr($domain,$record);
}

The Usage

if(domain_exists('user@domain.com'))
{
	echo('This MX records exists; I will accept this email as valid.');
}
else
{
	echo('No MX record exists;  Invalid email.');
}

You'll see that 'MX' is the default record check, though you could change that to 'A' if you want. This method is not bulletproof but the function does provide a compelling enough argument for an email existing or being a fraud. If a valid email address is important for your purposes, use this function. Try it for yourself!

Reference: 
PHP Email Validator - Email MX DNS Record Check
Average: 1 (1 vote)

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)

Comments

Loïc Hoguin replied on Thu, 2008/03/06 - 9:49pm

Yeah well that's what the PHP documentation already say.

What I wonder is whether you'll find some real address not allowed by this, as said in this comment in the documentation.

And well, you check a domain, not the whole email address, so the local part can simply be garbage, it could even contain control characters if you only use this function. It also can't really tell that the address is real. After all you could enter whatever@hotmail.com and be good.

In my opinion, the best way to validate an email address is to send a confirmation email, and to filter trash mail domains like trash-mail.de and friends. I would use both regex and domain validation as an indication to the user to prevent him from making a mistake while entering his email address. But not preventing him for submitting it if he's sure it's good. After all, if his email address is really correct, you might lose a customer.

Finally, checkdnssrr is not available on Windows. Take that in consideration if your application needs to be portable.

David Walsh replied on Thu, 2008/03/06 - 10:13pm

Good points Loïc.  The confirmation email is always best, but this functionality could be used to BEFORE the confirmation stage to prevent bad email addresses.

gedrox replied on Wed, 2008/04/30 - 5:05am

I prefer using filter_var($var, FILTER_VALIDATE_EMAIL). And, by the way, your regular expression is not correct. E.g. '+' sign can be used in the email address.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.