Hi Patrick,

Probably you didn't select the appropriate verification level. *The
default for the demo page is to verify the entered domain has at least
an MX record*: every syntactical valid email address whose domain part
is "aol.com" will pass this level, just because the aol.com domain has
more than one MX record (lots of them, actually).

To check against mailbox existence or, better, mailbox existence coupled
with the guarantee that the server can't accept mail for inexistent
addresses, you have to select a higher level of verification.
So, here's a small cheat sheet with the verification levels accepted by
this component:

- Syntactical level -> Performs a syntactical validation of the provided
email address against RFC 2821 and RFC 2822 rules.
- Domain MX -> Queries the DNS server for an MX record for the email
address domain, checking if one exists and is available to use.
- Smtp availability -> Checks if a connection could be performed to the
mail server of the email address domain.
- Mailbox existence -> Checks whether the mail server accepts or rejects
messages sent to the required email address.
- Sham address rejection -> Checks if the mail server correctly rejects
messages sent to sham (inexistent) email addresses.

However, due a lack of fortune, the IP address of web server this site
is hosted by is actually in a network range included in the AOL's black
list (I've googled a bit about this and found nearly 80% of incoming
email is blocked by their servers). Thus verification level above Smtp
Availability will fail for AOL addresses *only when launched within this
demo site* (with a result which clearly indicates that there is a
problem while connecting to check the mailbox existence, so you could
distinguish, for example, from the real inexistence of the mailbox), at
least until AOL will remove this block.

Hope this helps.

--
Efran Cobisi
http://www.cobisi.com

Patrick Steele wrote:
> Hopefully you don't need it for AOL.com addresses -- it verified just
> about anything I sent to it. And I mean *anything*. I just pounded on
> the keyboard with a random collection of letters and numbers and
> everything verified as legit.
>
> ---
> Patrick Steele
> http://weblogs.asp.net/psteele
>
>
> -----Original Message-----
> From: Discussion of building .NET applications targeted for the Web
> [mailto:DOTNET-***@DISCUSS.DEVELOP.COM] On Behalf Of James Hearne
> Sent: Friday, May 25, 2007 7:35 AM
> To: DOTNET-***@DISCUSS.DEVELOP.COM
> Subject: Re: [DOTNET-WEB] RegularExpressionValidator and fake email
> addresses
>
>
> Suits me fine.
> http://www.emailverify.net/Demo.aspx results:
>
> ***@gmail.com IS valid
> ***@gmail.com is NOT valid
>
> Thanks.
> /James
>
> On 5/24/07, Efran Cobisi <***@cobisi.com> wrote:
>
>> Hello James,
>>
>> There are many components out there which you can use to test for
>> email address correctness and existence. All of them perform a sort of
>>
>
>
>> check against the smtp server responsible for the provided email
>> address, if one exists. Here is a short list of products you could use
>>
>
>
>> within your ASP.NET projects:
>>
>> http://www.emailverify.net
>> http://www.aspnetmx.com
>> http://www.hexillion.com
>>
>> Personally I would opt for EmailVerify.NET, which is a project I'm
>> currently involved in, because it also supports a sort of false
>> positive check (used for smtp servers with anti-spam feature turned
>> on) and, btw, is cheaper than the other two. Keep in mind, however,
>> that in the end there is no a 100% guarantee that an email address
>> does actually exist until you send a message and check for a possible
>> bounce. And even if you send a message, there is no guarantee a bounce
>>
>
>
>> will be sent in the event the recipient does not actually exist. So,
>> use these components with care.
>>
>> Hope this helps.
>>
>> --
>> Efran Cobisi
>> http://www.cobisi.com
>>
>> James Hearne wrote:
>>
>>> No, this isn't applicable. I don't want to send out any email. I
>>> just want to check if the provided email address does exist or not.
>>> How can I do that?
>>>
>>> /James
>>>
>>> On 5/24/07, Paul van Brenk <***@tamtam.nl> wrote:
>>>
>>>> Send an email to confirm their subscription.. all addresses that
>>>> are
>>>>
>> not
>>
>>>> yet confirmed are not valid and deleted after 48 hrs?
>>>>
>>>> Paul
>>>>
>>>> -----Original Message-----
>>>> From: Discussion of building .NET applications targeted for the Web
>>>>
>
>
>>>> [mailto:DOTNET-***@DISCUSS.DEVELOP.COM] On Behalf Of James Hearne
>>>> Sent: Thursday, May 24, 2007 15:48
>>>> To: DOTNET-***@DISCUSS.DEVELOP.COM
>>>> Subject: [DOTNET-WEB] RegularExpressionValidator and fake email
>>>> addresses
>>>>
>>>> Hi gurus,
>>>> in our web site we often receive a lot of feedback from fake email
>>>> addresses, like ***@sadasdas.com; people sign up to our
>>>> newsletter using fake addresses too.
>>>> Very bad...
>>>> In each page used to enter email addresses we have already inserted
>>>> a RegularExpressionValidator which works quite well; the problem is
>>>>
>> that
>>
>>>> email addresses like the aforementioned one are actually valid
>>>> ones!
>>>>
>>>> Could you point me to the right direction?
>>>> Thanks.
>>>>
>
> ===================================
> This list is hosted by DevelopMentor® http://www.develop.com
>
> View archives and manage your subscription(s) at http://discuss.develop.com
>

===================================
This list is hosted by DevelopMentor® http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com