When you think ASP, think...
Recent Articles
All Articles
ASP.NET Articles [1.x] [2.0]
ASPFAQs.com
Message Board
Related Web Technologies
User Tips!
Coding Tips
Search

Sections:
Book Reviews
Sample Chapters
Commonly Asked Message Board Questions
Headlines from ASPWire.com
JavaScript Tutorials
MSDN Communities Hub
Official Docs
Security
Stump the SQL Guru!
Web Hosts
XML Info
Information:
Advertise
Feedback
Author an Article
Technology Jobs

















internet.com
IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers
ASP ASP.NET ASP FAQs Message Board Feedback ASP Jobs
Print this page.

Windows Systems Administrator
Jupitermedia
US-CT-Darien

Justtechjobs.com Post A Job | Post A Resume

Published: Saturday, September 30, 2000

The Forgotten Art of Email Address Validation
By Joshua Finer

As webmasters and database administrators struggle to keep email address databases clean, web site form validation becomes key. At this point, the state of email address validation is poor. Feel free to prove it to yourself: go to your favorite site that requires registration, and enter dlkjfdklj@djflkjdlkj.com as your email address. More often than not, it will let you through no problem. Keep in mind that not only is it letting you through, but it is also storing that email address in an internal database. These email databases get littered with bad addresses, which companies usually handle in one of two ways:

- continued -

  • Ignore the problem and send membership emails anyway. This results in many bounced emails that waste bandwidth both to (when sent) and from (when returned) the Internet.
  • Hire temps to painstakingly pick out individual bad email addresses. This is a costly and time-consuming endeavor. Additionally, this is a reactive, not proactive, solution.

What you should be thinking at this point is "Why not stop the bad email address before it gets into your database?" As you might guess, there are different approaches to validating email addresses on web site forms. Generally, there is an inverse relationship between ease of implementation and quality of validation. However, with the recent popularity of developer components, these types of solutions can typically be "snapped in" with little learning curve.

The following is an overview of the various levels of email address validation.

    1. Base Level Validation - This is the type of email validation that most current web sites use. Code will generally be in-line and simply look for a @ and a . in the email address. This is extremely inadequate and needs to be upgraded. The reason that most sites use this method is that it is easy to code. An example in VBScript would be: 

    StrAddress = Request.Form("emailaddress")
If InStr(1,StrAddress,"@",vbTextCompare) = 0 OR _
   InStr(1,StrAddress,".",vbTextcompare) = 0 Then

	Response.Redirect("badAddress.html")
Else
	'continue form processing...
End If

    There is a more indepth email validation routine availabe in the following article: Email Address Validation!

    2. Base Domain Level Validation – This email validation is a step up from Base Level Validation, but still extremely inadequate. This level of validation only requires that the domain name of the email address be a valid registered domain. Many domain names are registered but cannot receive email. Additionally, the majority of registered domain names are not currently active mail servers. This is usually implemented as code or a component that does domain name registration lookups or possibly even standard DNS lookups. For purposes of example, let's say you choose to use a DNS lookup component. Keep in mind that most DNS objects are expecing a domain name and not an email address. The following code is a generic example of how you might implement a DNS component for email validation: 

    Set DNSobject = Server.CreateObject("CompanyABC.DNS")

Emailaddress = Request.Form("emailaddress")

TheDomainName = Mid(emailaddress, _
     InStr(1,emailaddress,"@",vbTextCompare)+1,Len(emailaddress))

DNSobject.domain = thedomainname
DNSobject.server = "XXX.XXX.XXX.XXX"
goodorbad = DNSojbect.dolookup

'Keep in mind some DNS object may return something other than ""
If goodorbad = "" Then
	Response.Redirect("badAddress.html")
Else
	'continue form processing...
End If

    3. MX Domain Level Validation – This email validation is currently the highest practical level. It is not 100% foolproof, but is a marked improvement over any lower form of validation. This level guarantees that the domain name of the email address is not only registered, but also that it is a live Internet host that can actually receive email. This is generally considered as the base practical level of email validation. This level of validation can be easily implemented via a developer component. Similar to #2, you must first install the component package on the server. After referencing the DLL, you might use code such as: 

    set MXValidate = Server.CreateObject("CompanyABC.Emailvalidate")

emailaddress = Request.Form("emailaddress")
MXValidate.serveraddresses = "XXX.XXX.XXX.XXX","XXX.XXX.XXX.XXX"
MXValidate.ValidateIt(emailaddress,resultcode)

If resultcode = False Then
	Response.Redirect("badAddress.html")
Else
	'continue form processing...
End If

    4. Absolute Validation – This is a theoretical level of email address validation. In this level, email addresses could be validated with 100% accuracy. Currently, this is nearly impossible to achieve. Internet servers run various operating systems, which handle email in various ways. Additionally, due to security considerations, many operating systems are configured in such a way that specific email account validation is impossible. Although this is theoretically the best, it is functionally impossible to implement. The closest way to implement this method is to send the user an email requiring that he reply in order to become registered for the web site.

The bottom line is that any web site that has little or no email address validation is just a victim of lazy developers. These days data is heaping around us at an alarming rate. We must strive to keep it clean and scrubbed if we expect it to be a productive and useful asset. Please visit Component Source to see a selection of email address validation components!

  • By Joshua Finer

    Validation Articles
    For more information on email address and form validation, check out these great articles!

  • The Forgotten Art of Email Address Validation
  • ASP/JScript Email Validation
  • A Server-Side Email Validation Routine
  • Another Email Validation Routine
  • Form Validation Using JavaScript
  • Using the Dictionary Object Data Collection and Validation

    • Joshua is currently a 2nd year MBA student at The Pennsylvania State University, concentrating in Entrepreneurship. Additionally, Joshua is the President of Finer Technologies, a software publisher. Finer Technologies recently released EmailScreen, an email validation developer component that can be found at http://www.email-screen.com. Joshua welcomes anyone to write him: Joshua@finertechnologies.com!

    Windows Internet Technology | ASP.NET [1.x] [2.0] | ASPMessageboard.com | ASPFAQs.com | Advertise | Feedback | Author an Article



    • JupiterOnlineMedia

    internet.comearthweb.comDevx.commediabistro.comGraphics.com

    Search:

    Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

    Jupitermedia Corporate Info


    Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

    Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
    Solutions
    Whitepapers and eBooks
    Microsoft Article: HyperV-The Killer Feature in WinServer ‘08
    Avaya Article: How to Feed Data into the Avaya Event Processor
    Microsoft Article: Install What You Need with Win Server ‘08
    HP eBook: Putting the Green into IT
    Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
    Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
    Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
    		 Avaya Article: Setting Up a SIP A/S Development Environment
    IBM Article: How Cool Is Your Data Center?
    Microsoft Article: Managing Virtual Machines with Microsoft System Center
    HP eBook: Storage Networking , Part 1
    Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
    MORE WHITEPAPERS, EBOOKS, AND ARTICLES
    Webcasts
    Intel Video: Are Multi-core Processors Here to Stay?
    On-Demand Webcast: Five Virtualization Trends to Watch
    HP Video: Page Cost Calculator
    Intel Video: APIs for Parallel Programming
    		HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
    Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
    MORE WEBCASTS, PODCASTS, AND VIDEOS
    Downloads and eKits
    Sun Download: Solaris 8 Migration Assistant
    Sybase Download: SQL Anywhere Developer Edition
    Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
    		 Red Gate Download: SQL Compare Pro 6
    Iron Speed Designer Application Generator
    MORE DOWNLOADS, EKITS, AND FREE TRIALS
    Tutorials and Demos
    How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
    eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
    IBM Article: Collaborating in the High-Performance Workplace
    HP Demo: StorageWorks EVA4400
    		 Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
    Microsoft How-to Article: Get Going with Silverlight and Windows Live
    MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES