FAQ 9.17 How do I check a valid mail address?

FAQ 9.17 How do I check a valid mail address?

am 28.01.2008 09:03:01 von PerlFAQ Server

This is an excerpt from the latest version perlfaq9.pod, which
comes with the standard Perl distribution. These postings aim to
reduce the number of repeated questions as well as allow the community
to review and update the answers. The latest version of the complete
perlfaq is at http://faq.perl.org .

------------------------------------------------------------ --------

9.17: How do I check a valid mail address?

(partly contributed by Aaron Sherman)

This isn't as simple a question as it sounds. There are two parts:

a) How do I verify that an email address is correctly formatted?

b) How do I verify that an email address targets a valid recipient?

Without sending mail to the address and seeing whether there's a human
on the other end to answer you, you cannot fully answer part *b*, but
either the "Email::Valid" or the "RFC::RFC822::Address" module will do
both part *a* and part *b* as far as you can in real-time.

If you want to just check part *a* to see that the address is valid
according to the mail header standard with a simple regular expression,
you can have problems, because there are deliverable addresses that
aren't RFC-2822 (the latest mail header standard) compliant, and
addresses that aren't deliverable which, are compliant. However, the
following will match valid RFC-2822 addresses that do not have comments,
folding whitespace, or any other obsolete or non-essential elements.
This *just* matches the address itself:

my $atom = qr{[a-zA-Z0-9_!#\$\%&'*+/=?\^`{}~|\-]+};
my $dot_atom = qr{$atom(?:\.$atom)*};
my $quoted = qr{"(?:\\[^\r\n]|[^\\"])*"};
my $local = qr{(?:$dot_atom|$quoted)};
my $domain_lit = qr{\[(?:\\\S|[\x21-\x5a\x5e-\x7e])*\]};
my $domain = qr{(?:$dot_atom|$domain_lit)};
my $addr_spec = qr{$local\@$domain};

Just match an address against "/^${addr_spec}$/" to see if it follows
the RFC2822 specification. However, because it is impossible to be sure
that such a correctly formed address is actually the correct way to
reach a particular person or even has a mailbox associated with it, you
must be very careful about how you use this.

Our best advice for verifying a person's mail address is to have them
enter their address twice, just as you normally do to change a password.
This usually weeds out typos. If both versions match, send mail to that
address with a personal message. If you get the message back and they've
followed your directions, you can be reasonably assured that it's real.

A related strategy that's less open to forgery is to give them a PIN
(personal ID number). Record the address and PIN (best that it be a
random one) for later processing. In the mail you send, ask them to
include the PIN in their reply. But if it bounces, or the message is
included via a "vacation" script, it'll be there anyway. So it's best to
ask them to mail back a slight alteration of the PIN, such as with the
characters reversed, one added or subtracted to each digit, etc.



------------------------------------------------------------ --------

The perlfaq-workers, a group of volunteers, maintain the perlfaq. They
are not necessarily experts in every domain where Perl might show up,
so please include as much information as possible and relevant in any
corrections. The perlfaq-workers also don't have access to every
operating system or platform, so please include relevant details for
corrections to examples that do not work on particular platforms.
Working code is greatly appreciated.

If you'd like to help maintain the perlfaq, see the details in
perlfaq.pod.