Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 189
  • Last Modified:

A Script to test an email account

Hi:

Does anyone have a Perl or PHP Script to just test the existence of an email account? Let's imagine a form field where we put the account info, like ACCOUNT NAME, POP SERVER (and PASSWORD if needed) and the Script would just test anyway that account and say: Yes it exists and is active (or something like this).

Thanks

Mario./
0
multisites
Asked:
multisites
  • 5
  • 3
1 Solution
 
StormyWatersCommented:
you could use imap_open() and test for an error, but you would need their password to check their account, etc. Far, far to insecure. I think that'd be the only way to do it.

Easier to just send them a confirmation e-mail.
0
 
multisitesAuthor Commented:
Well, StormyWaters, I thank you, but it sounds like greek for me, because I'm not a programmer. So, I need something like a ready-made Script.

Mario./
0
 
StormyWatersCommented:
There is no real way to do this without compromising people's security.


It's much easier to send a confirmation e-mail like most major companies do. Use this php script:


Change the $content variable to whatever you want, and the stuff in the $header variable to whatever you want it to be from.
<?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Your E-mail</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>

<body>
<?
$email = $HTTP_POST_VARS['email'];
if(isset($email)) {
  $content = "Hello! Someone has used your e-mail address to sign up for our site. To confirm this, follow this link:\nhttp://www.yoursite.com/confirm.php?code=".base64_encode($email)."\nThank you for your time.";
  $subject = "Confirm address";
  $headers = "From: Intelligent Shade Of Blue mailer";
  mail($email, $subject, $content, $headers);
  echo "An email has been sent to $email. Please confirm it.";
} else {
echo <<<END
  <form method="post" action="$PHP_SELF">
  <input type="text" name="email" />
  <input type="submit" name="sbmt" value="Submit!"/>
  </form>
END;
}
?>
</body>
</html>

That's your form page.



Then this is confirm.php:
Do whatever you want if they've got a valid address where I've just echo'd some information.
<?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>

<body>
<?
$email = $HTTP_GET_VARS['code'];
if(isset($email)) {
  echo 'Address '.base64_decode($email).' confirmed.';
}
?>
</body>
</html>

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
StormyWatersCommented:
I'm sorry, the server I tested that script on runs an old version of PHP.
$HTTP_GET_VARS should be replaced with $_GET and $HTTP_POST_VARS with $_POST on newer versions.
0
 
multisitesAuthor Commented:
Great, StormyWaters, it does exactly what I need. But before accepting, please, explain to me why people's security is compromised with such a procedure? At which extent it could be a danger to my domain/server?

Thanks,

Mario./
0
 
StormyWatersCommented:
In order to check their account, you would need to know their e-mail account's password. Firstly, nobody in their right mind would give that to you, even if your purpose was honest. Secondly, if you didn't have a secure server others could retrieve that information and get people's passwords.
As I said, it's relatively simple to use a confirmation email script, so I wouldn't suggest using something different.
0
 
multisitesAuthor Commented:
Hi, StormyWaters:

Ansewring to your first comment, as a matter of fact, this procedure will be used by each of our customers, individually, that is, when we give him/her a new mailbox, he/she will test his/her own mailbox. So, here there's no problem about password, ok?

I didn't understand your second comment that says that others could retrieve that information and get people's password.

And finally, you told about using a simple confirmation email script. That's what I want. This one you wrote above, and I have already tested, isn't it one of these you mentioned?

Mario./
0
 
StormyWatersCommented:
I thought what you wanted was a way to test, by connecting to a server, whether a certain address exists. I gave you a different script, which sends an e-mail to that account, and has them confirm that it exists. They're different. There's no security problem with the script I gave you, but what I *thought* you were suggestion (which you might not have been, apparently), there is one. Using a confirmation e-mail in no way asks for the user's password, and is therefore more secure.

Ask for password, run a function to detect if the account exists: insecure.
Confirmation e-mail, the script I gave you: no security risk.

Sorry if there was any confusion.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now