verifying an email address when submitted through a web form

Creating a simple web application that will gather information, like name, address, email, etc. and submit it into a database for use with an online contest.

The client has asked if there is a way to verify that the email address the user submits is, in fact, a functional email address. So not just to validate that its formatted correctly, but actually like sending a 'ping' to the email address in order to receive some kind of a response if its valid?

Is this possible? I assume not - but don't know for sure.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

>> I assume not
That is correct.  Otherwise spammers would be sending requests to email servers asking:
Is real?

Where X is some randomly crafted username for the specified domain.  I'm sure you can see how that would be abused.  The common approach is to verify the email format only.  Once the email format is OK, generate a unique token for the user in question.  Record it on your database, along with the timestamp when the token was generated.  Then send an email to address specified with a url that contains a unique token in the querystring --ex:

Thank you for interest in our company ...
Please <verify your account now>.  If you do not verify your email address within 5 hours, then you
will need to resubmit your information.

Where <verify your account now> is a url that points to something like:

In verify.php you are supposed to see if there is a matching XYZ token.  So, query your db to see if there is a matching token and also get the timestamp when the token was generated.  If you find a record and the timestamp is within say 5 hours from the time the account request was submitted, then you mark the account/email address as "verified".  Otherwise the user will need to resubmit the form.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Margaret GreenCommented:
Apache commons-validation is used for validating the format of the email address.
Dave BaldwinFixer of ProblemsCommented:
Some sites send 'confirmation' emails to people where they have to respond to finish the signup procedure.  If there is enough money involved, that may be worth the effort.
blueLabsAuthor Commented:
Thanks for the confirmation... And all the extra info! Much appreciated.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.