With the advent of many many sites like http://dodgeit.com/ what your
talking about is useless besides there are many other sites like
http://www.spamhole.com/
Tipmonkeys has a list of several such sites so for the moment either
method is a waste of time. If people want to fake email addresses they
will and your checks for them will not made any difference.
While there are queries that can detect if email addresses exist they
largely depend on the server configuration at the other end. Most for
security reasons just say everything exists (If everything didnt they
just wouldnt get mail). This makes it impossible for spammers to find
and address list of email addresses for a domain. With a setup like
microsoft when the server only returns true values for emails that
exists it allows spammers to datamine email addresses on a domain.
Then again Microsoft never did care that much about security.
On 10/25/06, Mister Dookie <misterdookie@gmail.com> wrote:
Hello list,
Is there a way to verify that an e-mail address
(e.g."johnsmith@company.com") is valid and exists or does not exist
(is a fake e-mail address) without actually sending a message to that
address and awaiting the response?
Here's why this is a security issue. Our company administers a small
"municipal-type" 802.11 network where for limited open-access the only
form of ID we require is an e-mail address and a password. We simple
don't have the resources to send out e-mails and then have
verification and so forth. We are trying to prevent users from
entering fake addresses into our system. We want at least a small
amount of accountability.
We would like to be able to do a quick check, say query an IMAP, POP3,
or SMTP and check to see if there is actually an account at that
address without sending a verification e-mail and waiting for users to
click on a link or get something that bounces back. Does something
like that exist?
I do recognize that somebody can enter a valid e-mail address that
does not belong to them, but we are trying to address one issue at a
time. At this point we are just trying to prevent people who give us
"dude@dude.com" from getting on to our network.
Thanks,
John
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
--
You can do anything you set your mind to when you have vision,
determination, and and endless supply of expendable labor.
<No tree's were harmed during this transmission. However, a great
number of electrons were terribly inconvenienced>
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
