You can use telnet to check if an email is valid. You can actually send emails via telnet, but we’ll stick to checking for now. Remember that this is not a string validation but a complete check with the mail server if the user is valid.
For this example we will use [email protected]. We first need to check the MX record for pentest.ro. In Linux is as simple as:
> dig MX pentest.ro ; <<>> DiG 9.6-ESV-R4 <<>> MX pentest.ro ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53492 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 3, ADDITIONAL: 0 ;; QUESTION SECTION: ;pentest.ro. IN MX ;; ANSWER SECTION: pentest.ro. 86400 IN MX 5 ALT2.ASPMX.L.GOOGLE.COM. pentest.ro. 86400 IN MX 10 ASPMX2.GOOGLEMAIL.COM. pentest.ro. 86400 IN MX 10 ASPMX3.GOOGLEMAIL.COM. pentest.ro. 86400 IN MX 10 ASPMX4.GOOGLEMAIL.COM. pentest.ro. 86400 IN MX 10 ASPMX5.GOOGLEMAIL.COM. pentest.ro. 86400 IN MX 1 ASPMX.L.GOOGLE.COM. pentest.ro. 86400 IN MX 5 ALT1.ASPMX.L.GOOGLE.COM. ;; AUTHORITY SECTION: pentest.ro. 86400 IN NS ns1.pentest.ro. pentest.ro. 86400 IN NS ns2.pentest.ro. pentest.ro. 86400 IN NS ns3.pentest.ro. ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Jul 2 21:48:05 2011 ;; MSG SIZE rcvd: 261
On Windows platforms there is no integrated dig utility. You can use this app, or you can use a free online check like this one:
Either way you will end up with the MX server or servers for the domain. Notice there is a number in front of the MX servers in the list, that indicates priority (smaller means higher priority). We will use the highest priority server available and if this one fails we can try the next one.
It’s time to connect to the server (from the command line in Linux or Windows):
> telnet ASPMX.L.GOOGLE.COM 25 Trying 74.125.39.27... Connected to ASPMX.L.GOOGLE.COM. Escape character is '^]'. 220 mx.google.com ESMTP y26si6167249fag.156 helo mydomain.com 250 mx.google.com at your service mail from: <[email protected]> 250 2.1.0 OK y26si6167249fag.156 rcpt to: <[email protected]> 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://mail.google.com/support/bin/answer.py?answer=6596 y26si6167249fag.156 rcpt to: <[email protected]> 250 2.1.5 OK y26si6167249fag.156 quit 221 2.0.0 closing connection y26si6167249fag.156 Connection closed by foreign host.
The bolded lines are the ones you type, the others are responses from the server.
All servers should abide to RFC 821. Most do, a few don’t. I noticed some servers are accepting all addresses as valid. This is not a standard response but you can check if this occures testing an email like [email protected].
The response code you are interested in is 250. This means it’s a valid address. 550 means that the user does not exist. There are other codes as well and you can do further reading in the RFC.
Please note that helo command must be run before anything else. mydomain.com and [email protected] can be changed in anything you please.
To close the connection after validation just type quit.