Home arrow PHP arrow Page 6 - Email Address Verification with PHP

Empowering validation with fsockopen() - PHP

Many applications in the field of Web development need to validate email addresses. While this can be done in a variety of ways, one simple but effective way involves writing your own functions in PHP. Alejandro Gervasio explains this approach.

  1. Email Address Verification with PHP
  2. Validating the proper format of an email address
  3. Validating email domains with checkdnsrr()
  4. Customizing checkdnsrr()
  5. Using getmxrr() for validation
  6. Empowering validation with fsockopen()
By: Alejandro Gervasio
Rating: starstarstarstarstar / 215
February 08, 2005

print this article



In order to find out whether an email domain is really in use, we’re going to take advantage of PHP’s fsockopen() function, which is used to open domain socket connections over the Internet. This serves our purposes handily, since we might try opening a socket connection to the mail server identified with the given domain. If the socket connection is successfully opened, then the supplied domain is currently in use.

The format for fsockopen() is the following:

int fsockopen ( string hostname, int port [, int errno [, string errstr [, float timeout]]]);

The function, when used for Internet domains, will open a TCP socket connection to the provided host name on the supplied port, and return a file pointer corresponding to that host. If the call fails, it will return false, and if the optional errno and errstr arguments are present, they will be set to indicate the actual system level error that occurred while performing the call. The optional timeout parameter can be used to set a timeout in seconds for the connect system call. 

Having taken a look at what this function does, it’s feasible to open a socket connection on port 25 (the default port for SMPT servers) to the given domain for a user’s email address in the following manner:

If(!fsockopen($domain,25,$errno,$errstr,30)) {
 return false;

Here we’re trying to open a socket connection to the provided domain on port 25, setting a timeout of 30 seconds for the connection. If the connection is successfully established, the function will return true, which means that the SMTP server is up and running, the email domain is real and, hopefully, there is a valid user for that domain. If the connection fails, the function will return false, either indicating that the domain is not being used, at least for the moment that we attempted to open the socket connection. As you can easily guess, there might be several reasons for a failed result. Even if the user was valid, the mail server might be down, our system might be having its own problems, or other difficulties inherent to any network process might exist.

Anyway, our rough attempt to enhance the validation process is still a valid effort worth considering. Here’s the checkEmail() function with the new enhancements:

function checkEmail($email) {
 // checks proper syntax
 if(preg_match("/^( [a-zA-Z0-9] )+( [a-zA-Z0-9\._-] )*@( [a-zA-Z0-9_-] )+( [a-zA-Z0-9\._-] +)+$/" , $email)) {
  // gets domain name
  // checks for if MX records in the DNS
  if(!checkdnsrr($domain, 'MX')) {
   return false;
  // attempts a socket connection to mail server
  if(!fsockopen($domain,25,$errno,$errstr,30)) {
   return false;
  return true;
 return false;

And the code to call the function is listed as follows:

$email = trim($_POST['email']);  
if(!checkEmail($email)) { 
echo 'Invalid email address!';
else {
 echo 'Email address is valid';

We have taken a considerable step forward to improve the validation routines within our function.

To explain what we did step-by-step: once the email address is passed to the function, it is first validated to make sure it matches the regular expression. If the validation is successful, then the address is divided to obtain the email domain.

Then, the function checks whether the domain is real, looking for MX records in the DNS. Again, if the records are found, the next step is to open a socket connection for that domain on port 25, to determine whether the given domain is in use. If the connection is successful, we’re pretty sure that the email address corresponds to a real domain, which is currently in use, and the user name is potentially valid.
Any checking process that returns false, will evaluate the function as false too, terminating it, therefore indicating that the supplied email address is not valid.

Finally we’ve successfully reached our objective, with a few lines of PHP code. Not too bad, huh?


As with many other user data, email addresses are certainly pretty hard to validate. We’re not completely sure that what a visitor is giving us is valid input. However, as reviewed in this article, using several powerful PHP network functions combined is a great way to make the validation process a relatively painless task. Additionally, we’ve taken an instructive approach for some other concepts, such as working with lookup functions and sockets, even though we only scratched their surfaces. Thus, the next time you need to implement email verification in your PHP applications, don’t forget these invaluable tools. They're really worthwhile.

>>> More PHP Articles          >>> More By Alejandro Gervasio

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates


Dev Shed Tutorial Topics: