check email existence using Delphi with Indy or any other components/tools for Delphi

3
votes

I need to check email accounts whether exists or not, I need to do that using Delphi and Indy (if possible)

I have a windows database for ERP system and I need to make sure that the customer enter valid email into the system so I can send to my customer the quotes they request.

I tried to test on yahoo and google using send commands HELO, MAIL and RCPT but no success.

3
delphiindy
You may not get the desired result in any well setup mail server. This technique could be used to harvest real mail address and the use them for spamming or worse. Some server won't tell you if an address exists or not, but your mail could be sent to /dev/null, while your IP could be blocked by an IDS detecting a bad behaviour. Be polite, and avoid acting like a spammer...user160694
-1 because because there's no "close for mallware". I'm sorry if this seems harsh, but honestly, I've got about 2000 unread emails in my mailbox because our company's spam filter stopped working and nobody fixed it. That's 2000 in about two months. And since you're out harvesting email addresses, pick simpler targets: if I were yahoo or google, I'd hire the smartest people out there to combat people trying to do precisely what you're doing. My guess is, the smartest people are fighting against you.Cosmin Prund
@WMAN He wasn't saying you were a spammer. He was saying that mailservers that get probed in a particular way may react as if the prober was a spammer. So, if you write code that has the same behavioural traits as a spammer, then you are likely to get your IP address in trouble. His comment contains excellent advice if only you could recognise it.David Heffernan
@WMAN, there's absolutely no way of safely testing the email addresses. Because of the huge volumes of SPAM floating around, everybody's a bit more then hyper-sensitive about it. Working within the specifications of the RFC is not enough: send a few bad emails to yahoo (emails to non-existing addresses) and you might get blacklisted. Do that for a couple more domains (including google) and you might find yourself into a global blacklist checked by hundreds of different mail servers. It's really a bad situation, one you can't escape.Cosmin Prund
@WMAN, you'll have to do what everyone else is doing: When you register a new email address, send a confirmation email. You don't want to "get creative" with email, your creativity is guaranteed to be miss-understood. I'm removing my downvote since you provided a somewhat valid reason to scan those email addresses.Cosmin Prund

3 Answers

5
votes

Mail servers have to protect themselves against spammers and others with malicious intent. They are not going to give up their secrets easily. It is common for mail servers to be configured to black hole messages sent to non-existent recipients. They don't respond to the sender saying, "sorry, that user doesn't exist, please try again."

So, if you want to verify whether or not an e-mail address has a human behind it I think the only way to be sure is to send an e-mail requesting a response.

4
votes

You have to ask your customers to confirm their email address, i.e. entering it twice to reduce misspellings, asking to register and sending an activation link and so on. State explicitly they need a valid email address: if they're asking you a quote why should they enter an invalid address? But be aware some people may use disposable email addresses to protect their real ones.

You have no way to check if an address really exists just asking its server. Due to the large amount of spam and techniques implemented by spammer to harvest and clean their addresses lists, most servers are setup to defend themselves.

That's why I suggested to "be polite". I am sorry if you got it the wrong way, I was just telling you that if your application shows a "spammer-like" behaviour (and your previous version of the question was much unclearer about your aims), it can lead to your IPs being blacklisted. Then you can have much more troubles to send quotes to customers.

-1
votes

You may try ICS components, an open source library with good examples (see SMTPClient). So this library or another one will not tell you if an email account exists or not because it's depending on the way the host answer to the commands about a non existent account. In ICS, when the command have been sent you may have to manage an event : SmtpRequestDone(Sender: TObject; RqType: TSmtpRequest;ErrorCode: Word);
Where ErrorCode is the Error code (ie 550).