What is the most universal method for e-mail verification without user interaction involved?
It's widely known, that probably the best method to achieve that is the SMTP transaction with the MX server during which we're "emulating" sending the mail (HELO, MAIL FROM, RCPT TO - 250 response to rcpt to = e-mail is OK).
It works good, however many servers (e.g. Hotmail, MSN) are black-listing the hosts which are communic开发者_运维问答ating like that (starting transaction without sending the e-mail).
Is there any better method to verify that e-mail exists - without user interaction and, if possible - without sending a message?
Unfortunately anything that helps legitimate apps determine if an email account is real and active are exploitable by spammers that are looking for live accounts.
Your best bet is (presuming a user is signing up on your site)... is to send them an email with a link (or code) that they click on (or type in) to "verify" this is a real account.
Note: Even doing this, only "guarantees" the account was active. It doesn't ensure that it wasn't a temporary service (e.g. mailinator or other disposable email address). ;-)
精彩评论