Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've found that the best ways for validating email addresses, in order, are: checking for the '@' sign, resolving the hostname to the right of the '@' sign to see if it has MX records (or an A record, since the specification technically also allows sending mail to the server at the A record), and sending an email to the address that includes a verification link that the user must click.

The first two can be done without requiring any additional work for the user, but people are so used to clicking verification links that they don't really mind that either.



And the advice here, which I agree with, is to skip your steps 2 & 3.


Eh, I don't think having a site that allows people to sign up on behalf of other people easily is a good thing.


As someone who owns {commonFirstName}{commonLastName}@gmail.com, I _hate_ services that don't require you to validate the e-mail address you sign up with. And there's a special place in hell reserved for people who write services which don't validate the e-mail you sign up with, but do require you to sign in with your credentials in order to unsubscribe.


lol@gmail.com whoever owns this, hates their life.


Unfortunately no one can own that :) Google doesn't allow email id with less than 5 chars (to mitigate random spamming)


Thanks for the info. I don't feel bad anymore.


how about asdf@gmail.com?


Surely you mean aoeu@gmail.com?


And if you skip 3 I will report any automatically sent mail as spam where ever I can in the hopes of getting you on as many blacklists as possible.


You should only report spam that is actually spam.


It is spam if you allow X to sign Y up for automated mails without confirmation. In Germany we even have laws against that.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: