[2.0.17] Live Email Validate (LEV)

All new MODs released in our MOD Database will be announced in here. All support for released MODs needs to take place in here. No new MODs will be accepted into the MOD Database for phpBB2
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.

Rating:

Excellent!
21
66%
Very Good
6
19%
Good
2
6%
Fair
0
No votes
Poor
3
9%
 
Total votes: 32

Arglwydd
Registered User
Posts: 133
Joined: Tue Dec 06, 2005 7:58 pm
Location: Wales, UK
Contact:

Post by Arglwydd » Sun Dec 11, 2005 10:31 pm

I'm a little paranoid about this MOD not allowing genuine members to join. No offence to you or your scripting Wulf; I'm not questioning your skills, in fact I'm questioning mine. The thing is I don't actually know a huge deal about SMTP, so I'm not too sure how it works. On the configuration settings of the Admin CP, I have the checkbox set to 'no' and the three boxes under it empty. Do I need to change this before the MOD will work? And what are the chances of this MOD not recognising an e-mail address that's valid? Oh and one last question, are you able to manually validate an e-mail address if it's unrecognised but you know it to be genuine? Thanks in advance for any and all feedback you give me on this.

valval
Registered User
Posts: 123
Joined: Mon Jul 05, 2004 5:55 pm

Post by valval » Sun Dec 11, 2005 10:56 pm

Interesting questions ... I'm also intersted in the answers :)

Wulf_9
Registered User
Posts: 130
Joined: Sun Mar 20, 2005 8:13 pm
Location: Norwich, UK

Post by Wulf_9 » Mon Dec 12, 2005 6:06 pm

Hi,

Genuine questions are always welcome ;)

My contention is, in these uncertain times, that it's better to keep a 'closed door policy' and have to deal with one or two users manually, than allowing anyone (or anything, e.g. spambots) to gain entry. I don't know which 3 checkboxes you're referring to, LEV has one setting button in the ACP which is Yes or No, click the relevant one to enable or disable it.
As you may have noticed if you've been following this thread, there is always a chance that a real email address won't be 'checkable' due to port 25 blocking, or users on webmail hosts, however you as Admin of your board can email them at their supplied registration address and if they reply you can activate their accounts yourself. This answers your last question too :)
`
"It's not the things you do right that matter, it's the things you don't do wrong"

Arglwydd
Registered User
Posts: 133
Joined: Tue Dec 06, 2005 7:58 pm
Location: Wales, UK
Contact:

Post by Arglwydd » Mon Dec 12, 2005 7:22 pm

Ah, thanks a lot man. I just wanted to check that I could manually add people that this MOD blocked. And yeah, you're right. Better to have too much security than to have not enough security. As for the three boxes? I was talking about the SMTP options at the bottom of the configuration menu in the ACP. Just wondering if I needed to fill them in before this MOD would work. Now that I look back, I'm not too sure why I thought that I might have to... *Shrugs* Hehehehe...

Duck_FFRL
Registered User
Posts: 29
Joined: Sat Mar 05, 2005 1:45 am

Post by Duck_FFRL » Tue Dec 13, 2005 1:30 am

I think this is what I've been looking for. Sorry for the ignorance, quite new to all this stuff. However, where do I upload the mod to? To the admin folder or the root folder of the forums? I take it once it's uploaded, just use the browser to the setup.

Thanks in advance, Duck

Wulf_9
Registered User
Posts: 130
Joined: Sun Mar 20, 2005 8:13 pm
Location: Norwich, UK

Post by Wulf_9 » Tue Dec 13, 2005 7:33 pm

Just follow the instructions in the MOD script, there are several files which need changing, they should be uploaded to the same locations as the originals so they're overwritten with the updated ones, but make backups BEFORE you start editing, just in case :)

You then upload the lev_mod_db_setup.php script to your forum root and run it by accessing it in your browser, once it's completed it should show you a green 'successful' message stating that the config table has been updated. From this point on LEV is enabled by default, nothing else to do except delete the setup script 8)
`
"It's not the things you do right that matter, it's the things you don't do wrong"

User avatar
lanesharon
Registered User
Posts: 400
Joined: Fri Dec 05, 2003 9:33 pm
Location: º• Confused! •º
Contact:

Post by lanesharon » Thu Mar 09, 2006 4:46 pm

I have my hosting account on a shared server who sometimes lets spammers through the door and then fights the fires after everyone's emails get banned. It is annoying, but necessary with my very limited income.

My forum is setup for account validation prior to membership. So, a welcome email goes out and they need to respond to it with pertinent info. With all the banning that has occured, many do not get these Welcome emails and I get no email from the email service saying it has been banned (AOL, Yahoo, etc).

Currently, I am sending out additional emails, a week later, from another email account I have. I am concerned that with all these emails I have to send out, that some email service providers will start banning that email address too. It is frustrating, to say the least, because I am dealing with cancer patients.

So, my question is, will this mod let me know if my forum email address is getting banned at the other end?

Wulf_9
Registered User
Posts: 130
Joined: Sun Mar 20, 2005 8:13 pm
Location: Norwich, UK

Post by Wulf_9 » Thu Mar 09, 2006 6:32 pm

Hi Sharon,

The only info that LEV will provide is when it connects to a mailserver but the 'send' fails, e.g. wrong email address or other verification failure - in this case the actual server response code is displayed as part of the error message. To see what's happening on the outside of your mail host you'll have to find a way of reading your server logs (cPanel or vDeck hosts) or ask them to send you the info by email. LEV won't automatically tell you why the connect failed, but you can try a sneaky trick - use the board email address as the user email then submit the form and if it fails, look at the server response code. If it's a simple username or domain error, correct the email address and try again, if it's a 'network type' error, you will have to ask your hosting service how to resolve it, sometimes they use 'port 25 blocking' to deter spam, if this is the case LEV will always fail as it has to connect directly to a mailserver on port 25, it mimics an email client in 'send' mode.
Sorry I can't be more help, you're doing a great service ;)
`
"It's not the things you do right that matter, it's the things you don't do wrong"

DigitalBrains
Registered User
Posts: 1
Joined: Tue Apr 11, 2006 3:36 pm

Little optimization

Post by DigitalBrains » Tue Apr 11, 2006 3:49 pm

Great MOD, thanks a lot!

I have a suggestion for a little optimization: right now, the first thing done in validate_email (apart from the syntax preg_match) is your LEV. It seems to me it's cheaper to first check banlists and existing addresses and only then start doing the LEV, since this involves networking and external hosts. A very tiny change, with little side-effects, I think.

And a little side note; perhaps it's best to use MX preferences in the order to try hosts; from high priority to low priority. Not only is this more standards (and common use) conformant, it also stops false positives: lower-preference MX's often only check the domain-part of an e-mail address, and only the highest-preference MX actually has knowledge about which local parts are actually valid. Example: my primary MX is mail.digitalbrains.com, my secondary is mx2.zoneedit.com. If I connect to mx2.zoneedit.com and use a random local part, like "ewfb@digitalbrains.com", it will pass the LEV test, because zoneedit has no knowledge of which local parts actually exist, and will just accept and queue anything. However, if I connect to mail.digitalbrains.com, it will (correctly) get rejected because that host has knowledge about which local parts exist, and the address will fail the LEV test.
I use the GNU Privacy Guard. You can download my public key here.

TGPO
Registered User
Posts: 5
Joined: Fri Dec 30, 2005 4:59 am
Contact:

Post by TGPO » Thu May 18, 2006 2:34 pm

Wonderfull MOD, I put it into one of the three forums I'm currently running to see how well it worked. I am decided now on putting it into the other 2 as well. Not only stopped alot of BS accounts, but it stopped dead nearly all bot registrations as well.

Good work, and thanks.
Forum Admin for www.nsrealm.com.
A Neverwinter Nights Persistant World Community

chris3471
Registered User
Posts: 157
Joined: Wed Dec 07, 2005 8:32 pm

Post by chris3471 » Fri Jun 09, 2006 10:24 pm

I'm about to try this, it looks good. Question though, what if a person has a catch all mailbox, will it think the mailbox exists?

valval
Registered User
Posts: 123
Joined: Mon Jul 05, 2004 5:55 pm

Re: Little optimization

Post by valval » Sun Jun 25, 2006 9:03 am

DigitalBrains wrote: And a little side note; perhaps it's best to use MX preferences in the order to try hosts; from high priority to low priority. Not only is this more standards (and common use) conformant, it also stops false positives: lower-preference MX's often only check the domain-part of an e-mail address, and only the highest-preference MX actually has knowledge about which local parts are actually valid. Example: my primary MX is mail.digitalbrains.com, my secondary is mx2.zoneedit.com. If I connect to mx2.zoneedit.com and use a random local part, like "ewfb@digitalbrains.com", it will pass the LEV test, because zoneedit has no knowledge of which local parts actually exist, and will just accept and queue anything. However, if I connect to mail.digitalbrains.com, it will (correctly) get rejected because that host has knowledge about which local parts exist, and the address will fail the LEV test.
And how exactly do you do that? :?

kristara
Registered User
Posts: 80
Joined: Mon Sep 19, 2005 6:45 am
Contact:

Post by kristara » Fri Aug 18, 2006 11:08 pm

I have found that if I use a legit email service, i.e. yahoo, all pass, no matter how mundane of a name I make up and they get through. Any ideas?

soonergirl
Registered User
Posts: 39
Joined: Sun Jul 23, 2006 11:07 pm

Post by soonergirl » Sun Aug 20, 2006 7:14 pm

I installed it and it allows everyting to pass thru.....oh well, it didn't screw anything up so I guess I won't worry about it.

I used easymod to install it as I have every mod that I've installed, so I feel sure that it is correct.

earlwer
Registered User
Posts: 1
Joined: Tue Aug 22, 2006 3:25 am
Location: Montreal, QC

Great idea...

Post by earlwer » Tue Aug 22, 2006 3:37 am

Wulf_9 wrote: LEV won't automatically tell you why the connect failed, but you can try a sneaky trick - use the board email address as the user email then submit the form and if it fails, look at the server response code. If it's a simple username or domain error, correct the email address and try again, if it's a 'network type' error, you will have to ask your hosting service how to resolve it, sometimes they use 'port 25 blocking' to deter spam, if this is the case LEV will always fail as it has to connect directly to a mailserver on port 25, it mimics an email client in 'send' mode.


I was always getting "Could not connect to the mail server, see the FAQ page for further info gsmtp183.google.com : no route to this domain, host unavailable", even for valid emails.

I tried using the board email, and that didn't work. When the board email was set to local mail, the email worked, but LEV checking still failed. When I set the SMTP server for email (in the ACP), I also had to change the port from 25 to 1352 in smtp.php. Now the board email worked!

Then I changed the port in functions_validate.php ( if ($connect = @fsockopen($hostname, 1352, $errno, $errstr, 15)) )

Now it works except for the gmail & yahoo mail accounts. They do not get accepted. :roll:

Have you thought of a solution, or is the MOD restricted to POP accounts?

thanks, and nice job...

Post Reply

Return to “[2.0.x] MOD Database Releases”