PHP Email Validator – Email MX DNS Record Check

By  on  

Validating an email address is one of the hardest feats on the web. A valid email can be marketing gold, but an invalid email address is dead weight. Not only does it require a CPU-taxing PHP regular expression ("/^[A-z0-9\._-]+"."@" . "[A-z0-9][A-z0-9-]*". "(\.[A-z0-9_-]+)*"."\.([A-z]{2,6})$/"), the regular expression can be useless even after it's validated for format if the domain doesn't exist. A regular expression simply wont do -- we need to think more low-level. What does email at any domain require? A DNS MX record. Well, PHP provides a great solution to validate that there's a MX record for the provided email address' domain.

The Code

function domain_exists($email, $record = 'MX'){
	list($user, $domain) = split('@', $email);
	return checkdnsrr($domain, $record);
}

The Usage

if(domain_exists('user@davidwalsh.name')) {
	echo('This MX records exists; I will accept this email as valid.');
}
else {
	echo('No MX record exists;  Invalid email.');
}

You'll see that MX is the default record check, though you could change that to A if you want. This method is not bulletproof but the function does provide a compelling enough argument for an email existing or being a fraud. If a valid email address is important for your purposes, use this function. Try it for yourself!

Recent Features

  • By
    CSS vs. JS Animation: Which is Faster?

    How is it possible that JavaScript-based animation has secretly always been as fast — or faster — than CSS transitions? And, how is it possible that Adobe and Google consistently release media-rich mobile sites that rival the performance of native apps? This article serves as a point-by-point...

  • By
    Interview with a Pornhub Web Developer

    Regardless of your stance on pornography, it would be impossible to deny the massive impact the adult website industry has had on pushing the web forward. From pushing the browser's video limits to pushing ads through WebSocket so ad blockers don't detect them, you have...

Incredible Demos

  • By
    9 Incredible CodePen Demos

    CodePen is a treasure trove of incredible demos harnessing the power of client side languages.   The client side is always limited by what browsers provide us but the creativity and cleverness of developers always pushes the boundaries of what we think the front end can do.  Thanks to CSS...

  • By
    CSS Gradients

    With CSS border-radius, I showed you how CSS can bridge the gap between design and development by adding rounded corners to elements.  CSS gradients are another step in that direction.  Now that CSS gradients are supported in Internet Explorer 8+, Firefox, Safari, and Chrome...

Discussion

  1. Saved, for later use… :)

    Thanks, Btw I like the way you display PHP code on your site.

    Mark

  2. This only checks if an email account can exist for the domain in question. For example I tested molly@frannleach.com and it came back valid. There is no email account of that name.

    If my host is typical, all domains in an account will have the MX record set – which is why even domains I own with no email addresses attached have come back valid. Also most email addresses given by spammers are @gmail.com. This function, though it looks useful, has no validity as you will get false positives more often than false negatives.

  3. @tiggsy: You’re correct but it at least prevents someone from using “user@adksjf8uwe4p8ujfasd.com”.

  4. I have hunted around, and what you have given is the best that can be done, as one can’t rely on an email server being sufficiently insecure as to deny the existence of an email address. Many just swallow them without comment, but not all.

  5. hi david
    Is there anyway to check the user a/c also from that domain… and do u know how to login to webmail from website.I have done a form to collect user id and pass but its not passing to that webmail . if u have any reference or idea it woild be a great help for me

  6. I know this is an old post but now that the “split” function has been deprecated. The following works.


    function domain_exists( $email, $record = 'MX' ) {
    list( $user, $domain ) = explode( '@', $email );
    return checkdnsrr( $domain, $record );
    }

  7. Robert Ameeti

    A domain need not have an MX record to receive mail. It only takes an A record to receive mail. An MX record is used specifically when the MX records is needed to point to a host other than that which the A record points to.

    See:
    http://en.wikipedia.org/wiki/MX_record#History_of_fallback_to_A

  8. This is returning high in Google so I thought I’d add a warning here- this doesn’t work for many servers. As per the the PHP manual for getmxrr (“do not use this function to verify email addresses”), this will return a false positive as the localhost is returned if no MX record is found. Apparently this is correct behaviour: “according to RFC 2821 when no mail exchangers are listed, hostname itself should be used as the only mail exchanger with a priority of zero”.

    Get around this by appending a “.” to the end of the domain, as in:

    $mx_record_really_exists = getmxrr('test.domain.org.',$mx_records_output_array);
    

    Also works for A record checks with checkdnsrr()

  9. tanvi

    Hi…I want Vb.net converted code for ur PHP code…..Pls give its urgent

  10. NeoArc

    list() generates a warning if one of the variables are not set.
    Error messages impact the performance of a script, perhaps even more than regular expressions.

  11. Nice tip. I really need it.
    But is there any way to check if email adress exists (even after checking the MX record)?

  12. There is a way to go beyond checking the email domain exists and check to see if the email actually exists in the domain but I haven’t found the code online yet. This site does it. http://www.infobyip.com

  13. Ben

    Hi,

    My comment is a bit off topic.
    Do you an equivalent function in C and/or C# ?

    Or is there an API to use with other languages ?

    Regards,
    Ben

  14. dibin

    without @ it become error

  15. Ravi
    function domain_exists($email){
            list($user, $domain) = explode('@', $email);
            $arr= dns_get_record($domain,DNS_MX);
            if($arr[0]['host']==$domain&&!empty($arr[0]['target'])){
                    return $arr[0]['target'];
            }
    }
    $email= 'user@radiffmail.com';
    
    if(domain_exists($email)) {
            echo('This MX records exists; I will accept this email as valid.');
    }
    else {
            echo('No MX record exists;  Invalid email.');
    }
    
  16. Óscar

    Yeah, good point to make your webserver a public DDoS’er

Wrap your code in <pre class="{language}"></pre> tags, link to a GitHub gist, JSFiddle fiddle, or CodePen pen to embed!