tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From puffm...@darksleep.com (Steven J. Owens)
Subject Re: How to validate email address in JSP by using javax.mail?
Date Thu, 10 Oct 2002 06:49:18 GMT
On Thu, Oct 10, 2002 at 11:46:20AM +0530, Kunal Shah wrote:
> suppose there is an domain xyz.com accepting mails for its user say
> there are a, b and c users and administrator which will recieve
> mails for unresolve members
> 
> i am sending one mail at dummy@xyz.com. dummy is not valid
> mailbox still the mesg will be delivered to administrator of
> xyz.com. so there will be not send fail exception.

     This is why the standard practice in internet mailing list
servers is "confirmed opt-in".  In other words, you MUST assume that
the email address is invalid UNLESS the user gets the confirm request
email and confirms by responding.

     The usual approach to implementing this is to generate a
pseudo-random number that will be unique to that user, and store it
somewhere, typically a database table which also includes that email
address.  Then you send a confirm request email to the email address,
asking that they send you back the pseudo-random number so you know
that the email address is both valid (because they received the email)
and has requested whatever service (because they chose to reply).

     Typically, the user sends the pseudo-random number one of two
ways, either by email or by a direct HTTP GET request with the
pseudo-random number as an argument.

a) to allow a GET-style URL request containing the pseudo-random
number as an argument, you just include the URL in the confirm request
message, so the user can click on it in order to directly invoke a JSP
or servlet.  

b) to allow an email, you put the pseudo-random number on either the
subject-line or in the reply-to address of the message you send out.
For a reply-to address, on your message you set a reply-to header.
Most email clients, when the user selects the generic "reply" command,
will address the message to the value set in the "reply-to" header.

     Typically your reply-to header will be something like
"confirm-2345234632@example.com", where 2345234632 is the
pseudo-random number.  Most email servers can be configured to have
email addresses with partial wild-cards, i.e. "confirm-*" or some
such, which define an address which receives all email addressed to an
address starting with "confirm-".  You configure your email server to
hand off such messages to your java server.  Your java server then
matches the "confirm-*" address up against the pseudo-random number in
the table.

     If your server can't handle partial wildcard addresses, then you
have a single "confirm-reply" address and instruct the user to make
sure that the subject-line of your request message is copied into the
reply (most mail clients do that automatically).  Other than that, it
works the same as with the reply-to technique.

Steven J. Owens
puff@darksleep.com

"I'm going to make broad, sweeping generalizations and strong,
 declarative statements, because otherwise I'll be here all night and
 this document will be four times longer and much less fun to read.
 Take it all with a grain of salt." - Me

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message