[SpamCop.net - protecting the internet through technology]

[SC-Help] Re: Validating SMTP addresses

Iain ipmarketing at spamcop.net
Wed Feb 2 08:49:03 EST 2005 

"Blammo" <ric.gates at bigsleep.org> wrote in message 
news:Xns95E5D06E2400Eblammo at 216.154.195.61...
> On 20 Jan 2005 Iain entered spamcop.help and left
> news:csns3h$48i$1 at news.spamcop.net:
>

> I like to require some other information as well, and address or phone
> number, the name of their ISP. This of course depends on the context, but
> may give you something else to validate along with the eMail address and
> IP.

A part of the problem here is the service would predominantly be to 
companies. Now a small company will know their ISP but who working for a 
larger business knows the routing of the Internet connection.

Some of the mail to be sent will be directly related to a known company but 
the problem is there's no knowledge of the users and therefore their mail 
addresses. Just because we know the user is associated with 'Acme' and that 
Acme does business out of a certain address, it doesn't really help us with 
whether a user's mail addres sis correct or if mail to them fails how to 
contact them. The might work in a completely different location.

I think it all comes back to one of the benefits of a verified opt-in. Not 
only is it the proper way to put addresses onto a user's profile but sending 
a test/welcome/confirmatory [select your choice of term] message and waiting 
for a positive action back from that address (probably via URL loop-back) 
seems the only way to ensure the address is really working and owned by the 
person providing the address.

I have also come up with some plans to try and help ensure an address 
continues to work and mail to it is accepted. This is by monitoring 
click-ins from mail sent. It won't be absolute as people may not use the 
links but if they do it will help to give confidence that an address is 
still 'good'. This could even be used as a basis for a periodic re-verify 
message. If link usage were observed then no need, but if no observed 
response from an address then maybe re-verify after a period of 12 months 
since last known contact, i.e. click-in/opt-in verify.

.../Iain

More information about the SpamCop-Help mailing list