Thread: Dns_get_record

    #1
  1. Plays with fire
    Devshed Novice (500 - 999 posts)

    Join Date
    Aug 2003
    Location
    Barsoom
    Posts
    942
    Rep Power
    96

    Dns_get_record


    Is it okay to use dns_get_record to validate a url? That is, just to prove it exists if someone uses it in an email address or gives a link?
    “Be ashamed to die until you have won some victory for humanity.” -- Horace Mann

    "...all men are created equal." -- US Declaration of Independence
  2. #2
  3. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,872
    Rep Power
    6351
    It's easier just to send an activation email to the account. Hotmail exists. sicunwe4cn2487vno48vn4@hotmail.com doesn't.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  4. #3
  5. Plays with fire
    Devshed Novice (500 - 999 posts)

    Join Date
    Aug 2003
    Location
    Barsoom
    Posts
    942
    Rep Power
    96
    In this case I'd only look for hotmail.com and truncate anything before the @.

    Just looking for ways to sniff out asldjfassdflj.com kind of addresses.
    “Be ashamed to die until you have won some victory for humanity.” -- Horace Mann

    "...all men are created equal." -- US Declaration of Independence
  6. #4
  7. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,872
    Rep Power
    6351
    Why are you trying to sniff those out? If I can't make dan@sdcunwecwncvwjn.com, I'll just make dan-sdcunwecwncvwjn@hotmail.com
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  8. #5
  9. Plays with fire
    Devshed Novice (500 - 999 posts)

    Join Date
    Aug 2003
    Location
    Barsoom
    Posts
    942
    Rep Power
    96
    I'm not just looking for email addresses. I also need to find fake urls. This is for the forms on a site when people are asked to provide links to their facebook, twitter or other sites.

    I want to trap bots and others from trying to enter asldjflajf.com as their facebook page.

    I know PHP has a lot of functions for this, but I really like the info I get from this function vs checkdnsrr or something.
    “Be ashamed to die until you have won some victory for humanity.” -- Horace Mann

    "...all men are created equal." -- US Declaration of Independence
  10. #6
  11. Did you steal it?
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    14,007
    Rep Power
    9398
    Stupid bots you can filter out but, as pointed out, it's absolutely trivial to get around this.

    First I'd do some research into what all qualifies you to receive mail. An MX record, obviously, but that's not required: I assume A, AAAA, and CNAME all work too, but are there others? Then dns_get_record for everything and make sure there's at least one of those records in the list returned.
  12. #7
  13. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,872
    Rep Power
    6351
    I want to trap bots and others from trying to enter asldjflajf.com as their facebook page.
    But what I'm saying is: You're going to do all this work just so that bot authors have to put www.facebook.com/asldjflajf instead of asldjflajf.com. The URL is still fake. You're wasting your effort. A captcha is ten times more effective (and ten times easier) than trying to do real-time validation of cname records.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  14. #8
  15. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    Is it okay to use dns_get_record to validate a url? That is, just to prove it exists if someone uses it in an email address or gives a link?
    Is it OK? Sure, but just keep in mind what the result actually means: it means that the domain is registered and DNS records exist for the host name. It doesn't mean the URL is syntactically valid, it doesn't mean any resource is hosted at that URL, it doesn't mean a web server is running on the host, it doesn't mean an email account is valid, and it doesn't mean a mail server is running on the host. So if your goal is to check whether DNS records exist for the host then it will accomplish what you want.

    However, I agree that it's not worth the effort.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around

IMN logo majestic logo threadwatch logo seochat tools logo