Hacker News new | past | comments | ask | show | jobs | submit login

ship it.

Seriously, the only way to validate an email is to send them an email and make them click a validation link. I




It's not the worst way, but it's far from being the best way.

Sometimes you don't want the user to stop what they are doing, wait for an email to arrive, hope it doesn't land in spam, read it, click then link, and then continue. This is usually the case if you want them to buy something.

Secondly, what happens when they don't get the email? We had lots of problems where people where signing up from the following domains: gmail.cm, gmail.co, gmail.con, tmail.com, gmail.oom, gamil.com, hotamail.com, homtail.com, etc.

You want to firstly do some simple checks to see if it looks roughly like an email address. I like to see if it matches \S+@\S+\.\S+ (and ignore the few people with a top-level domain). Then you want to validate the actual domain to see if it's a misspelling of a popular address.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: