From 0a1e1729d970049ade6ebc84558500e23bc10ed7 Mon Sep 17 00:00:00 2001
From: BlackEagle <ike.devolder@gmail.com>
Date: Wed, 21 Mar 2012 08:42:54 +0100
Subject: valid_email :: check if domain part is real

this can be used as an intermediate 'patch' util there is a validation
system in place.

the extra check is to verify that the domain part of a correctly
formatted email address is existing and in use. this will not at all
stop spammers since they can use bogus emails with valid domain parts

Lukas: Minor formatting changes.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/lib/aur.inc.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index c662b80..7c92bb6 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -80,7 +80,18 @@ function check_sid($dbh=NULL) {
 # verify that an email address looks like it is legitimate
 #
 function valid_email($addy) {
-	return (filter_var($addy, FILTER_VALIDATE_EMAIL) !== false);
+	// check against RFC 3696
+	if (filter_var($addy, FILTER_VALIDATE_EMAIL) === false) {
+		return false;
+	}
+
+	// check dns for mx, a, aaaa records
+	list($local, $domain) = explode('@', $addy);
+	if (!(checkdnsrr($domain, 'MX') || checkdnsrr($domain, 'A') || checkdnsrr($domain, 'AAAA'))) {
+		return false;
+	}
+
+	return true;
 }
 
 # a new seed value for mt_srand()
-- 
cgit v1.2.3-54-g00ecf