Determining the hostname/IP address from the MX record in PHP

have a basic email domain validation script 开发者_开发技巧that takes a user's email domain, resolves the IP address from that and then checks that against various published blacklists. Here is how I am determining the IP:

$domain = substr(strchr($email, '@'), 1);
$ip     = gethostbyname($domain);

The problem is that some email address domains, such as soandso@alumni.example.net, use an MX record rather than an A record, so using gethostbyname('alumni.example.net') will fail to resolve. I know when a user's email is using an MX in the email itself by using the PHP checkdnsrr function, but once at that stage am a little stuck as to how to proceed.

In theory, I could parse out the 'root' domain, i.e. 'example.net' and check it, but I've not found reliable regex that can handle this task when the user could easily have an email the format of user@corp.example.co.uk...

So, any suggestions on how to best tackle this??

---

Instead of using gethostbyname, use dns_get_record, something like dns_get_record($domain,DNS_MX). See the docs for how the return values are structured.

---

$Arr = dns_get_record('ford.com' , DNS_MX);


$count = count($Arr);
for($i=0; $i<$count; $i++) {

    echo $i.'-'.$Arr[$i]['target'].'-'.gethostbyname($Arr[$i]['target']).'-'.$Arr[$i]['ttl'].'<br/>';
}

I got the result with ip address as following order(Pref, host, ip, ttl).

0-cluster4a.us.messagelabs.com-85.158.139.103-453
1-cluster4.us.messagelabs.com-216.82.242.179-453

---

The easiest is probably

if (!getmxrr($host, $result)) {
  $result=array($host);
}

Then loop over the results, calling gethostbyname() and checking that none are blacklisted (or you could pick the result with the lowest weight, but that could be easily used to circumvent the blacklist).

I'd question the usefulness of blacklisting a destination; DNS spam blacklists are usually made for blacklisting sources.

---

You cannot do source validation based solely on someone's e-mail address, because (in general) any party anywhere on the internet can send any e-mail with anyone else's e-mail address in it.

---

Using this function you can only check atleast one mx records is available for the given domain. Code is not tested with multiple domains.

function mxrecordValidate($email){
        list($user, $domain) = explode('@', $email);
        $arr= dns_get_record($domain,DNS_MX);
        if($arr[0]['host']==$domain&&!empty($arr[0]['target'])){
                return $arr[0]['target'];
        }
}
$email= 'user@radiffmail.com';

if(mxrecordValidate($email)) {
        echo('This MX records exists; I will accept this email as valid.');
}
else {
        echo('No MX record exists;  Invalid email.');
}

If find any improvement in this function, comments are appreciated.

---

Try:

$result = shell_exec ('host -t MX '.$domain);

var_dump ($result);

or

exec ('host -t MX '.$domain, $result = array ());

var_dump ($result);

You will get list of MX records, you can parse it and check each record with gethostbyname().

Edit

dns_get_record() mentioned by Ycros will be better.