phpList version 3.0.x - Code Enhancements

eMail Validations


small phplist logoThanks to Bob Afifi over in Santa Rosa who enquired whether I had an enhancement that could validate the username part of an email address to prevent subscribers signing up as noreply@ or no.reply@. Then after a week I replied to his enquiry and basically said No, but I do now.

There is a lot of information on the web written about burner / disposable eMail addresses that individuals use when subscribing that can cause problems down the line for newsletter publishers. Now in addition to that problem we also have individuals trying to sign up with an invalid domain name which this enhancement to phpList also addresses by checking the MX - DNS record for the domain. The approach for checking this is quite basic as it only cheecks for a valid dns record, it does not verify whether the full address is valid. For that I use the double-opt in option that is mandatory in the EU and convered by the CAN-SPAM act and already built into the core package.

This part of the routine after checking the MX record could be extended to send a HELLO to the smtp server but this over complicates things and could result in your server being blacklisted, which we really don't want.


Main Elements of Enhancement

  • Check for valid MX record does the domain exist
  • Compare domain to list of burner / disposable domain addresses
  • Prevent certain usernames e.g. noreply@ from subscribing

As already mentioned this enhancement is only one of a number of steps taken to prevent spammers and others from attacking this site through phpList. Some are already built into the core package and others added over time.


Security Measures in Place

  • Stop spam flag in config.php - built in
  • email validation using regex - built in & corrected by AGP
  • Confirm eMail address - built in
  • Require subscriber to use password - built in
  • Double-Opt in - built in
  • Captcha image entry - from AGP
  • IP Address of spammer, captured to database to prevent further attempts - from AGP
  • File scanning of /lists folder to identify unauthorised uploads - from AGP
  • eValidation further email verification - from AGP

NOTE - Not all the above are available for downloading.



Take it for a Test Run

Use the following link to see the eValidation on a live system.. In addition you can also use it to see the HTML System Subscriber Messages and the Custom Placeholders in action


Test eValidation


Domain Updates

The list of burner / disposable domains is continually being updated (sometimes weekly) and will be made available more often than updates to the code.



Rel. Date Ver. Notes
28-05-2018 2.0.9 Documentation & Domains list - phpList v3.3.3
14-02-2017 2.0.8 Documentation & Domains list - phpList v3.3.1
06-02-2017 2.0.7 Documentation & Domains list - phpList v3.3.0
31-01-2017 2.0.6 Documentation & Domains list - phpList v3.3.0 RC4
08-01-2017 2.0.5 Documentation & Domains list - phpList v3.0.12 & 3.2.7
27-11-2016 2.0.4 Minor update for UTF-8 & domains list - phpList v3.0.12 & 3.2.6
10-11-2016 2.0.3 Updated documentation & domains list - phpList v3.0.12 & 3.2.6
26-10-2016 2.0.2 Reduced number of eValidation error messages - phpList v3.0.12 & 3.2.6 rc1
24-10-2016 2.0.1 Modified the username matching routine - phpList v3.0.12 & 3.2.6 rc1
21-10-2016 2.0.0 Confirmed compatability with phpList v3.0.12 & 3.2.6 rc1
Release Date Rel-Date Version Ver. Notes php
List
Download
phpList with AG-P Hacks is distributed under the LGPL. Read More
28.05.2018 2.0.9 Code & Domains List Update 3.3.3 3.3.3 Download
14.02.2017 2.0.8 Code & Domains List Update 3.3.1 3.3.1 Download
06.02.2017 2.0.7 Code & Domains List Update 3.3.0 3.3.0 Download
31.01.2017 2.0.6 Code & Domains List Update 3.3.0 RC4. 3.3.0 RC4 Download
08.01.2017 2.0.5 Code & Domains List Update. 3.2.7 Download
27.11.2016 2.0.4 Code & Domains List Update. 3.2.6 Download
10.11.2016 2.0.3 Documentation & Domains List Update. 3.2.6 Download
26.10.2016 2.0.2 Reduced number of error messages. 3.2.6 rc1 Download
24.10.2016 2.0.1 Modified the Name matching routine. 3.2.6 rc1 Download
21.10.2016 2.0.0 phpList v3.2.6 rc1. - Initial build. 3.2.6 rc1 Download
Release Date Rel-Date Version Ver. Notes php
List
Download
phpList with AG-P Hacks is distributed under the LGPL. Read More
14.06.2018 1.1.7 Updated List of Domain Names (3899). 3.3.3 Download
04.06.2018 1.1.6 Updated List of Domain Names (3886). 3.3.3 Download
28.05.2018 1.1.5 Updated List of Domain Names (3869). 3.3.3 Download
13.03.2018 1.1.4 Updated List of Domain Names (3808). 3.3.1 Download
20.10.2017 1.1.2 Updated List of Domain Names (3753). 3.3.1 Download
17.08.2017 1.1.1 Updated List of Domain Names (3566). 3.3.1 Download
07.07.2017 1.1.0 Updated List of Domain Names (3234). 3.3.1 Download
31.05.2017 1.0.9 Updated List of Domain Names (3196). 3.3.1 Download
31.01.2017 1.0.8 Updated List of Domain Names (1333). 3.3.0 RC4 Download
08.01.2017 1.0.7 Updated List of Domain Names (1332). 3.2.7 Download
08.12.2016 1.0.6 Updated List of Domain Names (1303). 3.2.6 Download
27.11.2016 1.0.5 Updated List of Domain Names (1268). 3.2.6 Download
10.11.2016 1.0.4 Updated List of Domain Names (1263). 3.2.6 Download
02.11.2016 1.0.3 Updated List of Domain Names (1254). 3.2.6 rc1 Download
27.10.2016 1.0.2 Updated List of Domain Names (1244). 3.2.6 rc1 Download
25.10.2016 1.0.1 Updated List of Domain Names. 3.2.6 rc1 Download
21.10.2016 1.0.0 List of Burner / Disposable Domains - Initial build. 3.2.6 rc1 Download


All photographs & images are the copyright of Alan G Fairhall and may not be reproduced or downloaded without express permission from the photographer
alangeorge-photography