Registration, email host validation

[ratfish]

For our/my site I have implemented a two step validation of email hosts during registration in addition to what is in place. I do this between the regular expression check of the email address and the blacklist check.

Step one:
I break out the email host as is done in the blacklist check and perform a dns lookup on it.
As per rfc5321 (the current email spec) section 5.1 , if it fails I report the error to the user.
This step avoids two things, user frustration when they typo their email address (that email will never show up) and a pile of .met and .con bounced emails

Step two:
May be a bit more controversial, I obtain the mail exchange record associated with the email host, if it does not exist I report that to the user as an error.
The rfc states that a email server should assume an implicit mail exchange record of weight 0 and proceed checking additional criteria.

"we" are websites using email addresses during automated registration, I feel that refusing to automatically attempt email delivery to such an email host is reasonable. I plan to offer manual registration for any user with an email host that falls into this category yet can send an email to and receive an email from one of our gmail, yahoo or isp based email addresses.

It took both tests to knock down the bot flutter.

So far this has worked well for me, the bounced emails are now for user specific issues (no such name, over quota and similar).

There are additional checks that could be performed but I believe that is above the scope of the site registration and better left to my email server.

I have not but it may be appropriate to put in a configurable setting so a site with poor, limited or unreliable dns could turn the check off

I am not (yet) familiar enough with github to reliably fork mod and push the changes.
I can paste a patch in here if it is appropriate.