
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
enhanced-email-deep-validator
Advanced tools
Verify email address checking MX records, and SMTP connection. Return the MX records.
A very small modification from the original email-deep-validator that verifies an email address checking MX records and SMTP connection, returning the MX records whenever it exits.
Install the module through NPM:
$ npm install enhanced-email-deep-validator --save
Requires Node 6 or above
Include the module, create a new EmailValidator
object and call verify
method:
const EmailValidator = require('enhanced-email-deep-validator');
const emailValidator = new EmailValidator();
emailValidator.verify('foo@email.com')
.then(mxRecords => console.log('Email is valid.', mxRecords);
emailValidator.verify('non-existent@email.com')
.catch(err => console.log('Email is not valid', err.message, err.mxRecords));
Set a timeout in seconds for the smtp connection. Default: 10000
.
Enable or disable the check of mx records. Default: true
.
Enable or disable the SMTP check. Default true
.
$ npm test
This module was originally written to be used with Conversio and is used in a production environment currently. This will ensure that this module is well maintained, bug free and as up to date as possible.
Conversio's developers will continue to make updates as often as required to have a consistently bug free platform, but we are happy to review any feature requests or issues and are accepting constructive pull requests.
FAQs
Verify email address checking MX records, and SMTP connection. Return the MX records.
The npm package enhanced-email-deep-validator receives a total of 247 weekly downloads. As such, enhanced-email-deep-validator popularity was classified as not popular.
We found that enhanced-email-deep-validator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.