Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
legit
Advanced tools
Readme
A wrapper for the NodeJS Dns.resolveMx method that checks the domain of an email address for valid/existence of MX records.
$ npm install legit
const legit = require('legit');
legit('validemail@validdomain.com')
.then(result => {
result.isValid ? console.log('Valid!') : console.log('Invalid!');
console.log(JSON.stringify(result));
})
.catch(err => console.log(err));
If an email addresses domain is legit then the object returned will include an isValid
key that will be set to true
as well as an mxArray
key with all the MX record information for the valid domain.
If the domain has no MX or cannot resolve any MX then it will return isValid
as false
.
Anything else is considered an error and you'll get it in the .catch
For a more modern approach using ES6, you can await
the reponse before acting on it.
const legit = require('legit');
(async () => {
try {
const response = await legit('validemail@validdomain.com');
response.isValid ? console.log('valid') : console.log('invalid');
} catch (e) {
console.log(e);
}
})();
For a valid email address, you'll get the following response object:
{
"isValid": true,
"mxArray": [
{
"exchange": "aspmx.l.google.com",
"priority": 1
},
{
"exchange": "alt1.aspmx.l.google.com",
"priority": 5
},
{
"exchange": "alt2.aspmx.l.google.com",
"priority": 5
},
{
"exchange": "alt3.aspmx.l.google.com",
"priority": 10
},
{
"exchange": "alt4.aspmx.l.google.com",
"priority": 10
}
]
}
(The MIT License)
Copyright (c) 2015-2020 Martyn Davies, and contributors.
FAQs
Check that email addresses are really able to accept emails by pinging the DNS and checking for active MX records.
The npm package legit receives a total of 736 weekly downloads. As such, legit popularity was classified as not popular.
We found that legit demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.