User created with invalid email when Verify registrations is on

I might be wrong here (don't think I am though), but that's the way it's supposed to work. The user account will be created no matter if it's a valid e-mail or not, but the user won't be able to use that account until logging in with the password supplied in the e-mail...

Thinking about it a little further, I have the "verify registrations" options turned on, if an email can not be sent, especially as in the case of my error "User Unknown" then it will never verify, and shouldn't really create the account  or at the very least delete it afterwards.

I havn't dug too much into the code, but the parts of the code I read in register.php never used any sort of caching mechanism so as it could resend the email at a later time, if it fails initially.  That being said, my PHP scripting abilities are minimal

to send it again they can just press forgotten password, but the registration simply returns the SMTP server error message it doesn't think about it.

No, my original message included the error code returned by the smtp server, the code is 550.  If you look here the description for err code 550 is "Requested action not taken: mailbox unavailable." i.e. User unknown.

PHP, like I said is not my forté, however looking at the code in email.php you have a function smtp_mail, this method frequently makes calls to another function "server_parse" looking for a response code, if the expected response code is not found it raises an exception, e.g.

    if (!(substr($server_response, 0, 3) == $expected_response))
        error('Unable to send e-mail. Please contact the forum administrator with the following error message reported by the SMTP server: "'.$server_response.'"', __FILE__, __LINE__);

Which is the adzact error I have been receiving.

if you expand the code in smtp_mail function, from:

    fwrite($socket, 'Subject: '.$subject."\r\n".$to_header."\r\n".$headers."\r\n\r\n".$message."\r\n");

    fwrite($socket, '.'."\r\n");
    server_parse($socket, '250');

you could add an extra check to see if the email account it is trying to send to is valid, prior to checking for ok message, something like:

    fwrite($socket, 'Subject: '.$subject."\r\n".$to_header."\r\n".$headers."\r\n\r\n".$message."\r\n");

        if (IsValidEmailAddress($socket))
        {
           // email address is invalid, can't send email
           return (false);        
        }

    fwrite($socket, '.'."\r\n");
    server_parse($socket, '250');

this would require a new function to check if email address is valid, something like:

function IsValidEmailAddress($socket)
{
    $server_response = '';
    while (substr($server_response, 3, 1) != ' ')
    {
        if (!($server_response = fgets($socket, 256)))
            error('Couldn\'t get mail server response codes. Please contact the forum administrator.', __FILE__, __LINE__);
    }

    return(!(substr($server_response, 0, 3) == '550');
}

I am not trying to be awkward, honestly , I thought I was reporting a genuine bug, which is:

when "verify registrations" is on, and the email address is obviously invalid (returns err code 550), then the account which has been created will never be able to be verified and should be deleted. 

This might help eliminate bogus sign-ups, which I, and others (like in this post) have been receiving lately.

btw, I have not tried compiling/running the above script.

kind regards

Si