Contact Form 7 is a very popular WordPress form as, CF7 is actively used on more than a million WordPress websites currently. And though CF7 has its own set of validations for the different fields, you might end up needing more powerful email validation capabilities to prevent contact form spam. The blog covers a piece of script to validate emails on Contact Form 7 when someone submits the form and, in that way reduce spam.

The script primarily focuses on allowing only business emails and block email addresses from free ESP’s like Gmail, Yahoo, AOL etc. as spammers rarely use business email addresses for contact form spam.

Easy way to validate emails on CF7 without writing a script ?

Oh yes there is, Antideo Email Validator is plugin that is compatible with CF7 out of the box and you do not need to write code or make any changes to the theme files. The plugin also stores over 3.5K free email address vendors to give you maximum coverage. Apart from detecting and blocking free email addresses, the plugin also extends Contact Form 7 functionalities by

• Validate email syntax or flag incorrect email format
• Check for Disposable Email Addresses or Temp Emails
• Block Generic and Role Based Email Addresses
• Validate MX records of the domain associated with the email address
• Maintain local blacklist for email addresses and domains
• Maintain local whitelist for email addresses and domains

The plugin allows you to do free email validation on Contact Form 7 without the fuss of working with code. All you have to do is to install our plugin and switch on the capabilities you need with a couple of clicks and you are done. As simple as that.

Email validation script for Contact Form 7

Before you dive right into the script, ensure that you have taken a back-up of your website files as recommended before you add any code into WordPress or a Plugin. This script functions along the lines of a blacklist to validate the email addresses against it, when a form is submitted.

Step 1:

Create a function is_business_email() within the file that is labelled function.php of the theme that you are using, in this function the ESP’s that provide free email addresses are defined.

function is_business_email($email){
if(preg_match(‘/@hotmail.com/i’, $email) ||
preg_match(‘/@gmail.com/i’, $email) ||
preg_match(‘/@yahoo.co/i’, $email) ||
preg_match(‘/@yahoo.com/i’, $email) ||
preg_match(‘/@mailinator.com/i’, $email) ||
preg_match(‘/@gmail.co.in/i’, $email) ||
preg_match(‘/@aol.com/i’, $email) ||
preg_match(‘/@yandex.com/i’, $email) ||
preg_match(‘/@msn.com/i’, $email) ||
preg_match(‘/@gawab.com/i’, $email) ||
preg_match(‘/@inbox.com/i’, $email) ||
preg_match(‘/@gmx.com/i’, $email) ||
preg_match(‘/@rediffmail.com/i’, $email) ||
preg_match(‘/@in.com/i’, $email) ||
preg_match(‘/@live.com/i’, $email) ||
preg_match(‘/@hotmail.co.uk/i’, $email) ||
preg_match(‘/@hotmail.fr/i’, $email) ||
preg_match(‘/@yahoo.fr/i’, $email) ||
preg_match(‘/@wanadoo.fr/i’, $email) ||
preg_match(‘/@wanadoo.fr/i’, $email) ||
preg_match(‘/@comcast.net/i’, $email) ||
preg_match(‘/@yahoo.co.uk/i’, $email) ||
preg_match(‘/@yahoo.com.br/i’, $email) ||
preg_match(‘/@yahoo.co.in/i’, $email) ||
preg_match(‘/@rediffmail.com/i’, $email) ||
preg_match(‘/@free.fr/i’, $email) ||
preg_match(‘/@gmx.de/i’, $email) ||
preg_match(‘/@gmx.de/i’, $email) ||
preg_match(‘/@yandex.ru/i’, $email) ||
preg_match(‘/@ymail.com/i’, $email) ||
preg_match(‘/@libero.it/i’, $email) ||
preg_match(‘/@outlook.com/i’, $email) ||
preg_match(‘/@uol.com.br/i’, $email) ||
preg_match(‘/@bol.com.br/i’, $email) ||
preg_match(‘/@mail.ru/i’, $email) ||
preg_match(‘/@cox.net/i’, $email) ||
preg_match(‘/@hotmail.it/i’, $email) ||
preg_match(‘/@sbcglobal.net/i’, $email) ||
preg_match(‘/@sfr.fr/i’, $email) ||
preg_match(‘/@live.fr/i’, $email) ||
preg_match(‘/@verizon.net/i’, $email) ||
preg_match(‘/@live.co.uk/i’, $email) ||
preg_match(‘/@googlemail.com/i’, $email) ||
preg_match(‘/@yahoo.es/i’, $email) ||
preg_match(‘/@ig.com.br/i’, $email) ||
preg_match(‘/@live.nl/i’, $email) ||
preg_match(‘/@bigpond.com/i’, $email) ||
preg_match(‘/@terra.com.br/i’, $email) ||
preg_match(‘/@yahoo.it/i’, $email) ||
preg_match(‘/@neuf.fr/i’, $email) ||
preg_match(‘/@yahoo.de/i’, $email) ||
preg_match(‘/@aim.com/i’, $email) ||
preg_match(‘/@bigpond.net.au/i’, $email))
{
return false; // It is a free email address
}
else{
return true; // It is likely a business email address
}
}

Step 2:

Next would be to create a function as custom_email_validation_filter() inside the theme function.php file. This function gets executed only once the submit button is clicked. This function will be called by the Contact Form 7 filter(wpcf7_validate_email).

function custom_email_validation_filter($result, $tag) {
$tag = new WPCF7_Shortcode( $tag );
if ( ‘your-email’ == $tag->name ) {
$the_value = isset( $_POST[‘your-email’] ) ? trim( $_POST[‘your-email’] ) : “”;
if(!is_business_email($the_value)){
$result->invalidate( $tag, “Please enter a valid business email” );
}
}
return $result;
}
add_filter( ‘wpcf7_validate_email’, ‘custom_email_validation_filter’, 10, 2 );
add_filter( ‘wpcf7_validate_email*’, ‘custom_email_validation_filter’, 10, 2 );

One thing you need to be careful about is that, the script is using the label ’email field name(your-email)’, but if you are using a different label for the email field, then change the name of the field in the function custom_email_validation_filter().

Antideo also provides API’s for IP health check and phone number validation. This can be integrated with the forms to block blacklisted IP’s, proxies, infected IP etc. Plus you can use the API to validate phone numbers on contact Form 7 to ensure you accept only valid phone numbers being entered through the forms.

Our team of developers can help you with implementing our API’s into your forms or application, if you are not familiar with API integration.