From 84f187da96e5dd4427abf240cb7dd4a68437addb Mon Sep 17 00:00:00 2001
From: Roland Shoemaker <rolandshoemaker@gmail.com>
Date: Fri, 5 Jun 2015 15:27:07 +0100
Subject: [PATCH] Check MX records exist for provided emails

---
 ra/registration-authority.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/ra/registration-authority.go b/ra/registration-authority.go
index 7f4c7f53b..542a0f2f9 100644
--- a/ra/registration-authority.go
+++ b/ra/registration-authority.go
@@ -12,6 +12,7 @@ import (
 	"net/url"
 	"regexp"
 	"strconv"
+	"strings"
 	"time"
 
 	"github.com/letsencrypt/boulder/core"
@@ -72,6 +73,21 @@ func (ra *RegistrationAuthorityImpl) NewRegistration(init core.Registration) (re
 	}
 	reg.MergeUpdate(init)
 
+	for _, contact := range reg.Contact {
+		// If contact email provided check MX records exist for the domain
+		if contact.Scheme == "mailto" {
+			splitEmail := strings.SplitN(contact.Opaque, "@", -1)
+			domain := strings.ToLower(splitEmail[len(splitEmail)-1])
+			mx, err := net.LookupMX(domain)
+			if err != nil {
+				return
+			}
+			if len(mx) == 0 {
+				err = core.MalformedRequestError(fmt.Sprintf("No MX record for domain %s", domain))
+			}
+		}
+	}
+
 	// Store the authorization object, then return it
 	reg, err = ra.SA.NewRegistration(reg)
 	if err != nil {