Paypal documentation says:

PayPal sends a single word back, which is either VERIFIED if the message originated with PayPal or INVALID if there is any discrepancy with what was originally sent

However, I get the following IPN notification from Paypal (NOTE:I'm using Sandbox for testing):

HTTP/1.1 200 OK
.... [removed headers for brevity]
Content-Type: text/html; charset=UTF-8

8
VERIFIED
0

What are the numbers 8 and 0 before and after VERIFIED? My guess 8 is length of the VERIFIED word but that's just a guess.

update As PayPal_Robert correctly pointed out, this is because of HTTP chunked transfer encoding. From wikipedia page:

The size of each chunk is sent right before the chunk itself so that the receiver can tell when it has finished receiving data for that chunk. The data transfer is terminated by a final chunk of length zero.

This is because of chunked HTTP data and a regular fsockopen() integration including this in the response.

You can either apply trim() to trim this and look at INVALID/VERIFIED specifically, or switch from fsockopen() to cURL (assuming you're using PHP).

Personally, I would advise you to use a proper HTTP library like cURL as opposed to fsockopen(), as it allows for greater flexibility, both now and in the future.