Which ones? In RFC 5322 every address contains an addr-spec at some point, which in turn must include an @. RFC 6854 does not seem to change this. Or did I misread something?
Remember, we’re taking about regular expressions here so .+ means “a sequence of one or more arbitrary characters”. It does not imply that an actual dot is present.
fuck any website that requires an account to just READ it’s stupid content and at the same time blocks guerrillamail/10minutemail (looking at you, Glassdoor,I don’t want to get fucking spam just so that I can check approximate salary in a company)
Imagine giving someone your phone number, and having them say you have to get a different one because they don’t like some of the digits in it.
I have seen this nonsense more times than I care to remember. Please don’t build systems this way.
If you’re trying to do bot detection or the like, use a different approach. Blacklisting email addresses based on domain or any other pattern does a poor job of it and creates an awful user experience.
(And if it prevents people from using spam-fighting tools like forwarding services, then it’s directly user-hostile, and makes the world a worse place.)
Amen.
Spoiler alert: Few of them are good, and those few are so simple that you might as well not use a library.
The only way to correctly validate an email address is to send a message to it, and verify that it arrived.
You can use a regex to do basic validation. That regex is
.+@.+. Anything beyond that is a waste of time.That rejects valid emails
Which ones? In RFC 5322 every address contains an addr-spec at some point, which in turn must include an @. RFC 6854 does not seem to change this. Or did I misread something?
EDIT: I’M DUMB I THOUGHT YOU MEANT A LITERAL “.” , that regex is indeed correct.
Original:
This is a valid address:
user.name@[IPv6:2001:db8:1ff::a0b:dbd0]Relevant spec: https://www.rfc-editor.org/rfc/rfc5321#section-4.1.3
And you all doubted me… :P
Edit: Wait, I also don’t think local-part even needs a “.” in it? user@domain.com should be valid as well.
And it’s matched by
.+@.+as it contains an @.Remember, we’re taking about regular expressions here so
.+means “a sequence of one or more arbitrary characters”. It does not imply that an actual dot is present.(And I overlooked the edit. Oops.)
There are also cases where you want to have a disallow list of known bad email providers. That’s also part of the parsing and validating.
It’s a valid need, but a domain blacklist isn’t part of email parsing and if you conflate the two inside your program then you’re mixing concerns.
Why is the domain blacklist even in your program? It should be a user configurable file or a list of domains in the database.
fuck any website that requires an account to just READ it’s stupid content and at the same time blocks guerrillamail/10minutemail (looking at you, Glassdoor,I don’t want to get fucking spam just so that I can check approximate salary in a company)
Imagine giving someone your phone number, and having them say you have to get a different one because they don’t like some of the digits in it.
I have seen this nonsense more times than I care to remember. Please don’t build systems this way.
If you’re trying to do bot detection or the like, use a different approach. Blacklisting email addresses based on domain or any other pattern does a poor job of it and creates an awful user experience.
(And if it prevents people from using spam-fighting tools like forwarding services, then it’s directly user-hostile, and makes the world a worse place.)