me: i need to validate some email addresses, so i am going to write a quick regex.
-
-
me: i need to validate some email addresses, so i am going to write a quick regex. how hard can it be?
*4 hours later*
me. i now have 2 problems and one of them is that I've accidentally summoned an ancient daemon. wht the actual fuck@nixCraft Everytime someone uses a regex to validate an email, god kills truckloads of kittens
Split on last @ ensuring the previous character is not itself an @
Check if the domain part resolves, make sure you allow for international domain names.
You can check if the localpart is well formed. IIRC this is not possible with regexes. You need a parser.
With a valid domain, sending an email is the only real way to verify if the address is actually valid. Well formed doesn't mean accepted.
-
me: i need to validate some email addresses, so i am going to write a quick regex. how hard can it be?
*4 hours later*
me. i now have 2 problems and one of them is that I've accidentally summoned an ancient daemon. wht the actual fuck@nixCraft Reminded of this old gem:
-
@qgustavor@urusai.social @nixCraft@mastodon.social you have successfully summoned a debate war by forgetting that user@localhost is a valid email, so is user@::1, and any other locally resolved name and ipv6 address. Just containing a @ is more than enough if you already try to send an email to it.
Seriously though, enforcing a dot in the domain is probably reasonable for most publicly accessible email servers. -
R relay@relay.infosec.exchange shared this topic
