You can’t validate email addresses with regular expressions
There is no way of validating email addresses using regular expressions, but regexps and emails are still a useful mix. You can use a javascript email validation regexp to provide useful user feedback and prevent unnecessary typos.
There are several reasons to why there cannot be a perfect regular expression for validating email addresses. Firstly; the official standard, RFC 2822, just tells the basic email address syntax; john@doe.superman is a valid email address according to RFC 2822. Also the standard support characters, like ” and [, that some email clients can't handle.
Secondly and more importantly; even if the email matches a perfect regular expression, there are no guarantees that the email address belongs to the user, or even exists.
With all that said I still believe live javascript-based email address checking using regular expressions is a good idea. You can use it to prevent users from doing unnecessary typos. You don't have to force them to pass the validation, just let them know if you suspect the email to be faulty. Try the demo, created with the Jquery plugin Valid8, above and you will see what I mean.
/^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+(aero|asia|biz|cat|com|coop|edu|gov|info|int|jobs|mil|mobi|museum|name|net|org|pro|tel|travel.ac|ad|ae|af|ag|ai|al|am|an|ao|aq|ar|as|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|ee|eg|er|es|et|eu|fi|fj|fk|fm|.fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|.il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|me|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|rs|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tl|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw)\b$/
Above is the regular expression I use. It is heavily based on a regexp from regular-expressions.info
How do I validate email addresses if not with regular expressions?
Sending an email activation link is a perfect way of validating an email address. You email a link the user have to click on to complete the registration. The link should be disposable and often look like this: http://www.unwrongest.com/signup/?guid=8373629375284563
Never trust client-side validation
Lastly. Remember that you can never, ever, trust client-side javascript validation. It is very easy to tamper with. All validation you do on the client-side has to be done again on the server-side. Client-side validation should be mainly for the users sake.
Comments
Make a comment
Projects
- Accordion (jQuery)
- Airport (jQuery)
- Defaultvalue (jQuery)
- Elastic (jQuery)
- Highlight (jQuery)
- Keycan
- Lazy (jQuery)
- Limit (jQuery)
- Password Strength (jQuery)
- Show Password (jQuery)
- Tabify (jQuery)
- Valid8 (jQuery)
Latest posts
- July 8th, 2009 Why are we typing passwords twice?
- July 5th, 2009 Don’t stop password masking; let the user decide
- June 1st, 2009 You can’t validate email addresses with regular expressions
- May 20th, 2009 Konami Code: Why so verbose, when you can make it in 140 characters?
- May 18th, 2009 Let your users know if Firebug slows down your web page.
“There is no way of validating email addresses using regular expressions”
Wrong: http://ex-parrot.com/~pdw/Mail-RFC822-Address.html
I guess you didn’t read my blog post.
“Secondly and more importantly; even if the email matches a perfect regular expression, there are no guarantees that the email address belongs to the user, or even exists.”
Also it seems to think that jan@unwrongest.mister is a valid email address. Which it is according to RFC2822, but not in practice.
This is disingenuous at best. It’s like saying there’s no way to use a voltmeter to test if a color is red. Of course there isn’t. Regular expressions aren’t designed to test the validity of an email address. They are designed to test whether a specific string conforms to an expected pattern. So, they CAN be used to test of a string is a properly FORMATTED regular expression.
They should be used as PART of validating an email address, not as the whole thing.
That is a valid address, you can route that if you want. Practice means matching what RFCs, IETF, or other specifications say, otherwise it wouldn’t be perfect and would fail the marginal test cases that people never test for.
“even if the email matches a perfect regular expression” And the point was there is a perfect regular expression.
We have different ideas about what perfect is. I don’t care much for a form validation that only works in theory. And even if that regular expression was working like a charm it is, according to me, way to big (6kb) to be called perfect… or even usable.
How do I validate email addresses if not with regular expressions?
What if you are validating a blog comment or a contact form post. your solution does not imply in that case, and back to old expressions :)
Agree or not?