My company has an app that currently only validates by looking for the '@' in the email address. The app is being upgraded to support other cultures and written language use-cases. I suggested using regex code from Microsoft that validates the addresses using regex. They don't see the need to use the regex version if checking for '@' works. My question here is... What pitfalls exist if the validation isn't good enough. Meaning the email server will not be able to send the emails if they have the '@' but fail other checks. What can go wrong?
Asked
Active
Viewed 39 times
1 Answers
0
The list can be quite long:
1@2do@homewhy@home¬@boooomiAm@...@where@homeIsaidNoYouAreNot@home....@......and so on.
All of these are mistakenly valid email addresses if you only check for @
That said, it's worth mentioning coming up with an email address regex that works can be quite difficult. See this
-
My question is more about what pitfalls could there possibly be? Like is it less secure to just use ‘@‘. Does it have an impact on the infrastructure like on email servers. Thanks. – WiredLessInTX Apr 04 '19 at 18:16
-
@WiredLessInTX I can't add much here as it really depends on specific applications. From a usability POV, many people would mistakenly type `name@srv,com`. Notice the comma `,` and not `.`. In this case, i would let the user know about this mistake.. Infrastructure Impact, no idea.. Sorry! – ifnotak Apr 05 '19 at 09:32