5

I want each user to register with a unique email address. However some email addresses like GMail allow you to add a + suffix which could be used to register multiple accounts to a website but it all goes to a single email address e.g.

  • bob@gmail.com goes to bob@gmail.com
  • bob+1@gmail.com goes to bob@gmail.com
  • bob+2@gmail.com goes to bob@gmail.com
  • bob+3@gmail.com goes to bob@gmail.com
  • bob+4@gmail.com goes to bob@gmail.com

Effectively they can have as many email addresses as they want. This is a problem because my website sees it as 5 separate email addresses but gmail sees it as one email address.

I was thinking of blocking any email addresses with a ‘+' in, but I don’t want to block any valid email addresses. What is the standard practice?

Xion
  • 22,400
  • 10
  • 55
  • 79
woot586
  • 3,906
  • 10
  • 32
  • 40
  • a) No it isn't b) you can also use `bo.b@googlemail.com`, or `b.ob@googlemail.com`. – KingCrunch Jan 02 '12 at 15:24
  • 1
    c) You can get dozens of throwaway email addresses elsewhere anyway. And that's what I do when a website blocks +suffixes, because then it's too likely spam is an intention. – mario Jan 02 '12 at 15:27
  • 2
    Me, I use the plus to keep track of whom I have given this address to. This is much more likely and useful than any possible abuse of this mechanism - please don't make it harder (granted, a lot of sites already do, but I always thought it was incompetence, rather than a conscious decision.) – tripleee Jan 02 '12 at 16:23

2 Answers2

5

I don't think there is a standard practice on how to handle this, other than not allowing + all together. On the other hand, preventing it doesn't seem to be that useful. It won't take more than a few minutes to create an entirely new e-mail address on some free service if whoever you're intending to block-out really needs it.

It should also be noted that a lot of other e-mail providers also provide subaddressing, but not using the plus sign, but with a hyphen (Yahoo, Runbox, etc.), and attempting to block this out will only cause trouble for anybody just having an e-mail address with a hyphen in it. It's a war that you've already lost.

Besides, if you filter out plus signs, you're essentially not compliant with the RFC3696 standard anymore:

The exact rule is that any ASCII character, including control characters, may appear quoted, or in a quoted string. [...]

Without quotes, local-parts may consist of any combination of alphabetic characters, digits, or any of the special characters

! # $ % & ' * + - / = ?  ^ _ ` . { | } ~

But you could just strip out the plus part if you insist.

$emails = array('bob@gmail.com','bob+1@gmail.com','bob+hello@gmail.com');

foreach ($emails as &$email)
{
    list($identifier, $domain) = explode('@',$email);
    list($name) = explode('+',$identifier);
    $email = $name."@".$domain;
}
    
print_r($emails);

The above will give you

Array
(
    [0] => bob@gmail.com
    [1] => bob@gmail.com
    [2] => bob@gmail.com
)
Community
  • 1
  • 1
kba
  • 19,333
  • 5
  • 62
  • 89
0

Email ids can contain many characters which would look incorrect to us, I found a good thread here which might answer your query: What characters are allowed in an email address?

Also to find the unique email id, just take the first half of the email id and remove + and . chars and then verify.

Community
  • 1
  • 1
Neo
  • 6,753
  • 1
  • 19
  • 25
  • There us no guarantee that you can trim anything after a plus (or a minus, or a slash, or an equals sign, any more than any alphabetic) in the localpart. If somebody wants to sign up multiple addresses which deliver to the same endpoint, there are dozens of ways to do that - why would you discriminate against one of them? – tripleee Jan 02 '12 at 16:22
  • i am not saying trim it, just trim the special chars which can be used in an email id which dont have any significance – Neo Jan 02 '12 at 16:28
  • How do you know which characters are significant? What's the benefit of converting bob+box1 to bobbox1 (or to o+ox1 if "b" is not "of any significance")? – tripleee Jan 03 '12 at 06:51