Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Re^4: Practical e-mail address validation (flexes)

by tye (Sage)
on Sep 13, 2008 at 18:20 UTC ( #711152=note: print w/replies, xml ) Need Help??

in reply to Re^3: Practical e-mail address validation (flex)
in thread Practical e-mail address validation

You appear to mean "directly before the @". Thanks for the clarification. Email::Valid::Loose further clarifies:

Email::Valid::Loose is a subclass of Email::Valid, which allows . (dot) before @ (at-mark). It is invalid in RFC822, but is commonly used in some of mobile phone addresses in Japan (like or

So the items identified so far:

  • Allow /\.\@/
  • Disallow /\@.*%/ (actually more, since you answered my question in the negative in a private /msg and promised more details later)
  • Disallow CFWS w/in the address
  • Require /\@.*\./
  • Require /\.[a-zA-Z]{2,}$/
  • Require RFC1035-compliant domain (except empty ones)
  • Extend RFC1035 to allow domain labels that start with a digit
  • Disallow quoting (usually of $local_part)
  • Disallow escaping (usually of $local_part)
  • Disallow /\+.*\@/
  • Disallow "group"s (/$display_name:$mailbox_list;/)
  • Disallow "name-addr" (/$display_name?$angle_addr/)
  • Disallow "obs*" (obs-angle-addr, obs-mbox-list, obs-addr-list, obs-local-part, obs-domain)

- tye        

Replies are listed 'Best First'.
Re^5: Practical e-mail address validation (flexes)
by Limbic~Region (Chancellor) on Sep 13, 2008 at 20:36 UTC
    They (email addresses with periods immediately preceding the @) were also very common by Microsoft Exchange back when I was working at the DoJ. I am not sure if M$ has become more compliant. I am going to be updating this node with a variety of other ways at attempting to exploit open relays and I will /msg you when complete.

    Update: Rather than enumerate them myself, go to and test an MTA you believe to be secure. It shows you all the email addresses it uses to test with (from and to). I also realized I had the relay syntax wrong. It is I have updated the prior node.

    Update: I haven't provided a complete list of "rules" that I think such a theoretical module should include but having "John Smith" is another one that should be flexible. If I come up with more I will add them here but it has been a long time since I thought about such things. Oh, and I used to have to worry about non-SMTP addresses too like CC:Mail and GroupWise (fortunately not UUCP).

    Cheers - L~R

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://711152]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (5)
As of 2021-10-26 06:46 GMT
Find Nodes?
    Voting Booth?
    My first memorable Perl project was:

    Results (90 votes). Check out past polls.