Martin’s Blog

Validating whether an e-mail address conforms to the (informal) e-mail address specification is a good way of improving the overall validity of the information entered by a user. Regular expressions can help us in accomplishing this.

The following example doesn’t follow the RFC 2822 specification per se but enforces the more strict rules which are common for the internet nowadays and for instance enforced by Live Hotmail and Gmail.

The Wikipedia article about e-mail addresses is somewhat easier to digest than the original specification and is a good starting point for e-mail validation techniques.

Here goes!

Anatomy for i.e. john@doe.example.com:

• john is the local name
• doe is the subdomain name
• example is the domain name
• com is the top-level domain name

The rules:

• Local name may only contain letters, digits, hyphen ‘-’, underscore ‘_’ and periods ‘.’
• Local name may not begin and/or end with a period
• Local name may not contain two or more subsequent periods ‘..’
• Sub-domain name may only contain letters, digits and hyphen
• Multiple sub-domains are permitted
• Domain name may only contain letters, digits and hyphen
• Domain name and sub-domain name may not begin and/or end with a hyphen
• Domain name and sub-domain must be between 2 to 63 characters long
• Top-level domain may only contain letters
• Top-level domain must be between 2 to 6 characters long
• Sub-domain names, the domain name and the top-level domain name are separated by single periods ‘.’

The regular expression (Perl compatible):

/^[A-z0-9\-_]+(\.[A-z0-9\-_]+)*@(([A-z0-9]+\-?[A-z0-9]+)+\.)+[A-z]{2,6}$/

And a PHP function to validate the e-mail addresses:

// Pass the e-mail address to the function.
// Will return true when valid, false when invalid.
function validate_emailaddress($input) {
   return preg_match('/^[A-z0-9\-_]+(\.[A-z0-9\-_]+)*@(([A-z0-9]+\-?[A-z0-9]+)+\.)+[A-z]{2,6}$/', $input);
}

Note that the solution shown will discount alot of possible RFC 2822 compliant e-mail adressess as invalid but these are mostly used in intranet settings. Stricter rules apply for the web and these are the basis for the expression I’ve made.

What the expression doesn’t account for:

• It doesn’t check whether the subdomain and domain names’ length exceeds the maximum of 63 characters
• Every made up top-level domain will pass, given it is between 2 and 6 characters long
• Something I might have missed?

If you have a solution for the aforementioned shortcomings, please let me know!

This entry was posted on Friday, December 21st, 2007 at 7:23 pm and is filed under code. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.