Complete email validation

Email validation is one of the most common tasks required when building up a website. The problem with this task is that the overwhelming majority of websites don't use a complete email validation but only a partial one. To be complete, email validation must:

  1. check whether the email format provided by the user fulfills the formal requirements contained in the specifications (RFC 2822)
  2. check whether the email address actually exists and it's active.

The first point requires the use of string manipulation and analysis. Either you choose to use string methods or regular expressions, you must stick to the format specified in the RFC 2822. I've seen in many books and many tutorials regular expressions that were incomplete and didn't conform to the specifications. The only exception is contained in the manual PHP Cookbook, where email validation is treated in full, mainly from the point of view of the requirements of the RFC 2822. Of course, the same rules apply to client-side validation.

Finally, validation would be incomplete if we weren't sure that a given email address exists and it's alive. This particular subtask can only be performed by a server-side language. There are many functions and methods available in several server-side languages that allows you to do this. This kind of verification should be always performed after the first format check, not before.

Leave a Reply

Note: Only a member of this blog may post a comment.