Comments on: Stop Doing Email Validation the Wrong Way

By: Fmoens

Fmoens — Fri, 04 Jul 2008 14:58:00 +0000

E-mail validation is really a problem and "old" systems as sending a link to new users have very bad results… We are studying solutions and will keep you posted if we find some

By: ÙØ±ÙˆØ´Ú¯Ø§Ù‡ Ø§ÛŒÙ†ØªØ±Ù†ØªÛŒ

ÙØ±ÙˆØ´Ú¯Ø§Ù‡ Ø§ÛŒÙ†ØªØ±Ù†ØªÛŒ — Fri, 04 Jul 2008 14:04:51 +0000

Testing the length of an email for a sane value has nothing todo with the RFC.

By: HM2K.com » What is a valid email address?

HM2K.com » What is a valid email address? — Thu, 05 Jun 2008 23:35:26 +0000

[...] Jacob Santosâ€™s â€œStop Doing Email Validation the Wrong Wayâ€ rant. [...]

By: Simon Slick

Simon Slick — Mon, 01 Oct 2007 21:43:57 +0000

Validating email address existence is not the same thing as validating email address format, and both have legitimate but different purposes.

Sometimes it is necessary to insure a email address that does not yet exist is valid. But since the address does not exist, sending a test email will obviously not work.

http://SimonSlick.com/VEAF/ValidateEmailAddressFormat.html

BTW, jon(some comment)doe@domain.tld is not an email address. It is an email address with an embedded comment. The email address is jondoe@domain.tld. So forgive me if I do not want and do not accept your comments in your email address.

And besides RFC 822 has largely be replaced by RFC2822. I wouldn’t be so sure that embedded comments are even RFC compliant anymore. (just because some email systems still permit them does not necessarily mean they are RFC compliant).

By: php-homepage.de - Die deutschsprachige Ressource für PHP und MySQL- News

php-homepage.de - Die deutschsprachige Ressource für PHP und MySQL- News — Tue, 11 Sep 2007 14:02:51 +0000

[...] Sklar: E-Mail Address Validation and Mission Creep Original von David Sklar (RSS-Feed) +1 to what ndg said in response to Jacob’s post about e-mail address validation. I think Jacob sort of touches on this [...]

By: developercast.com » Pro::PHP Podcast: Newscast for 2007.07.12

developercast.com » Pro::PHP Podcast: Newscast for 2007.07.12 — Mon, 16 Jul 2007 22:43:55 +0000

[...] # email validation is HARD [...]

By: Jacob Santos

Jacob Santos — Fri, 13 Jul 2007 05:52:36 +0000

How odd. While discussing the matter, I did bring up subdomains, but forgot about it. Interesting how the memory works. I was explaining why I don’t place the closing PHP ‘?>’ with one example. Then two weeks later, I remembered another reason for not having it.

Thanks JT.

You just further highlight the complexity of emails, however that is outside the scope of the discussion. It is fascinating and I will have to remember to do further research in a couple of years or if I ever have a research project on such a matter.

By: JT Wenting

JT Wenting — Fri, 13 Jul 2007 05:24:56 +0000

“ICANN limits domain names length to 63 characters. While the wiki article probably isnâ€™t wrong,”

Ever heard of subdomains?
ICAN may limit the length of the core domain name to 63 characters, but that leaves nearly 200 for the subdomain.
Add the 64 wikipedia lists for the account name, and a single one for the @ sign, and that makes for a pretty long email address.

Of course even then you’re not home free. You’re assuming that the system will be used only for email exchange using the currently “normal” protocols of SMTP and POP3 in use on the internet, but this doesn’t have to be.
It the system is used on other networks or using other mail protocols all bets are off.

By: Jacob Santos

Jacob Santos — Fri, 13 Jul 2007 00:14:33 +0000

Testing for length against a bot doesn’t seem like a good idea. The evolution of bots would probably consider the name of the field and follow suit with a shorter and more accurate email address. The script in question does have many checks for protection against spam bots. However, I think using the nonce approach, while still flawed, could better protect against such inane checks.

The second problem, is that the audience would find all of the (redundant) questions difficult. The easier the form, the more responses would be received.

Coincidently, my nonce implementation also prevents against refreshing on the submit form, since once the nonce is deleted, it kicks them out. However, it isn’t perfect and it could easily be bypassed. My focus isn’t keeping 100% of bots out, just enough that it wouldn’t put strains on the workforce involved.

I think nonce implementations are far more easier than implementing an accurate email validation scheme. It is probably also easier to check for invalid characters than valid emails.

By: gERD

gERD — Thu, 12 Jul 2007 18:34:00 +0000

Just use patForms – it comes with a rule to validate email addresses.

BTW, if it does something wrong, send a patch

Comments on: Stop Doing Email Validation the Wrong Way

By: Fmoens

By: ÙØ±ÙˆØ´Ú¯Ø§Ù‡ Ø§ÛŒÙ†ØªØ±Ù†ØªÛŒ

By: HM2K.com » What is a valid email address?

By: Simon Slick

By: php-homepage.de - Die deutschsprachige Ressource für PHP und MySQL- News

By: developercast.com » Pro::PHP Podcast: Newscast for 2007.07.12

By: Jacob Santos

By: JT Wenting

By: Jacob Santos

By: gERD

By: ÙØ±ÙˆØ´Ú¯Ø§Ù‡ Ø§ÛŒÙ†ØªØ±Ù†ØªÛŒ