Curt Sampson wrote:
> On Wed, 29 Aug 2001, Paul Lester wrote:
>
> > For the longest time I've trusted that working email
> > characters are only A-Z (or a-z) 0-9 @ . _ and -.
>
> Nope. And even with those chars, you probably want to do some further
> checking to make sure the e-mail address is valid.
<snip>
> Also, note that e-mail addresses are technically case-sensitive.
The local-part is, unless it's 'postmaster'. The domain isn't.
Just about all you can do programmatically is check that there's an '@'
in there and then verify that the part after the last '@' is a valid
domain name (do an MX lookup). (It is also allowed to be an IP address
in square brackets, but you might consider that suspicious.)
Beyond that, it's a case of sending a test email containing a magic
cookie and requiring the user to confirm the address by returning the
cookie.
> Likely you will want to be a bit more strict than this, just for ease
> of programming if nothing else. For my e-mail address validation, I
> ignore case, don't allow quoted local-parts, and also disallow single
> quotes in the address.
Why be more 'strict'?
> RFC 822 is the beastie you want to read. You can grab a copy at
> http://www.rfc-editor.org/rfc/rfc822.txt .
This was recently obsoleted by RFC 2822. (End of an era, no?)
[ Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/ ]
Received on Wed Aug 29 13:40:11 2001