Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-40

email validation is too restrictive


    • Type: Bug
    • Status: Done/Fixed
    • Priority: Minor
    • Resolution: Fixed/Completed
    • Affects Version/s: 1.0
    • Fix Version/s: 1.6
    • Component/s: Core CiviCRM
    • Labels:


      The email validation regex in packages/Validate.php is too restrictive; according to RFC 2822, the following could be a perfectly valid email address:

      " spaces! @s! \"escaped quotes!\" "@?ód?.pl

      After searching a bit at regexlib.com[1] and seeing that all of the proposed patterns have problems, I suggest we drop the regex check and base the verification process on checking the existence of MX records and tests of the connection to the provided server on port 25 alone. Something like this (a piece of my very old code from another project):

      function validEmail($email) {
      $email = trim($email);
      $parts = explode("@", $email);
      if (count($parts) < 2)

      { return false; }
      $domain = array_pop($parts);
      $mxhosts = array();
      if (!checkdnsrr($domain)) { return false; }

      if (getmxrr($domain, $mxhosts)) {
      foreach ($mxhosts as $host) {
      if (fsockopen($host, 25, $errno, $errstr, 30))

      { return true; }

      } else {
      if (fsockopen($domain, 25, $errno, $errstr, 30))

      { return true; }

      return false;

      I know there are issues with this approach (nonexistence of checkdnsrr() and getmxrr() on Windows machines, for one), but they might be worked around (by calling nslookup, for example).

      I'm marking this as minor, as the vast majority of email addresses would pass our regex at the moment; still, from the technical point of view, the validation is too restrictive.

      [1] http://regexlib.com/DisplayPatterns.aspx?cattabindex=0&categoryId=1




            • Assignee:
              sameermare Sameer Mare
              shot Piotr Szotkowski
            • Votes:
              0 Vote for this issue
              0 Start watching this issue


              • Created: