Jump to content

Email address: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Lower-case initials in section headings per WP:MOS. Whoever thinks some of these should be capital for good reason should try to be credible by not doing things like this.
→‎Validation: slightly improved writing style
Line 77: Line 77:


== Validation ==
== Validation ==
{{Cleanup-section|date=August 2008}}


It's easy to forget that e-mail addresses aren't only used on a mail client or mail server, often e-mail addresses are seen to be used outside of this system. Thus, when using an e-mail address in another system (such as a website), the user data (entered via an online form) must be [[Data validation|validated]].
It's easy to forget that e-mail addresses aren't only used on a mail client or mail server, often e-mail addresses are seen to be used outside of this system. Thus, when using an e-mail address in another system (such as a website), the user data (entered via an online form) must be [[Data validation|validated]].


Most people can recognise that an e-mail address has two parts separated by the [[at-sign]], this in itself is a basic form of validation. However, the technical specification detailed in RFC 822, RFC 2822, RFC 3696 goes far beyond this, offering very complex and strict restrictions. <ref>[http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx I Knew How To Validate An Email Address Until I Read The RFC<!-- Bot generated title -->]</ref>
An e-mail address is generally recognised as being two parts separated by the [[at-sign]], this in itself is a basic form of validation. However, the technical specification detailed in RFC 822, RFC 2822, RFC 3696 goes far beyond this, offering very complex and strict restrictions. <ref>[http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx I Knew How To Validate An Email Address Until I Read The RFC<!-- Bot generated title -->]</ref>


Trying to match these restrictions is an extremely difficult and complex task<ref>[http://www.hm2k.com/posts/what-is-a-valid-email-address HM2K.com » What is a valid email address?<!-- Bot generated title -->]</ref>, ultimately resulting in something too long to actually be practical. <ref>[http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html Mail::RFC822::Address<!-- Bot generated title -->]</ref> Practicality plays a major role once you discover that many mail servers have very relaxed validation, that allow and handle e-mail addresses that are disallowed according to the RFC. Because of this, we are forced to take a different approach, adopting relaxed validation and instead verifying the e-mail address and its various parts against the relevant systems (such as [[Domain Name System|DNS]] for the domain part).
Trying to match these restrictions is an extremely difficult and complex task<ref>[http://www.hm2k.com/posts/what-is-a-valid-email-address HM2K.com » What is a valid email address?<!-- Bot generated title -->]</ref>, often resulting in a [[regular expression]] that is too long to actually be practical.<ref>[http://www.ex-parrot.com/~pdw/Mail-RFC822-Address.html Mail::RFC822::Address<!-- Bot generated title -->]</ref>
Practicality plays a major role once you discover that many mail servers have very relaxed validation, that allow and handle e-mail addresses that are disallowed according to the RFC. Because of this, we are forced to take a different approach, adopting relaxed validation and instead verifying the e-mail address and its various parts against the relevant systems (such as [[Domain Name System|DNS]] for the domain part).


== References ==
== References ==

Revision as of 11:09, 21 September 2008

An e-mail address identifies a location to which e-mail messages can be delivered. An e-mail address on the modern Internet looks like, for example, jsmith@example.com and is usually read as "jsmith at example dot com". Many earlier e-mail systems had different formats for e-mail addresses and because modern e-mail systems are partially based on, and compatible with these older systems, the exact format of an e-mail address is complicated and frequently misunderstood.

Overview

Most e-mail on the internet uses the Simple Mail Transfer Protocol (SMTP), which is defined in the internet standards RFC 2821 and RFC 2822.

E-mail addresses, such as jsmith@example.com, have two parts. The part before the @ sign is the local-part of the address, often the username of the recipient, and the part after the @ sign is the domain which is a hostname where the e-mail will be sent. The hostname is looked up in the Domain Name System to find the mail transfer agent or Mail eXchangers (MXs) accepting e-mail for that address.

When a host receives an e-mail, it will be delivered to an e-mail mailbox. Some hosts allow more than one e-mail address to be sent to the same mailbox via an e-mail alias or even allow a catch-all address where the local-part can be undefined and e-mail would be delivered to a configured and existing e-mail address.

Often, the domain of an e-mail address is that of an e-mail service, such as Google's Gmail, Microsoft's Hotmail, etc. The domain can also be the domain name of the organisation that the recipient represents, or of the recipient's personal site.

Addresses found in the header fields of e-mail should not be considered authoritative, because SMTP has no generally-required mechanisms for authentication. Forged e-mail addresses are often seen in spam, phishing, and many other internet-based scams; this has led to several initiatives which aim to make such forgeries easier to spot.

Further information: [[:E-mail authentication, Anti-spam techniques (e-mail)]]

To indicate who the message is intended for, a user can use the "display name" of the recipient followed by the address specification surrounded by angled brackets, for example: John Smith <john.smith@example.com>.

Earlier forms of e-mail addresses included the somewhat verbose notation required by X.400, and the UUCP "bang path" notation, in which the address was given in the form of a sequence of computers through which the message should be relayed. This was widely used for several years, but was superseded by the generally more convenient SMTP form.

RFC specification

E-mail addresses are formally defined in RFC 2822 (mostly section 3.4.1) and to a lesser degree RFC 2821. An e-mail address is a string of a subset of ASCII characters separated into 2 parts by an "@" (at sign), a "local-part" and a domain, that is, local-part@domain.

The "local-part" of an e-mail address can be up to 64 characters (however servers are encouraged to not limit themselves to accepting only 64 characters) and the domain name a maximum of 255 characters.

The local-part of the e-mail address may use any of these ASCII characters:

  • Uppercase and lowercase English letters (a-z, A-Z)
  • Digits 0 through 9
  • Characters ! # $ % * / ? | ^ { } ` ~ & ' + - = _
  • Character . provided that it is not the first nor last character, nor may it appear two or more times consecutively.

Additionally, quoted-strings (ie: "John Doe"@example.com) are permitted, thus allowing characters that would otherwise be prohibited, however they do not appear in common practice. RFC 2821 also warns that "a host that expects to receive mail SHOULD avoid defining mailboxes where the Local-part requires (or uses) the Quoted-string form".

The local-part is case sensitive, so "jsmith@example.com" and "JSmith@example.com" may be delivered to different people. This practice is, however, discouraged by RFC 2821.

Notwithstanding the addresses permitted by these standards, some systems impose more restrictions on e-mail addresses, both in e-mail addresses created on the system and in e-mail addresses to which messages can be sent. Hotmail, for example, only allows creation of e-mail addresses using alphanumerics, dot (.), underscore (_) and hyphen (-), and will not allow sending mail to any e-mail address containing ! # $ % * / ? | ^ { } ` ~[1]. The domain name is much more restricted, as they must match the requirements for a hostname, basically letters, digits, hyphens and dots. In addition, the domain may be an IP address literal, surrounded by square braces, such as jsmith@[192.0.2.1], although this is rarely used in practice, except by spammers.

The informational RFC 3696 written by the author of RFC 2821 explains the details in a readable way, with a few minor errors noted in the 3696 errata.

Email Address Internationalization

Email Address Internationalization is an IETF working group devoted to internationalization issues in email addresses[2]. The only published RFC to date is RFC 4952, envisioning changes to the mail header environment to permit the full range of Unicode characters and an SMTP Extension to permit UTF-8 mail addressing, among other things. The list of valid examples below is thus expected to undergo significant additions.

RFC examples

RFC Valid e-mail addresses

  • abc@example.com
  • Abc@example.com
  • aBC@example.com
  • abc.123@example.com
  • 1234567890@example.com
  • _______@example.com
  • abc+mailbox/department=shipping@example.com
  • !#$%&'*+-/=?^_`.{|}~@example.com (all of these characters are allowed)
  • "abc@def"@example.com (anything goes inside quotation marks)
  • "Fred \"quota\" Bloggs"@example.com (however, quotes need escaping)

RFC invalid e-mail addresses

  • Abc.example.com (character @ is missing)
  • Abc.@example.com (character dot(.) is last in local part)
  • Abc..123@example.com (character dot(.) is double)
  • A@b@c@example.com (only one @ is allowed outside quotations marks)
  • ()[]\;:,<>@example.com (none of the characters before the @ is allowed outside quotation marks)

Plus (or minus) addressing

According to RFC 2821 2.3.10 Mailbox and Address, "...the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address.".

Plus addressing is one of the benefits of this limitation. Some mail services allow a user to append +tag to their e-mail address (joeuser+tag@example.com). The text of tag can be used to apply filtering.

Some systems violate RFC 2822, and the recommendations in RFC 3696, by refusing to send mail addressed to a user on another system merely because the local-part of the address contains the plus sign (+). Users of these systems cannot use plus addressing.

On the other hand, most qmail installations support the use of a dash '-' as a separator within the local-part, such as joeuser-tag@example.com or joeuser-tag-sub-anything-else@example.com. This allows qmail through .qmail-default or .qmail-tag-sub-anything-else files to sort, filter, forward, or run application based on the tagging system established.

Disposable e-mail addresses of this form, using various separators between the base name and tag are supported by several e-mail services, including Runbox (plus and minus), Google Mail (plus), Yahoo! Mail Plus (minus)[3], and FastMail (plus)[4].

Validation

It's easy to forget that e-mail addresses aren't only used on a mail client or mail server, often e-mail addresses are seen to be used outside of this system. Thus, when using an e-mail address in another system (such as a website), the user data (entered via an online form) must be validated.

An e-mail address is generally recognised as being two parts separated by the at-sign, this in itself is a basic form of validation. However, the technical specification detailed in RFC 822, RFC 2822, RFC 3696 goes far beyond this, offering very complex and strict restrictions. [5]

Trying to match these restrictions is an extremely difficult and complex task[6], often resulting in a regular expression that is too long to actually be practical.[7]

Practicality plays a major role once you discover that many mail servers have very relaxed validation, that allow and handle e-mail addresses that are disallowed according to the RFC. Because of this, we are forced to take a different approach, adopting relaxed validation and instead verifying the e-mail address and its various parts against the relevant systems (such as DNS for the domain part).

References

The Wikibook JavaScript has a page on the topic of: Best Practices
The Wikibook Coding Cookbook has a page on the topic of: Validate Email Address
  • RFC 2821: Simple Mail Transfer Protocol
  • RFC 2822: Internet Message Format
  • RFC 3696: Application Techniques for Checking and Transformation of Names
  • RFC 2142: Mailbox names for common services, roles and functions

Footnotes

  1. ^ The character limitation is written in plain English in the subscription page "Sign up for Windows Live". Retrieved 2008-07-26.. However, the phrase is hidden, thus one has to either check the availability of an invalid ID, e.g. me#1, or resort to alternative displaying, e.g. no-style or source view, in order to read it.
  2. ^ "Eai Status Pages". Email Address Internationalization (Active WG). IETF. Retrieved 2008-07-26.
  3. ^ help.yahoo.com
  4. ^ FastMail FAQ
  5. ^ I Knew How To Validate An Email Address Until I Read The RFC
  6. ^ HM2K.com » What is a valid email address?
  7. ^ Mail::RFC822::Address

See also

Retrieved from "https://en.wikipedia.org/w/index.php?title=Email_address&oldid=239977965"