Email address

An e-mail address identifies a location to which e-mail messages can be delivered. An e-mail address on the modern Internet looks like, for example, jsmith@example.com and is usually read as "jsmith at example dot com". Many earlier e-mail systems had different formats for e-mail addresses, and because modern e-mail systems are partially based on and compatible with these older systems, the exact format of an e-mail address is complicated and frequently misunderstood.

Overview

Most e-mail on the Internet uses the Simple Mail Transfer Protocol (SMTP), which is defined in the Internet standards RFC 5321 and RFC 5322.

E-mail addresses, such as jsmith@example.com, have two parts. The part before the @ sign is the local-part of the address, often the username of the recipient (jsmith), and the part after the @ sign is the domain which is a hostname to which the e-mail message will be sent (example.com). Roughly speaking, the hostname is looked up in the Domain Name System to find the mail transfer agent or Mail eXchangers (MXs) accepting e-mail for that address.

The domain may have semantic meaning for any mail-system handling the address; the meaning is well defined, and any changes in meaning involve changing every mail server in existence. The local-part, by contrast, is supposed to be opaque to every mail system except the system which is authoritative for the domain. This is what makes e-mail a federated system.

When a host receives an e-mail, it will be delivered to an e-mail mailbox. Some hosts allow more than one e-mail address to be sent to the same mailbox via an e-mail alias or even allow a catch-all address where the local-part can be undefined and e-mail would be delivered to a configured and existing e-mail address.

Often, the domain of an e-mail address is that of an e-mail service, such as Google's Gmail, Microsoft's Hotmail, etc. The domain can also be the domain name of the organization that the recipient represents, or of the recipient's personal site.

Addresses found in the header fields of e-mail should not be considered authoritative, because SMTP has no generally-required mechanisms for authentication. Forged e-mail addresses are often seen in spam, phishing, and many other Internet-based scams; this has led to several initiatives which aim to make such forgeries easier to spot.

To indicate whom the message is intended for, a user can use the "display name" of the recipient followed by the address specification surrounded by angled brackets, for example: John Smith <john.smith@example.com>.

Earlier forms of e-mail addresses included the somewhat verbose notation required by X.400, and the UUCP "bang path" notation, in which the address was given in the form of a sequence of computers through which the message should be relayed. This was widely used for several years, but was superseded by the generally more convenient SMTP form.

RFC specification

E-mail addresses are formally defined in RFC 5322 (mostly section 3.4.1) and to a lesser degree RFC 5321. An e-mail address is a string of a subset of ASCII characters (see however the internationalize addresses below) separated into 2 parts by an "@" (at sign), a "local-part" and a domain, that is, local-part@domain.

The local-part of an e-mail address may be up to 64 characters long and the domain name may have a maximum of 255 characters. However, the maximum length of a forward or reverse path length of 256 characters restricts the entire e-mail address to be no more than 254 characters.^[1] Some mail protocols, such as X.400, may require larger objects, however. The SMTP specification recommends that software implementations impose no limits for the lengths of such objects.

The local-part of the e-mail address may use any of these ASCII characters:

Uppercase and lowercase English letters (a-z, A-Z)
Digits 0 through 9
Characters ! # $ % & ' * + - / = ? ^ _ ` { | } ~
Character . (dot, period, full stop) provided that it is not the first or last character, and provided also that it does not appear two or more times consecutively.

Additionally, quoted-strings (ie: "John Doe"@example.com) are permitted, thus allowing characters that would otherwise be prohibited, however they do not appear in common practice. RFC 5321 also warns that "a host that expects to receive mail SHOULD avoid defining mailboxes where the Local-part requires (or uses) the Quoted-string form".

The local-part is case sensitive, so "jsmith@example.com" and "JSmith@example.com" may be delivered to different people. This practice is discouraged by RFC 5321. However, only the authoritative mail servers for a domain may make that decision. The only exception is for a local-part value of "postmaster" which is case insensitive, and should be forwarded to the server's administrator.

Notwithstanding the addresses permitted by these standards, some systems impose more restrictions on e-mail addresses, both in e-mail addresses created on the system and in e-mail addresses to which messages can be sent. Hotmail, for example, only allows creation of e-mail addresses using alphanumerics, dot (.), underscore (_) and hyphen (-), and will not allow sending mail to any e-mail address containing ! # $ % * / ? | ^ { } ` ~^[2]. The domain name is much more restricted: it must match the requirements for a hostname, consisting of letters, digits, hyphens and dots. In addition, the domain may be an IP address literal, surrounded by square braces, such as jsmith@[192.168.2.1] (this is rarely seen, except in spam).

The informational RFC 3696 written by the author of RFC 5321 explains the details in a readable way, with a few minor errors noted in the 3696 errata.

RFC invalid e-mail addresses

Abc.example.com (character @ is missing)
Abc.@example.com (character dot(.) is last in local part)
Abc..123@example.com (character dot(.) is double)
A@b@c@example.com (only one @ is allowed outside quotations marks)
()[]\;:,<>@example.com (none of the characters before the @ in this example are allowed outside quotation marks)

?===Email Address Internationalization=== Email Address Internationalization (EAI, aka IMA - Internationalize eMail Address) is an IETF working group devoted to internationalization issues in email addresses^[3]. This group has published informational RFC 4952 envisioning changes to the mail header environment to permit the full range of Unicode characters and an SMTP Extension to permit UTF-8 mail addressing, among other things. Experimental RFC 5335 describes internationalised email headers, including a utf8-based address specification. The list of valid examples below is thus expected to undergo significant additions.

The basic EAI concepts involve exchanging mail in UTF-8, with downgrading mechanisms for legacy systems. The local servers would be responsible for the "local" part of the address, whereas the domain portion would be restricted by IDN (Internationalized Domain Names), though still transmitted in UTF-8. The mail server is also responsible for any mapping mechanism between the "IMA" form and any "ASCII" alias.

When EAI becomes standardized, users will likely have a "localized" address in a non-Latin script, as well as an ASCII alias for communicating with legacy systems or for script-independent use. One problem is then that digital address books will then need to be able to recognize differing forms of a single contact email address. Similarly single sign on systems may need some work to adapt to multiple possible user aliases.

China will produce a Chinese language version of the EAI standard in November 2009.

Example Internationalize eMail Addresses

Pelé@live.com (simple diacritic, still mostly Latin)
δοκιμή@παράδειγμα.δοκιμή
测试@测试.测试

"AdamDoe@example.com" is not an International eMail Alias because it is entirely ASCII and does not need the EAI UTF8SMTP or other protocols to be interpreted.

Common local-part semantics

According to RFC 5321 2.3.11 Mailbox and Address, "...the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address.". This means that no assumptions can be made about the meaning of the local-part of another mail server. It is entirely up to the configuration of the mail server.

Local-part normalization

Interpretation of the local-part of an email address is dependent on the conventions and policies implemented in the mail server. For example, case-sensitivity may distinguish mailboxes differing only in capitalization of characters of the local-part, although this not very common.^{[citation needed]} GMail (Google Mail) ignores all dots in the local-part for the purposes of determining account identity.^[4] This prevents the creation of user accounts your.user.name or yourusername when the account your.username already exists.

Sub-addressing

Some mail services allow a user to append a +tag qualifier to their e-mail address (e.g., joeuser+tag@example.com). The text of tag can be used to apply filtering. The text of the tag can also be used to help a user figure out which organization "leaked" the user's email address to a spammer. ^[5] ^[6] ^[7] However, some mail servers violate RFC 5322, and the recommendations in RFC 3696, by refusing to send mail addressed to a user on another system merely because the local-part of the address contains the plus sign (+). Users of these systems cannot use plus addressing. On the other hand, most installations of the qmail and Courier Mail Server products support the use of a hyphen '-' as a separator within the local-part, such as joeuser-tag@example.com or joeuser-tag-sub-anything-else@example.com. This allows qmail through .qmail-default or .qmail-tag-sub-anything-else files to sort, filter, forward, or run an application based on the tagging system established. Disposable e-mail addresses of this form, using various separators between the base name and the tag are supported by several email services, including Runbox (plus and hyphen), Google Mail (plus)^[8], Yahoo! Mail Plus (hyphen)^[9], and FastMail (plus)^[10]. The name sub-addressing is the generic term (used for plus-addressing and hyphen-addressing) found in some IETF standards-track documents, such as RFC 5233.

Validation

Not only are e-mail addresses used in a mail client or on a mail server, but also used in websites where a user-supplied e-mail address is often validated.

An e-mail address is generally recognized as having two parts joined with an at-sign (@); this in itself is a basic form of validation. However, the technical specification detailed in RFC 822 and subsequent RFCs goes far beyond this, offering very complex and strict restrictions. ^[11]

Trying to match these restrictions is a complex task, often resulting in long regular expressions.^[12]

This means that many mail servers adopt very relaxed validation that allows and handles e-mail addresses that are disallowed according to the RFC and instead verify the e-mail address against relevant systems such as DNS for the domain part or using callback verification to check if the mailbox exists.^[13]

Conversely, many websites make the mistake of checking email addresses too strictly, rejecting addresses containing perfectly valid characters like + or / signs.^{[citation needed]}

References

RFC 5321: Simple Mail Transfer Protocol
RFC 5322: Internet Message Format
RFC 3696: Application Techniques for Checking and Transformation of Names
RFC 2142: Mailbox names for common services, roles and functions

Footnotes

^ RFC 5321, section 4.5.3.1. Size Limits and Minimums explicitly details protocol limits.
^ The character limitation is written in plain English in the subscription page "Sign up for Windows Live". Retrieved 2008-07-26.. However, the phrase is hidden, thus one has to either check the availability of an invalid ID, e.g. me#1, or resort to alternative displaying, e.g. no-style or source view, in order to read it.
^ "Eai Status Pages". Email Address Internationalization (Active WG). IETF. Retrieved 2008-07-26.
^ Google Mail - help center article
^ "Instant disposable Gmail addresses" by Gina Trapani 2005
^ 'E-mail with a "Plus"' by Jim Leous 2005
^ "Gmail: how to use 'plus' sign for filtering mails"
^ Become a Gmail Ninja
^ help.yahoo.com
^ FastMail FAQ
^ I Knew How To Validate An Email Address Until I Read The RFC
^ Mail::RFC822::Address
^ SMTP based check to verify existence of a mailbox

[1] RFC 5321, section 4.5.3.1. Size Limits and Minimums explicitly details protocol limits.

[2] The character limitation is written in plain English in the subscription page "Sign up for Windows Live". Retrieved 2008-07-26.. However, the phrase is hidden, thus one has to either check the availability of an invalid ID, e.g. me#1, or resort to alternative displaying, e.g. no-style or source view, in order to read it.

[3] "Eai Status Pages". Email Address Internationalization (Active WG). IETF. Retrieved 2008-07-26.

[4] Google Mail - help center article

[5] "Instant disposable Gmail addresses" by Gina Trapani 2005

[6] 'E-mail with a "Plus"' by Jim Leous 2005

[7] "Gmail: how to use 'plus' sign for filtering mails"

[8] Become a Gmail Ninja

[9] .yahoo.com

[10] FastMail FAQ

[11] I Knew How To Validate An Email Address Until I Read The RFC

[12] Mail::RFC822::Address

[13] SMTP based check to verify existence of a mailbox

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]