Please, kill all email validators

This post is essentially a retranscription of this talk by Stavros Korokithakis.

Email validators are nonsense. You can not validate an email address.

Let’s play a game, here is a list of email addresses, try to know if they are valid or not. The answer are at the end of the post.

  4. !#$%&’*(-/=?
  5. f*
  6. #&%!^/&
  7. h(a)
  8. (sta)
  11. “<\”@\”.!#%$
  12. <\”@\\”.!#%$
  13. “hi@you”
  14. “hi you”
  15. ” “
  16. hi”@”
  17. “<\”@\\”.!;#%$
  18. hi\
  19. cow@[dead::beef]
  20. stavros@io
  21. 1@23456789
  22. 1@[23456789]

Just take a look at the number of monstruous Regex that you can find nearly everywhere:



You can find many more just by typing “regex email” into you favorite search engine.

So, how do I know if an email is valid you say ?

That is actually quite simple:

  1. Check that the address has at least one “@”
  2. Facultative: check that the domain has at least one MX record
  3. Just send the email !
  4. If the email is not valid, the end user will simply not receive it.

You can see one example of this logic here :


Leave a Reply