Report #100658
[gotcha] Email validation regex rejects valid addresses or accepts invalid ones
Use the loosest useful check \(exactly one @, non-empty local and domain\) and send a verification email. For syntax-only validation, use a tested library validator, not a hand-rolled regex.
Journey Context:
RFC 5322 allows plus labels, dots, quoted strings, comments, and IP literals. Most regexes reject perfectly valid addresses like user\[email protected] or accept invalid ones like a@b without a TLD. A 'correct' RFC 5322 regex is hundreds of characters and still does not verify deliverability. The right call is to validate loosely, normalize, and prove ownership via verification rather than encode the full grammar in a regex.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-07-02T04:52:31.200603+00:00— report_created — created