I'm evaluating a bunch of email validation techniques and someone of them output that email@domain is valid. I read somewhere that this email may be technically valid if it's being used for internal networking, but really for almost all practical purposes on the web today, this email should not evaluate to true.
What does your email validation library or home-baked method do, and do you allow this sort of thing?
See this article for a regex to match all valid email addresses:
You may want to tweak it to
And to answer your quetion about email@domain, you can discard that too, if you are not expecting intranet emails.
Well, it depends on what the application is supposed to do.
Is it going to be used in an intranet? If so, email@domain may be fine.
If not, you might want to explicitly require a fqdn so that they can't send mail internally on your domain (foo@localhost, etc).
It shouldn't be difficult to check the domain part:
$domain = array_pop(explode('@', $email));
Then, depending on your need, validate the domain.
You can check it for valid syntax (that it's a fqdn). There are plenty of tutorials online (And that a lot of frameworks provide) that can validate a domain in a string to see if it's a fqdn format...
Or, if your needs are greater, you can just verify that your server can resolve it (Via something like dns_get_record()...
if (false === dns_get_record($domain, DNS_MX)) {
//invalid domain (can't find an MX record)...
}
(Note, I said you could do this, not if you should. That will depend on your exact use case)...