govalidator
govalidator copied to clipboard
asaskevich
TestIsExistingEmail fails
Description
TestIsExistingEmail fails for [email protected].
Environment
Go version: go version go1.14 darwin/amd64
Details
Still investigating. Might be a duplicate of #369. Started a new issue with a bit more detail
The according regex https://github.com/asaskevich/govalidator/blob/475eaeb164960a651e97470412a7d3b0c5036105/patterns.go#L7
seems pretty convoluted to me. The tests pass with a simplified form of:
^[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$
I have developed a simplified form which also captures unicode characters and prevents any connector or control character at the beginning of the email address:
https://regex101.com/r/KokhYv/3
The result can be viewed on playground
var re = regexp.MustCompile(`^(?P<user>[\pL\pN][\pL-+.\pN]*)@(?P<domain>([\pL\pN]([\pL\pN-]{0,62}[\pL\pN]){0,1})(\.([\pL\pN]([\pL\pN-]{0,62}[\pL\pN])))*)$`)
The above passes all existing tests and then some.
However, imho there is still a major issue with this: it does not take hostnames into account. For example, if foo.bar.com does not point to a subdomain, but a host named foo, this still is a totally valid email address, instructing the MTA to send the eMail directly to its counterpart running on foo. However, resource records are not as restricted as domain names when it comes to special characters. With a regex alone, it is impossible to decide whether foo points to a host or to a subdomain. So either we need to decide wether we are risking false negatives ("foo@my_host.example.com" will not validate with above regex) or false positives ("foo@illegal_subdomain.example.com" will validate).
@asaskevich What do you think?
Seeing the same behavior after Go 1.14 update.
Email validation is hard - especially around domain based verification. Short of sending and waiting for a bounce back it's not really feasible to completely cover email formatting. I think what you're proposing sounds good to me at least. It's close enough.
@Coderrob Well, one could check the A & MX records for a given domain part...
@mwmahlberg This issue has been resolved. https://github.com/asaskevich/govalidator/pull/382
Hello guys! I forked this package cause owner disappeared. Hope, he will be back, but it would be easier to merge these changes back if he is back Link to my repo: create issue there and we'll discuss it.
