On 1/4/06, Andreas S. <f / andreas-s.net> wrote:
> Jacob Fugal wrote:
> > On 1/4/06, Andreas S. <f / andreas-s.net> wrote:
> >> Tim Fletcher wrote:
> >> > By "error prone" do you mean that it won't detect addresses that don't
> >> > exist?
> >>
> >> No, I mean that it might declare some addresses invalid although they
> >> aren't.
> >
> > You'll see from my comments in the original post[1] and in my reply to
> > David Black in the other thread[2] that this regex is indeed compliant
> > with a single, non-named address as defined by the RFC[3].
>
> Possibly. Still, I prefer a simple solution over a complicated one. What
> type of errors do you hope to catch with this huge regex? Typing errors?
> Deliberately entered rubbish? The regex accepts just about anything with
> a "@", e.g. "$@$".

Not possibly. Gauranteed. It's compliant to the portions of the RFC I mentioned.

Still, I'll concede it doesn't prevent rubbish from being entered. The
domain of valid email addresses is much larger than the domain of
*actual* email addresses. I'm not claiming that this regex should even
be used for form validation. I dislike email validation period. My
intent in first writing the regex two years ago and bringing it up
again now is mostly:

1) To show off my regex-fu
2) To demonstrate the inadequacy of simplistic regexes for email validation.

For instance, I'll often use the "name+tag@domain" construct to filter
mail and/or determine who's selling my address. When I find a form
that claims that email address is invalid, I get upset. As such, I've
taken it as my own personal crusade to punch down inadequate email
validations whenever I see them. My method is to demonstrate a regex
that does allow valid addresses. My first hope is that they'll notice
the futility and just remove the email address validation altogether.
If that fails, I hope they'll actually use the compliant regex.

The only reason I defended the regex was because you claimed it was
invalid. If you're original argument had been that the regex was
unnecessary, I'd probably have agreed with you. Validating email
addresses by form is pointless. If someone doesn't want to give you
their address, they won't. Requiring them to input a valid fake
address instead of an invalid fake address doesn't improve your data
at all. The only reason I can see that being necessary is to prevent
malformed addresses from breaking your application in some way. But if
that's a problem, fix the application, not the email address.

Jacob Fugal