TestIsExistingEmail fails

[mwmahlberg]

Description

TestIsExistingEmail fails for foo@bar.museum.

Environment

Go version: go version go1.14 darwin/amd64

Details

Still investigating. Might be a duplicate of #369. Started a new issue with a bit more detail

[mwmahlberg]

Might also be related to #336

[mwmahlberg]

The according regex https://github.com/asaskevich/govalidator/blob/475eaeb164960a651e97470412a7d3b0c5036105/patterns.go#L7

seems pretty convoluted to me. The tests pass with a simplified form of:

^[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$

[mwmahlberg]

I have developed a simplified form which also captures unicode characters and prevents any connector or control character at the beginning of the email address:

https://regex101.com/r/KokhYv/3

The result can be viewed on playground

var re = regexp.MustCompile(`^(?P<user>[\pL\pN][\pL-+.\pN]*)@(?P<domain>([\pL\pN]([\pL\pN-]{0,62}[\pL\pN]){0,1})(\.([\pL\pN]([\pL\pN-]{0,62}[\pL\pN])))*)$`)

The above passes all existing tests and then some.

However, imho there is still a major issue with this: it does not take hostnames into account. For example, if foo.bar.com does not point to a subdomain, but a host named foo, this still is a totally valid email address, instructing the MTA to send the eMail directly to its counterpart running on foo. However, resource records are not as restricted as domain names when it comes to special characters. With a regex alone, it is impossible to decide whether foo points to a host or to a subdomain. So either we need to decide wether we are risking false negatives ("foo@my_host.example.com" will not validate with above regex) or false positives ("foo@illegal_subdomain.example.com" will validate).

@asaskevich What do you think?

[Coderrob]

Seeing the same behavior after Go 1.14 update.

Email validation is hard - especially around domain based verification. Short of sending and waiting for a bounce back it's not really feasible to completely cover email formatting. I think what you're proposing sounds good to me at least. It's close enough.

[mwmahlberg]

@Coderrob Well, one could check the A & MX records for a given domain part...

[ygj6]

@mwmahlberg This issue has been resolved. https://github.com/asaskevich/govalidator/pull/382

[sergeyglazyrindev]

Hello guys! I forked this package cause owner disappeared. Hope, he will be back, but it would be easier to merge these changes back if he is back Link to my repo: create issue there and we'll discuss it.