Validate email address against invalid characters

5
votes

In validating email addresses I have tried using both the EmailAddressAttribute class from System.ComponentModel.DataAnnotations:

[EmailAddress(ErrorMessage = "Invalid Email Address")]
public string Email { get; set; }

and the MailAddress class from System.Net.Mail by doing:

bool IsValidEmail(string email)
{
    try {
        var addr = new System.Net.Mail.MailAddress(email);
        return addr.Address == email;
    }
    catch {
        return false;
    }
}

as suggested in C# code to validate email address. Both methods work in principle, they catch invalid email addresses like, e.g., user@, not fulfilling the format user@host.

My problem is that none of the two methods detect invalid characters in the user field, such as æ, ø, or å (e.g. åge@gmail.com). Is there any reason for why such characters are not returning a validation error? And do anybody have a elegant solution on how to incorporate a validation for invalid characters in the user field?

2
c#asp.net.netemailemail-validation
@Think no, don't suggest horrific practices like that.CodeCaster
@Think2ceCode1ce No, please NO! Don't use regex to parse email addresses, they are all wrong, all of them!Manfred Radlwimmer
@Think yes, and people have been doing it wrong for ages. It makes no sense to validate email addresses using regular expressions. You're going to frustrate and exclude legitimate users. There are many discussions on this subject already, see for example this one.CodeCaster
@Think see also How to Find or Validate an Email Address: "Don't go overboard in trying to eliminate invalid email addresses with your regular expression. The reason is that you don't really know whether an address is valid until you try to send an email to it. [...] If you really need to be sure an email address is valid, you'll need to send an email to it"CodeCaster
@CodeCaster Great. Learned something today.Nikhil Vartak

2 Answers

4
votes

Those characters are not invalid. Unusual, but not invalid. The question you linked even contains an explanation why you shouldn't care.

Full use of electronic mail throughout the world requires that (subject to other constraints) people be able to use close variations on their own names (written correctly in their own languages and scripts) as mailbox names in email addresses.

- RFC 6530, 2012

0
votes

The characters you mentioned (ø, å or åge@gmail.com) are not invalid. Consider an example: When someone uses foreign language as their email id (French,German,etc.), then some unicode characters are possible. Yet EmailAddressAttribute blocks some of the unusual characters.

  • You can use international characters above U+007F, encoded as UTF-8.

  • space and "(),:;<>@[] characters are allowed with restrictions (they are only allowed inside a quoted string, a backslash or double-quote must be preceded by a backslash)

  • special characters !#$%&'*+-/=?^_`{|}~

Regex to validate this: Link

^(([^<>()[].,;:\s@\"]+(.[^<>()[].,;:\s@\"]+)*)|(\".+\"))@(([^<>()[].,;:\s@\"]+.)+[^<>()[].,;:\s@\"]{2,})