Email address validation
Email address validation can be rather tricky. RFC822 gives you some pointers, but to validate an address is still pretty darn hard. In Perl, there’s the module Email::Valid to help you, which does a rather good job, but look at the source for the regexp!
Today I came across a new website called spam-proof-email-generator. Of course I threw in a query that’s bugging quite a lot of parsers: my+address@mailserver.somedomain.co.uk. Most of such JavaScript “checks” hang on the plus sign (which is perfectly valid, and quite useful!) and the subdomain part. And yep, this website tells me the address in invalid. Strange, for you’d expect a site designed for handling email addresses to be a bit more careful!
So let’s look at their technique. Their validation is merely done on the client side (JavaScript). The code is childishly simplistic though. This regexp will determine whether your address is valid or not (broken down into two lines): /^[a-zA-Z][\w\_\.-]*[a-zA-Z0-9]@[a-zA-Z0-9][\w\.-]*
[a-zA-Z0-9]\.[a-zA-Z][a-zA-Z\.]*[a-zA-Z]$/;
But when you disable JavaScript, you can bypass this simple check and insert any string you like, as you can see here:
So, yeah, rather a useless service. Why not create your own image with GIMP/Photoshop, use JavaScript to display the address or use something like user [at] domain [dot] com?