Re: @ in regex, or not?

Replies are listed 'Best First'.
Re: Re: @ in regex, or not? by arhuman (Vicar) on Mar 27, 2001 at 14:36 UTC
I'm sure I've seen a huge (several hundreds lines) regexp RFC 822 compliant for checking mail here in the monastery. (But despite my search I couldn't manage to find it again...) But thanks to Clownburner, I will know be able to recreate it... But people usually use Email::Valid, this combined with some MX check/hack (EXPN/CHCK/RCPT TO check) could produce a pretty good email checking "Trying to be a SMART lamer" (thanx to Merlyn ;-)	[reply]
Re: Re: Re: @ in regex, or not? by jbert (Priest) on Mar 27, 2001 at 16:54 UTC
ObCPAN: One good module for this is Mail::Address, found in Graham Barr's Mailtools package. One point worth noting is that whilst not accepting a valid RFC822 address might be considered rude, if you are going to be doing any validation on the address (for example, only allow the script to send email to a particular domain) you may want to only match simple user@domain addresses. For example, you may not want the address `luser%victim.com@your.innocent.domain` to pass your check and allow someone to send email to luser@victim.com, but if you allow full RFC822 addresses through then that is the kind of problem you might have. (That and the fact that some attacks try to embed shell command sequences in addresses). So if the data is from a tainted source, its probably worth doing some aggressive sanitisation prior to sending any email.	[reply]
Re: Re: Re: @ in regex, or not? by Beatnik (Parson) on Mar 27, 2001 at 15:21 UTC
Those routines are probably 99.99% perfect, but I doubt they're foolproof :) Greetz Beatnik ... Quidquid perl dictum sit, altum viditur.	[reply]