Email Syntax Check in Python

Posted on May 3, 2008 by zeth

Sometimes you may want to check that an email address is not syntactically invalid, i.e. it looks like a recognisable email address. I use this approach in my zetact contact form processor.

Of course, it does not mean the address actually leads anywhere, but at least you know are dealing with an email address that could exist.

This is the code I have been using, albeit I have changed it from a class method to a simple function to make this post simpler.

"""Email check using regex."""
    def invalidreg(emailkey):
        """Email validation, checks for syntactically invalid email
        courtesy of Mark Nenadov.
        See
        http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/65215"""
        import re
        emailregex =
        "^.+\\@(\\[?)[a-zA-Z0-9\\-\\.]+\\.([a-zA-Z]{2,3}|[0-9]{1,3\
    })(\\]?)$"
        if len(emailkey) > 7:
            if re.match(emailregex, emailkey) != None:
                return False
            return True
        else:
            return True

I decided it would be more Pythonic to try to do this using the built-in string methods, rather than importing the re module and using a monster regular expression. Here was my first attempt.

"""Email checks using string methods - simple version."""
    def invalidemail(emailaddress):
        """Checks for a syntactically invalid email address."""
        try:
            emailitems = emailaddress.rsplit('@', 1)
            emailitems.extend(emailitems[1].rsplit('.', 1))
        except IndexError:
            return True

        if [x for x in emailitems if not x.replace(".","").isalnum()] \
                and emailaddress >= 7:
            return True
        else:
            return False

After a bit of testing and playing with this, a friend pointed me towards the relevant RFC on restrictions of email addresses. While the standard allows the use of many different special characters, in practice email addresses have to be much stricter if you actually want people in the real world to be able to send email to you.

For example, if we allow the email address []@commandline.org.uk, will whatever receives the output of this function be able to use it? As pointed out by Jan Goyvaerts, most software won't actually be able to handle obscure special characters.

We also don't want to water down the syntax check and allow junk for the sake of theoretical but non-existent addresses.

My compromise is to allow these special symbols -_.%+. in the local-part of the email address, and -_. in the domain name. I also do sanity checking on the top-level domain, it needs to be either a generic name or two characters long (country codes are all two letters).

So below is my current version, I added lots of comments and white space to make it easy to read.

"""Ditch nonsense email addresses."""

    GENERIC_DOMAINS = "aero", "asia", "biz", "cat", "com", "coop", \
        "edu", "gov", "info", "int", "jobs", "mil", "mobi", "museum", \
        "name", "net", "org", "pro", "tel", "travel"

    def invalid(emailaddress, domains = GENERIC_DOMAINS):
        """Checks for a syntactically invalid email address."""

        # Email address must be 7 characters in total.
        if len(emailaddress) < 7:
            return True # Address too short.

        # Split up email address into parts.
        try:
            localpart, domainname = emailaddress.rsplit('@', 1)
            host, toplevel = domainname.rsplit('.', 1)
        except ValueError:
            return True # Address does not have enough parts.

        # Check for Country code or Generic Domain.
        if len(toplevel) != 2 and toplevel not in domains:
            return True # Not a domain name.

        for i in '-_.%+.':
            localpart = localpart.replace(i, "")
        for i in '-_.':
            host = host.replace(i, "")

        if localpart.isalnum() and host.isalnum():
            return False # Email address is fine.
        else:
            return True # Email address has funny characters.

    # Start the ball rolling.
    if __name__ == "__main__":
        print invalid("warrior@example.com")

Discuss this post - Leave a comment

16 thoughts on “Email Syntax Check in Python”

dbr on May 3, 2008 at 04:33 p.m. said:

There's a better, if utterly horrible to read way of doing this using
regex's.
<a class="reference external" href="http://emailverification.pastecode.com/?show=f76a41a8b">http://emailverification.pastecode.com/?show=f76a41a8b</a>
This way isn't too bad, it allows <a class="reference external" href="mailto:blah+thesethingys@example.com">blah+thesethingys@example.com</a> which a lot
of websites invalidate (Which is incredibly annoying)..
One thing I find a little weird - a return of False means the email is valid?
I would have though if valid(mail): print "Valid email" would be a more
sensible way of doing things?
That way: if not valid(email): print "Wrong" # would work
Ted Hosmann on May 4, 2008 at 07:43 a.m. said:

I like the idea in your last example to check that the Domain is valid -
problem is...what about users with subdomain email addresses
(<a class="reference external" href="mailto:ted@mail.example.com">ted@mail.example.com</a>) or users with country email domains
(<a class="reference external" href="mailto:ted@example.co.uk">ted@example.co.uk</a>)
zeth on May 4, 2008 at 10:06 a.m. said:

@dbr,
Checking for syntactically invalid email addresses is what the function does,
so:
<div class="highlight"><pre>if invalid(emailaddress):
#do something
</pre></div>
Otherwise the program can just carry on, no else clause required. Maybe my
programming style is just different, you can easily change it to be the other
way if you want.
Ted, If you read the code more carefully or try it out, you will see that both of
your examples will pass the test.
subdomains are not a problem because I allow dots in the hostname: for i in '-_.':
Country code domains are catered for by if len(toplevel) != 2
zeth on May 4, 2008 at 10:10 a.m. said:

@dbr
On regular expressions, the aim of this post is to use Python built-in string
methods instead of regular expressions. Your example,
<a class="reference external" href="mailto:blah+thesethingys@example.com">blah+thesethingys@example.com</a> will be considered valid by my function as I
allow the plus sign:
for i in '-_.%+.'
zeth on May 4, 2008 at 10:33 a.m. said:

Here is dbr's regular expression (the pastebin is only temporary).
<div class="highlight"><pre>import re

monster = "(?:[a-z0-9!#$%&'*+/=?^_{|}~-]+(?:.[a-z0-9!#$%" + \
"&'*+/=?^_{|}~-]+)*|\"(?:" + \
"[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]" + \
"|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*\")@(?<img src="/static/forum/img/smilies/sad.png">?:[a-z0-9]" + \
"(?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?" + \
"|\[(?<img src="/static/forum/img/smilies/sad.png">?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.)" + \
"{3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?" + \
"|[a-z0-9-]*[a-z0-9]<img src="/static/forum/img/smilies/sad.png">?:" + \
"[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]" + \
"|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])"

evil = re.compile(monster)

if evil.match("<a href="mailto:test+label@google.museum.au">test+label@google.museum.au</a>"):
print "yay!"
</pre></div>
John Reese on May 4, 2008 at 07:56 p.m. said:

Just as an FYI, I get an 'XML Parsing Error: not well-formed' message in my
newsreader (Liferea) for this entry. Line number 94, Column 98.
This is the first (mostly/enough) valid email checker I've seen that doesn't
use a monster regex. I definitely like it.
Ted Hosmann on May 5, 2008 at 08:59 p.m. said:

@Zeth
ARGH - I feel like such a n00b. You, my friend, are absolutely correct.
Thanks for clearing that up for me.
Omar Zabaneh on July 25, 2008 at 02:26 a.m. said:

Zeth,
Thank you for this post, very helpful.
I used it as a basis for my own email validation function that i wish to share with you, in a selfish attempt to feel better about using your code.
I delegated the domain verification to dns, It sounds like a good idea, but im not aware at the moments of any drawbacks. please let me know what you think. Here's my code:
<div class="highlight"><pre>import dns.resolver

def valid( email_address ):
# check email parts
try:
username, domain = email_address.rsplit('@', 1)
except ValueError:
return False
# check username: allow alphanumeric characters and the dot
if not username.replace( '.', '' ).isalnum():
return False
# check domain
try:
dns_response = dns.resolver.query( domain, 'MX')
except dns.resolver.NoAnswer:
# this host doesn't have MX records
return False
except dns.resolver.NXDOMAIN:
# no such hostname
return False
return True
</pre></div>
by the way, on line 11 of your second code snippet, shouldn't it be "len(emailaddress) >= 7" as opposed to emailaddress >= 7.
Also, you can call the function like this:
<div class="highlight"><pre>if not valid( email_address ):
# do this
</pre></div>
without requiring and else part as well. however its all a matter of taste. both ways seem valid to me.
Thanks again!
zeth on July 25, 2008 at 11:22 a.m. said:

Thanks Omar, that is a really good snippet, thanks for taking the time to share it with us.
Phill on July 31, 2008 at 03:45 p.m. said:

Personally I don't bother with email syntax checking - it seems pointless to me. The majority of typos are going to be of the form <a class="reference external" href="mailto:tpyo@examlpe.com">tpyo@examlpe.com</a>, which the syntax check wouldn't catch.
Omar - I like your script, checking DNS is a good idea, but there is one thing you should know. It looks like you're checking for the MX record, which is great, except that the RFC specifies if no MX record is found but there is a CNAME you should use that instead.
All this means that email is actually a complicated business. I think the only way to be sure of an email address, if it's really important, is to send someone a link to that address with a confirmation token and have them click on it.
And the reason I'm posting this nearly three months after the original post is because I just noticed the comments <img src="/static/forum/img/smilies/smile.png">
andylockran on August 14, 2008 at 03:27 p.m. said:

I'm sure I found a work around for this when I used zetact around the time of this post.. , but this regex excludes the email address <a class="reference external" href="mailto:andy@lnmf.info">andy@lnmf.info</a>.
Any ideas how to change it to allow that form of address?
deesha on September 8, 2008 at 05:40 a.m. said:

hey all,
i just wanted to check the other stuf if nay1 can help me
what i want is i have to convert the line starting with my function name to some other format , i have done with that much part but what i want ahead is the line wont be everytime starting as a first character so it may have like my function name if having some other check also in itself wherin say if chaeck is to be done to be verified for the same line if it is acceptable then convert the line else not
Amit on February 3, 2009 at 09:21 p.m. said:

The regex in comment #5 is generally pretty good, but it incorrectly matches strings such as 'john@doe@johndoe.com'. As per Wikipedia, an email address can have only one '@' sign.
inportb on April 22, 2009 at 05:51 a.m. said:

@Amit: so... I take it that you haven't checked out the RFC yet?
Thomas Damgaard on May 13, 2009 at 01:10 p.m. said:

Omar, thanks.
Ben on May 23, 2010 at 01:58 p.m. said:

The regexp in #5 also allows:
<blockquote>
<a class="reference external" href="mailto:me+suffix+another+another@myhost.com">me+suffix+another+another@myhost.com</a></blockquote>
and fails:
<blockquote>
<a class="reference external" href="mailto:localuser@localmachine">localuser@localmachine</a></blockquote>

Zeth's homepage

The best of Zeth

Email Syntax Check in Python

16 thoughts on “Email Syntax Check in Python”