How do we validate email addresses correctly? And why don't we just validate by sending an email?

Turns out, there are security considerations to take into account. In this video, Alex presents the main parts of email address validation, the reasoning for each of them, and a few tips on how to think and implement them properly.

If you want to learn more about security, check out our "Secure Coding" learning program [ Ссылка ].

This video is based on a few resources:
* RFC 5322 [ Ссылка ]
* Falsehoods about emails [ Ссылка ]
* I Knew How To Validate An Email Address Until I Read The RFC
[ Ссылка ]
* Perl email validation regexp [ Ссылка ]
* Examples of verification emails [ Ссылка ]
* OWASP validation Regexp repository [ Ссылка ]
* Example of email injection [ Ссылка ]
* Wikipedia article about email addresses [ Ссылка ]
* Twitter conversation on the topic [ Ссылка ]
* SMTP Injection example [ Ссылка ]


Alex Bolboaca is a programmer, CTO, author, trainer and coach at Mozaic Works.

Mozaic Works provides high quality, customized training, coaching, and advice for companies who want to improve their effectiveness in the market, mainly through the use of modern leadership and technical practices. Check out our offer and ask us questions at [ Ссылка ].

Think. Design. Work Smart.

0:00 Intro
0:17 Topics
0:38 Why validate email addresses
1:50 Validation steps
3:02 Email Address Format
5:20 Valid Email Address Quiz
8:26 Validate with Regexp
9:18 Acceptable Email Addresses
11:58 Validate Email Exists
12:22 SMTP Injection
16:01 Security Principles
20:14 Tips to validate format
23:46 Block unwanted addresses
24:08 Tips for email existence
24:56 Conclusions
26:33 Outro

свернуть