On Sphinx registration we have noticed that an invalid email address (such as myname@btinternet) can be used. In my app we have email confirmation turned off, so not sure if this omits the validation of the email format. I would expect that to be validated even if confirmation is turned off.
Thanks.
We did provide a loose email validation. There are many different regular expressions for e-mail validation over there, and we wanted to use the more relaxed of all of them.
One would claim that some other e-mails are invalid while they are not.
In summary the validation still apply even when e-mail confirmation is disabled,, but it might accept some e-mail addresses considered to be "invalid".
The email address that was accepted (and we have tried several of a similar format) was name@btinternet - so the domain had no tld (.com, .co.uk, .net etc).
RFC5322, which defines valid email address syntax, requires a fully qualified domain name - i.e. with a tld. As far as I am aware, no major email system will accept, deliver or even parse an address like name@domain as vaild.
It is possible that some non-internet connected, legacy, internal-only systems might use this format, but that is irrelevant for Sphinx I think.
I know there can be fairly complex email but this is very basic validation and one the most developers would expect to be implemented.
You never know. Thus, we kept it less strict.
I think if you are going to keep it that relaxed it is probably pretty pointless validating at all. If you are catering for internal systems that do not route through an SMTP server then why bother testing for the "@" even as user_001 or john.doe might be acceptable.
Why not have a flag in SphinxConfig to turn off proper validation - SphinxConfig.NoRFC5322Validation
Is there a way we can intercept this and do a proper check, and return a correct exception to Sphinx in webcore to show the correct message if it is not a valid internet message?
There is no such option for now.