I want each user to register with a unique email address. However some email addresses like GMail allow you to add a + suffix which could be used to register multiple accounts to a website but it all goes to a single email address e.g. <ul> <li>bob@gmail.com goes to bob@gmail.com</li> <li>bob+1@gmail.com goes to bob@gmail.com</li> <li>bob+2@gmail.com goes to bob@gmail.com</li> <li>bob+3@gmail.com goes to bob@gmail.com</li> <li>bob+4@gmail.com goes to bob@gmail.com</li> </ul> Effectively they can have as many email addresses as they want. This is a problem because my website sees it as 5 separate email addresses but gmail sees it as one email address. I was thinking of blocking any email addresses with a ‘+' in, but I don’t want to block any valid email addresses. What is the standard practice?

I don't think there is a standard practice on how to handle this, other than not allowing + all together. On the other hand, preventing it doesn't seem to be that useful. It won't take more than a few minutes to create an entirely new e-mail address on some free service if whoever you're intending to block-out really needs it. It should also be noted that a lot of other e-mail providers also provide subaddressing, but not using the plus sign, but with a hyphen (Yahoo, Runbox, etc.), and attempting to block this out will only cause trouble for anybody just having an e-mail address with a hyphen in it. It's a war that you've already lost. Besides, if you filter out plus signs, you're essentially not compliant with the RFC3696 standard anymore: <blockquote> The exact rule is that any ASCII character, including control characters, may appear quoted, or in a quoted string. [...] </blockquote> <blockquote> Without quotes, local-parts may consist of any combination of alphabetic characters, digits, or any of the special characters <pre class="prettyprint">! # $ % & ' * + - / = ? ^ _ ` . { | } ~</pre> </blockquote> But you could just strip out the plus part if you insist. <pre class="prettyprint lang-php prettyprint-override"><code>$emails = array('bob@gmail.com','bob+1@gmail.com','bob+hello@gmail.com'); foreach ($emails as &$email) { list($identifier, $domain) = explode('@',$email); list($name) = explode('+',$identifier); $email = $name."@".$domain; } print_r($emails); </code></pre> The above will give you <pre class="prettyprint"><code>Array ( [0] => bob@gmail.com [1] => bob@gmail.com [2] => bob@gmail.com ) </code></pre>

Is it standard practice to block or allow email addresses with a ‘+’ in?

I want each user to register with a unique email address. However some email addresses like GMail allow you to add a + suffix which could be used to register multiple accounts to a website but it all goes to a single email address e.g.

[email protected] goes to [email protected]
[email protected] goes to [email protected]
[email protected] goes to [email protected]
[email protected] goes to [email protected]
[email protected] goes to [email protected]

Effectively they can have as many email addresses as they want. This is a problem because my website sees it as 5 separate email addresses but gmail sees it as one email address.

I was thinking of blocking any email addresses with a ‘+' in, but I don’t want to block any valid email addresses. What is the standard practice?

Can you block an email address?

Block an email addressWhen you block a sender, messages they send you will go to your Spam folder. On your Android phone or tablet, open the Gmail app . Open the message. Tap Block [sender].

How do I block an email that's not addressed to me?

On your computer, go to Gmail. Open an email from the sender that you want to unsubscribe from. Next to the sender's name, click Unsubscribe or Change preferences. If you don't see these options, follow the steps above to block the sender or mark the message as spam.

What is allowed in an email address?

Allowed characters: letters (a-z), numbers, underscores, periods, and dashes. An underscore, period, or dash must be followed by one or more letter or number.

I don't think there is a standard practice on how to handle this, other than not allowing + all together. On the other hand, preventing it doesn't seem to be that useful. It won't take more than a few minutes to create an entirely new e-mail address on some free service if whoever you're intending to block-out really needs it.

It should also be noted that a lot of other e-mail providers also provide subaddressing, but not using the plus sign, but with a hyphen (Yahoo, Runbox, etc.), and attempting to block this out will only cause trouble for anybody just having an e-mail address with a hyphen in it. It's a war that you've already lost.

Besides, if you filter out plus signs, you're essentially not compliant with the RFC3696 standard anymore:

The exact rule is that any ASCII character, including control characters, may appear quoted, or in a quoted string. [...]

Without quotes, local-parts may consist of any combination of alphabetic characters, digits, or any of the special characters
! # $ % & ' * + - / = ?  ^ _ ` . { | } ~

But you could just strip out the plus part if you insist.

$emails = array('[email protected]','[email protected]','[email protected]');

foreach ($emails as &$email)
{
    list($identifier, $domain) = explode('@',$email);
    list($name) = explode('+',$identifier);
    $email = $name."@".$domain;
}
    
print_r($emails);

The above will give you

Array
(
    [0] => [email protected]
    [1] => [email protected]
    [2] => [email protected]
)

Is it standard practice to block or allow email addresses with a ‘+’ in?

Tags:

validation

email-validation

email

woot586

People also ask

1 Answers

kba

Recent Activity

Donate For Us

Is it standard practice to block or allow email addresses with a ‘+’ in?

Tags:

validation

email-validation

email

woot586

People also ask

1 Answers

kba

Related questions

Recent Activity

Donate For Us