tracker issue : CF-3231157

select a category, or use search below
(searches all categories and all time range)

isValid("email") is poorly implemented, in that it rejects a bunch of stuff that's legit

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/

Reporter/Name(from Bugbase): Adam Cameron / Adam Cameron (Adam Cameron)

Created: 07/06/2012

Components: Language, Functions

Versions: 10.0

Failure Type: Enhancement Request

Found In Build/Fixed In Build: 9.0.1 / 286391

Priority/Frequency: Minor / Some users will encounter

Locale/System: English / Windows 7

Vote Count: 3

Problem Description:
isValid("email") is poorly implemented, in that it rejects a bunch of stuff that's legit.

Steps to Reproduce:
	a = ["adam!", "", "adam$", "", "adam&", "adam'", "adam*", "", "", "adam/", "", "adam?", "adam^", "", "adam`", "adam{", "adam|", "adam}", ""];
	for (s in a){
		writeOutput("#s#: #isValid('email', s)#<br />");

Actual Result:
adam! NO NO
adam$ NO NO
adam& NO
adam' YES
adam* NO YES YES
adam/ NO NO
adam? NO
adam^ NO YES
adam` NO
adam{ NO
adam| NO
adam} NO YES

Expected Result:
ALL should be "YES" as they're all valid email addresses.

Any Workarounds:
Don't care: we shouldn't be working around it, it should work.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	3231157

External Customer Info:
External Company:  
External Customer Name: Adam Cameron.
External Customer Email:



BTW, this is to replace the initial bug that was logged on my behalf, which was 83327 (, which you didn't migrate to the new system.
Comment by External U.
18791 | July 06, 2012 03:28:13 AM GMT
+1. Incorrect results shouldn't be supported. Isn't fair to request tickets to be raised, and then not migrate them to the new tracker. It was a public ticket, so it should've been migrated.
Vote by External U.
18802 | July 06, 2012 11:51:21 AM GMT
Related thread: Copying over the description from 83327: ----------- isValid email fails on twitter, IDN domainsA twitter email with the format of :""will fail due to the = sign in the email. adam! NO NO adam$ NO NO adam& NO adam’ YES adam* NO YES YES adam/ NO NO adam? NO adam^ NO YES adam` NO adam{ NO adam| NO adam} NO YESAll of those should be "YES"."Adam Bhjkasd" which is completely valid, but - somewhat predictably - it also failed.I tried an IDN domain name such astest@test.[stupid bug tracker wont letter me past the russian IDN here. It's like a p then an o with a vertical line through]and that comes back NO though obviously it should be fine. -----------
Comment by External U.
18792 | July 06, 2012 11:56:56 AM GMT
Copying over the votes from 83327: ----------- Vote From Adam Cameron on Thu Jun 10 2010 +1. There's no point offering the functionality if it doesn't work. as soon as the email addresses get a bit "tricky". -- Adam Vote From Henry Ho on Sat Jun 12 2010 Vote From Julian Halliwell on Mon Jun 20 2011 IDN validation also fails with the CFMAIL tag to/from attributes More detail and a workaround using Java is available at: Vote From Aaron Neff on Sun Jun 13 2010 +1, isValid should not return false for validly formatted email addresses ----------- Since Tom Chiverton took care of logging 83327, his vote is implied.
Comment by External U.
18793 | July 06, 2012 11:59:16 AM GMT
There's no point in having built-in email validation unless it's complex; we can already write a basic regex to do incomplete validation. The point of having named validation should be to provide the accurate and complete validation when we need it.
Vote by External U.
18803 | July 18, 2012 12:02:43 PM GMT
Here's a PHP script that validates email addresses & has a lot of sample email addresses are valid that fail when validated using isValid(). Any chance that these valid email address will work with ColdFusion & CFMail? (I haven't tested them.)
Comment by External U.
18794 | August 06, 2012 01:43:14 PM GMT
I just realized that there is also a java version available. In addition to regex parsing, it can perform an optional DNS check to ensure that the domain is valid and/or connect via SMTP. (Maybe this type of verification will also cut down on spam from obviously fake domains.)
Comment by External U.
18795 | August 06, 2012 01:54:47 PM GMT
My vote from the prerelease appears to have been dropped. Not supporting IDN is fail. Not using the underlying Java code that actually works is fail. Not doing this for years is fail.
Vote by External U.
18804 | September 03, 2012 09:12:40 AM GMT
Fixed: Here are some more email ID's tested with their result using isValid() : "()<>[]:,;@\\\"!#$%&'*+-/=?^_`{}| ~.a" YES " " YES admin@mailserver1: YES user@[IPv6:2001:db8:1ff::a0b:dbd0]: YES "very.(),:;<>[]\".VERY.\"very@\\ \"very\".unusual" YES "" YES YES NO NO a"b(c)d,e:f;gi[j\k] NO just"not" NO this is"not\ NO this\ still\"not\\ NO (Comment added from ex-user id:nawani)
Comment by Adobe D.
18796 | October 09, 2013 08:40:43 AM GMT
VERY GOOD WORK, based on Anuj's comment below. Cheers. -- Adam
Comment by External U.
18797 | October 09, 2013 08:48:42 AM GMT
Echo Adam's congrats to Anuj. Did you try with IDN domains as well e.g. username@domain.?? ?
Comment by External U.
18798 | October 09, 2013 08:53:51 AM GMT
Hi Tom, I just confirmed that Splendor Public Beta still returns "NO" for this: isValid("email", "username@domain.??") Thanks, -Aaron
Comment by External U.
18799 | February 28, 2014 04:01:58 AM GMT
Hi Adam, FWIW, I also confirmed that your example returns * "YES" in Splendor Public Beta. Thanks, -Aaron
Comment by External U.
18800 | February 28, 2014 04:05:21 AM GMT
In CF 10,0,18,296330 this problem still persists.
Comment by External U.
18801 | January 19, 2016 10:39:43 AM GMT