|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #71893 Email address with long (>64) local-part rejected by FILTER_VALIDATE_EMAIL
Submitted: 2016-03-24 19:08 UTC Modified: 2016-03-25 01:45 UTC
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: bfarber at invisiopower dot com Assigned:
Status: Open Package: Filter related
PHP Version: 7.0.4 OS: CentOS / Windows
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2016-03-24 19:08 UTC] bfarber at invisiopower dot com
I have a valid email address that is being rejected by filter_var on two different servers.  If this has already been addressed, I apologize in advance for the duplicate bug report. I've tested with 5.5.12 and 5.4.43 with the same results, and I don't have another environment loaded right now with a more recent version of PHP.  That said, I looked through the changelog and no fixes stood out after 5.5.12 that would address this issue.

The example email address is This is an email provided by a newer service "DotLoop" but when we attempt to validate the email address on our end it fails. The email address is valid and has nothing out of the ordinary going on with it.  I did note several past bugs related to dash symbols and/or multiple dash symbols in the email address, so that may be relevant here since the email address has multiple dash symbols. 

Test script:

$email = "";

var_dump( filter_var( $email, FILTER_VALIDATE_EMAIL ) );

Expected result:
filter_var should return the email address as provided

Actual result:
filter_var returns FALSE


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2016-03-25 01:45 UTC]
-Summary: Valid email address rejected by FILTER_VAR +Summary: Email address with long (>64) local-part rejected by FILTER_VALIDATE_EMAIL -Type: Bug +Type: Feature/Change Request -PHP Version: 5.5.33 +PHP Version: 7.0.4
 [2016-03-25 01:45 UTC]
The email regex PHP uses [1] was written against RFC 2821, which imposes [2] a limit of 64 characters on the local part (stuff before the @). And while it was obsoleted by RFC 5321, the length limitation was unchanged [3].

Meanwhile the complementary RFC 5322 (which obsoleted 2822) uses "[a] liberal syntax" with no mention of a length limit, and does comment that "[t]he local-part portion is a domain-dependent string" [4].

The regex is behaving as expected but isn't quite flexible enough for your usage.

[1] (/ext/filter/logical_filters.c line 601)
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Jun 15 07:01:29 2024 UTC