I also reached out to them on Twitter but they directed me to this form. I followed up with them on Twitter with what happened in this screenshot but they are now ignoring me.

  • macniel@feddit.de
    link
    fedilink
    English
    arrow-up
    308
    arrow-down
    2
    ·
    11 months ago

    When you insist on implementing your own email address validation…

    • DeltaTangoLima@reddrefuge.com
      link
      fedilink
      English
      arrow-up
      158
      ·
      11 months ago

      I have my own domain that uses a specific 2-letter ccTLD - it’s a short domain variation of my surname (think “goo.gl” for Google). I’ve been using it for years, for my email.

      Over those years, I have discovered an astonishing number of fuckheaded organisations whose systems insist I should have an email address with a “traditional” TLD at the end.

      • stickmanmeyhem@lemmy.world
        link
        fedilink
        English
        arrow-up
        88
        ·
        11 months ago

        A few years back I bought a .family domain for my wife and I to have emails at ourlastname.family That lasted a week because almost every online service wouldn’t accept it. Now we have a .org

        • CosmicTurtle@lemmy.world
          link
          fedilink
          English
          arrow-up
          43
          ·
          11 months ago

          Doesn’t surprise me one bit. I’ve noticed that a lot of websites will only accept .com and a few will only accept email addresses from popular providers (Gmail, Hotmail, outlook, etc.)

          My guess is that it’s trying to reduce spam and fake account generation.

          • deweydecibel@lemmy.world
            link
            fedilink
            English
            arrow-up
            57
            ·
            11 months ago

            My guess is that it’s trying to reduce spam and fake account generation.

            Thus preventing the growth of any small providers and further entrenching Microsoft, Google, Apple, and a handful of others as the only “viable” options.

          • MBM@lemmings.world
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            1
            ·
            11 months ago

            Feels very relevant to the fediverse, with how people tend to compare it to email.

          • Throwaway@lemm.ee
            link
            fedilink
            English
            arrow-up
            9
            arrow-down
            14
            ·
            11 months ago

            Yeah, that’s it pretty much.Like 99% of your legitimate users are going to be standard gmail/yahoo/hotmail/etc. You see a user from ten minute mail, it’s probably some shady shit.

            • CosmicTurtle@lemmy.world
              link
              fedilink
              English
              arrow-up
              22
              arrow-down
              1
              ·
              11 months ago

              Not necessarily shady.

              I use 10 minute email if a merchant requires me enter an email account before seeing the total price on an item (including shipping). That’s the most common pattern I’ve seen. My guess is that they want to ping you to complete the purchase.

              Or a website might require free registration in order to view the content.

              One place I use 10-minute email is actually Spotify. I didn’t want to give them my Gmail address since your name is exposed to the world via their sharing API.

              Don’t get me wrong, there are a lot of bad uses for it as well. But privacy minded people use it too.

                • CosmicTurtle@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  ·
                  11 months ago

                  When you share your playlist or have Spotify hooked up to some other service like discord, it shows the name associated with the account.

                  And changing that name is not as straight forward as you might think.

                  Given the fact that it’s shared so easily, I wouldn’t be surprised if email addresses could be exposed with the right options.

        • frozen@lemmy.frozeninferno.xyz
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          11 months ago

          I went with .io specifically for this. It doesn’t look special or anything, it’s just cheaper than .org and accepted anywhere I’ve tried, so far.

      • lunarul@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        edit-2
        11 months ago

        My first email address was @k.ro (a free email provider many many years ago) and many websites thought a valid second-level domain name cannot be just one letter

      • PM_Your_Nudes_Please@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        11 months ago

        Same. There are a lot of sites that just outright refuse to accept my email address that I’ve had for years, because it’s not a .com TLD.

        • nybble41@programming.dev
          link
          fedilink
          English
          arrow-up
          2
          ·
          11 months ago

          CVS and E*Trade both refused to accept my fairly standard [email protected] address during initial registration, but had no issue changing to that address once the account was created. It would be nice if their internal teams communicated a bit better.

    • cley_faye@lemmy.world
      link
      fedilink
      English
      arrow-up
      44
      arrow-down
      2
      ·
      11 months ago

      The only useful email validation is “can I get an MX from that” and “does it understand what I’m saying in that SMTP”. Anything else is someone that have too much free time.

        • vithigar@lemmy.ca
          link
          fedilink
          English
          arrow-up
          33
          ·
          11 months ago

          Definitely a timesaver. Much faster to get incorrect email validation that way then to try building it yourself.

          • Archer@lemmy.world
            link
            fedilink
            English
            arrow-up
            13
            ·
            11 months ago

            Skip the building step and go straight to pulling your hair out over why it’s not working! Efficiency!

        • Katana314@lemmy.world
          link
          fedilink
          English
          arrow-up
          14
          ·
          11 months ago

          That probably lead to this exchange.

          Stack Overflow is useful, but…it needs more than a little parsing for useful answers.

        • felbane@lemmy.world
          link
          fedilink
          English
          arrow-up
          13
          ·
          11 months ago

          I know (hope) you’re being facetious, because the objectively best way to do email validation is to send a fuckin email to the provided address.

        • AnAngryAlpaca@feddit.de
          link
          fedilink
          English
          arrow-up
          3
          ·
          11 months ago

          To be valid, the email just has to match [anything@anything]. ,🙃@localhost can be perfect legal if localhost supports utf8 in usernames.

    • KickMeElmo@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      32
      arrow-down
      1
      ·
      11 months ago

      I’ve encountered this because my domain has a hyphen in it. Very irritating.

    • aard@kyu.de
      link
      fedilink
      English
      arrow-up
      22
      ·
      11 months ago

      I’m not aware of any correct email validations. I’m still looking for something accepting a space in the localpart.

      Also a surprising number of sites mess with the casing of the localpart. Don’t do that - many mailservers do accept arbitrary case, but not all. [email protected] and [email protected] are two different mail addresses, which may point to the same mailbox if you are lucky.

      • CosmicTurtle@lemmy.world
        link
        fedilink
        English
        arrow-up
        25
        arrow-down
        3
        ·
        11 months ago

        The only correct regex for email is: .+@.+

        So long as the address has a local part, the at sign, and a hostname, it’s a valid email address.

        Whether it goes somewhere is the tricky part.

        • xantoxis@lemmy.world
          link
          fedilink
          English
          arrow-up
          23
          arrow-down
          2
          ·
          edit-2
          11 months ago

          Sorry, this is not a correct regex for an email address.

          Sending using mail on a local unix system? You only need the local part.

          STOP VALIDATING NAMES AND EMAIL ADDRESSES. Send a verification email. Full stop. Don’t do anything else. You really want to do this anyway, because it’s a defense against bots.

          • Turun@feddit.de
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            1
            ·
            11 months ago

            I think it’s fair to prevent users from causing mail sent to your internal systems. It probably won’t cause any issues getting mail to the machine inbox for (no domain name), but it reasonably makes security uneasy.

            • xantoxis@lemmy.world
              link
              fedilink
              English
              arrow-up
              6
              ·
              11 months ago

              The statement I was responding to was “This is the correct email regex”. There is no correct email regex. Don’t parse emails with a regex. You probably don’t need to parse emails at all.

          • elrik@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            1
            ·
            11 months ago

            Yes, but no. Pretty much every application that accepts an email address on a form is going to turn around and make an API call to send that email. Guess what that API is going to do when you send it a string for a recipient address without an @ sign? It’s going to refuse it with an error.

            Therefore the correct amount of validation is that which satisfies whatever format the underlying API requires.

            For example, AWS SES requires addresses in the form UserName@[SubDomain.]Domain.TopLevelDomain along with other caveats. If the application is using SES to send emails, I’m not going to allow an input that doesn’t meet those requirements.

            • xantoxis@lemmy.world
              link
              fedilink
              English
              arrow-up
              7
              arrow-down
              1
              ·
              11 months ago

              Therefore the correct amount of validation is that which satisfies whatever format the underlying API requires.

              You mean the validation which the underlying API will perform on its own? You don’t need to do it.

              • elrik@lemmy.world
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                1
                ·
                11 months ago

                I disagree. You should have validation at each layer, as it’s easier to handle bad inputs and errors the earlier they are caught.

                It’s especially important in this case with email because often one or more of the following comes into play when you’re dealing with an email input:

                • You’re doing more than sending an email (for ex, creating a record for a new user).
                • The UI isn’t waiting for you to send that email (for ex, it’s handled through a queue or some other background process).
                • The API call to send an email has a cost (both time and money).
                • You have multiple email recipients (better hope that external API error tells you which one failed).

                I’m not suggesting that validation of an email should attempt to be exhaustive, but a well thought-out implementation validates all user inputs. Even the underlying API in this example is validating the email you give it before trying to send an email through its own underlying API.

                Passing obvious garbage inputs down is just bad practice.

          • laurelraven@lemmy.blahaj.zone
            link
            fedilink
            English
            arrow-up
            6
            ·
            11 months ago

            And this right here is a great example of why simple basic RegEx is rarely adequate

            At the very least, should be something like

            ^[^@\s]+@([^@\s.]+\.)+[^@\s.]+$

            I’m like 99% sure I missed at least a few cases there, and will say “please don’t use this for anything production”

            • jpeps@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              ·
              11 months ago

              Here’s two: you can have multiple @s forming relays in an email address, and you can also break all the rules around dots and spaces if you put quotes around the local part, eg ".sarah.."@emails.com

    • jwt@programming.dev
      link
      fedilink
      English
      arrow-up
      62
      arrow-down
      1
      ·
      11 months ago

      Probably, from what I can see the address in question isn’t really that exotic. but an email regex that validates 100% correctly is near impossible. And then you still don’t know if the email address actually exists.

      I’d just take the user at their word and send an email with an activation link to the address that was supplied. If the address is invalid, the mail won’t get delivered. No harm done.

      • Alexstarfire@lemmy.world
        link
        fedilink
        English
        arrow-up
        21
        arrow-down
        1
        ·
        11 months ago

        Actually, one of our customers found out the hard way that there is harm in sending emails to invalid addresses. Too many kickbacks and cloud services think you’re a bot. Prevented the customer from being able to send emails for 24 hours.

        This is the result of them “requiring” an email for customers but entering a fake one if they didn’t want to provide their email, and then trying to send out an email to everyone.

        Our software has an option to disable that requirement but they didn’t want to use it because they wanted their staff to remember to ask for an email address. It was not a great setup but they only had themselves to blame.

        • jwt@programming.dev
          link
          fedilink
          English
          arrow-up
          14
          ·
          11 months ago

          My guess is that would also occur with valid but non-existing e-mail addresses no? The regex would not be a remedy there anyway.

          Of course you should only use the supplied e-mail address for things like mass mailings once it has been verified (i.e. the activation link from within the mail was clicked)

          • Alexstarfire@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            11 months ago

            That’s exactly what they did. They used something like [email protected] to get around the checks we had in place. I’ve intentionally been vague but most people will give their email address to our customers and won’t give a fake one. So under normal situations the amount of bounce backs would be minimal: fat fingering, hearing them incorrectly, or people misremembering their email. Not enough to worry about. Never thought we’d come across a customer intentionally putting in bad email addresses for documentation purposes. They could have just asked us to make the functionality they wanted.

      • Echo Dot@feddit.uk
        link
        fedilink
        English
        arrow-up
        19
        arrow-down
        1
        ·
        11 months ago

        The best of validation is just to confirm that the email contains a @ and a . and if it does send it an email with a confirmation link.

        • __dev@lemmy.world
          link
          fedilink
          English
          arrow-up
          29
          ·
          11 months ago

          TLDs are valid in emails, as are IP V6 addresses, so checking for a . is technically not correct. For example a@b and a@[IPv6:2001:db8::1] are both valid email addresses.

          • HotChickenFeet@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            24
            arrow-down
            1
            ·
            11 months ago

            I feel like using a@[IPv6:2001:db8::1] is asking for trouble everywhere online.

            But its tempting to try out, not many people would expect this.

            • Crass Spektakel@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              11 months ago

              try [email protected] or user@d.e.a.d.b.e.e.f.0.1.2.3.4.5.6.7.8.9.a.b.c.d.e.f.0.0.0.0.1.2.3.4.ip6.arpa just for the giggles. Mix it with BANG-Adressing:

              123.45.67.89.in-addr.arpa!d.e.a.d.b.e.e.f.0.1.2.3.4.5.6.7.8.9.a.b.c.d.e.f.0.0.0.0.1.2.3.4.ip6.arpa!user

        • rottingleaf@lemmy.zip
          link
          fedilink
          English
          arrow-up
          28
          arrow-down
          1
          ·
          11 months ago

          Personally I don’t think that sucks or is even wrong. Case-independent text processing is more cumbersome. ‘U’ and ‘u’ are two different symbols. And you have to make such rules for every language a part of your processing logic.

          If people can take case-dependence for passwords (or official letters and their school papers), then it’s also fine for email addresses.

          The actual problem is cultural, coming from DOS and Windows where many things are case-independent. It’s an acquired taste.

          • Redredme@lemmy.world
            link
            fedilink
            English
            arrow-up
            18
            arrow-down
            4
            ·
            11 months ago

            Im with the earlier “yeah… No.”

            Because

            “If people can take case-dependence for passwords”

            They cant now do they ? If they could passwords would be a-okay and there wouldn’t be any need for stickies on monitors, password managers, biometrics, SSO, MFA and passwordless authentication.

            The dumbest idea in computing is assuming everyone is as smart as you.

            They aren’t. Why isn’t *nix any bigger? Here’s your answer. People are stupid.

            Why did IT only finally took off with windows 3.11? because people could understand that. Barely. Most of us where way to dumb for everything which came before.

            Why does ipv6 acception takes so long? Because people are stupid and don’t get it. Nobody really gets hex. So they just stay with what they can read and more or less get. Even the hardest part of ip4, subnetting, has an easy way out: just add 255.255.255.0 in there and it works. Doesnt work? Keep replacing 255 with zeros and eventually it will. Subnetting on ipv6? No idea. Let’s just disable ipv6 on the internal lan and leave everything on ipv4. Zero migration, zero risk, zero training needed.

            Why do so many companies only go half assed into cloud? Because they don’t get it.

            Powershell? Only half, a third even, of the admins truly get it.

            I could go on.

            Succes is build on simplicity.

            • rottingleaf@lemmy.zip
              link
              fedilink
              English
              arrow-up
              6
              arrow-down
              1
              ·
              11 months ago

              Oh, I like writing such rants too, so I’ll answer with lots of words.

              They cant now do they ? If they could passwords would be a-okay and there wouldn’t be any need for stickies on monitors, password managers, biometrics, SSO, MFA and passwordless authentication.

              Hardware tokens. With sufficient demand the scale would make them really cheap.

              It’s exactly because of having experience with making work the whole zoo that engineers don’t understand how much easier that would be for normies.

              The dumbest idea in computing is assuming everyone is as smart as you.

              Assuming that everyone is as dumb as me in areas where I’m dumb would also be a mistake.

              Why isn’t *nix any bigger? Here’s your answer. People are stupid.

              Because of oligopoly. People are not stupid, but they have priorities and they don’t have some of the knowledge we have. Also it doesn’t really have to be that big immediately, all in good time.

              Why did IT only finally took off with windows 3.11? because people could understand that. Barely. Most of us where way to dumb for everything which came before.

              Can’t comment on that, I was born in 1996.

              Why does ipv6 acception takes so long? Because people are stupid and don’t get it. Nobody really gets hex. So they just stay with what they can read and more or less get. Even the hardest part of ip4, subnetting, has an easy way out: just add 255.255.255.0 in there and it works. Doesnt work? Keep replacing 255 with zeros and eventually it will. Subnetting on ipv6? No idea. Let’s just disable ipv6 on the internal lan and leave everything on ipv4. Zero migration, zero risk, zero training needed.

              Because not everything supports it right, including some industrial equipment and network hardware, there may be new bugs in everything involved, the old ways work and it’s not just v4 with longer address, so people fear making mistakes in configuration.

              Why do so many companies only go half assed into cloud? Because they don’t get it.

              Now think about similar horrors in, say, piping in houses, or other construction stuff. Or cars. Or roads. Everything is half-assed. It’s normal.

              Powershell? Only half, a third even, of the admins truly get it.

              I kinda get it, but also hate it. Hard to read.

              In general:

              The most precious secret you can get from experience is that people are not stupid when they are given easy opportunity to try many things and choose what they like.

          • dan@upvote.au
            link
            fedilink
            English
            arrow-up
            10
            ·
            edit-2
            11 months ago

            ‘U’ and ‘u’ are two different symbols. And you have to make such rules for every language a part of your processing logic.

            Unicode has standard rules for case folding, which includes the rules for all languages supported by Unicode. Case-insensitive comparisons in all good programming languages uses this data.

            Note that you can’t simply convert both strings to uppercase or lowercase to compare them, as then you’ll run into the Turkish i problem: https://haacked.com/archive/2012/07/05/turkish-i-problem-and-why-you-should-care.aspx/

          • Natanael@slrpnk.net
            link
            fedilink
            English
            arrow-up
            4
            ·
            11 months ago

            But then you run into the issue of incredibly trivial impersonation on any email service which doesn’t reserve all variants of registered names

            • rottingleaf@lemmy.zip
              link
              fedilink
              English
              arrow-up
              1
              ·
              11 months ago

              Yes, email as it really exists kinda sucks, but the idea was nice. When it ran over UUCP, LOL.

    • laurelraven@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      4
      ·
      11 months ago

      That’s what it looks like to me too

      I could probably write a RegEx for email format validation that’s accurate, but why would I when there are ones already written and readily available that covers all possible legit variations on the standard? I never understood why people insist on writing their own (crap) RegEx for something with as many possible variations they can miss like email…

      And that one isn’t even a weird edge case! It’s a domain with a sub domain, if they can’t even cover that case then it’s an extra shitty RegEx

      • ShunkW@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        2
        ·
        11 months ago

        Let’s see your regex pattern that covers every possible valid email address and rejects all invalid then. It’s not remotely as easy as you’re making it out to be.

        Not saying this isn’t a shitty pattern, but you can’t make a claim like that.

        • laurelraven@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          11 months ago

          What claim, that I probably could? I didn’t say anything at all about it being easy, it would be a pain in the ass and involve a lot of checking the RFC, but I could probably make one that accurately represents the spec if I wanted to take the time, and even then I’m not exactly confident I would hit every edge case.

          But why would I go to that hassle when there are well designed and vetted ones available?

          I believe you missed the point I was making

          • nybble41@programming.dev
            link
            fedilink
            English
            arrow-up
            2
            ·
            11 months ago

            The full email address syntax described in the RFC cannot be precisely matched with a mere regular expression due to the support for nested comments. The need to track arbitrarily deep nesting state makes it a non-regular language.

            If you remove the comments first the remainder can be parsed with a very complex regex, but it will be about a kilobyte long.

          • elephantium@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            when there are well designed and vetted ones available?

            I’m not convinced of this, tbh. IIRC the RFC can’t be described in a regex at all.

      • Echo Dot@feddit.uk
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        11 months ago

        And that one isn’t even a weird edge case! It’s a domain with a sub domain, if they can’t even cover that case then it’s an extra shitty RegEx

        Like my work email which is “[email protected]

  • 48954246@lemmy.world
    link
    fedilink
    English
    arrow-up
    97
    ·
    11 months ago

    The best way to validate an email address is to sent it an email validation link.

    Anything outside of that is a waste of effort.

  • Snapz@lemmy.world
    link
    fedilink
    English
    arrow-up
    94
    arrow-down
    1
    ·
    11 months ago

    Modern customer service is about willfully designed layers of broken system engineered specifically to frustrate the majority of people that can’t regulate their emotions. It’s always a series of about “12 doors” you have to cross through that are exceedingly difficult to pass through. They are designed to sap your energy with the hope that you eventually reach a boiling point, hang up, get distracted, go on with your day and never follow up out of fear of starting the same process again.

  • Ratulf@feddit.de
    link
    fedilink
    English
    arrow-up
    52
    ·
    edit-2
    11 months ago

    If that’s their standard, you can probably just edit the html to make the login button active and then sign-in.

    • shastaxc@lemm.ee
      link
      fedilink
      English
      arrow-up
      5
      ·
      11 months ago

      It depends if they have backend validation on their API as well that has the same rules

  • Toes♀@ani.social
    link
    fedilink
    English
    arrow-up
    51
    ·
    11 months ago

    You’re talking to a bot that has a crappy parser and doesn’t understand what a subdomain is.

    • Syndic@feddit.de
      link
      fedilink
      English
      arrow-up
      135
      ·
      11 months ago

      Nah, it’s just a old school chat bot following a predefined flow chart. And in this flowchart someone implemented an improper email check.

      It’s pretty much the same as if there was just a website with an email field which then complains about a non valid email which in fact is very valid. And this is pretty common, the official email definition isn’t even properly followed by most mail providers (long video but pretty funny and interesting if you’re interested in the topic).

      • dan@upvote.au
        link
        fedilink
        English
        arrow-up
        26
        ·
        edit-2
        11 months ago

        You can use symbols like [ ] . { } ~ = | $ in the local-part (bit before the @) of email addresses. They’re all perfectly valid but a lot of email validators reject them. You can even use spaces as long as it’s using quotation marks, like

        "hello world"@example.com
        

        A lot of validators try to do too much. Just strip spaces from the start and end, look for an @ and a ., and send an email to it to validate it. You don’t really care if the email address looks valid; you just care whether it can actually receive email, so that’s what you should be testing for.

        • itsralC@lemm.ee
          link
          fedilink
          English
          arrow-up
          16
          ·
          11 months ago

          Not even a dot: TLDs are valid email domains. joe@google is a correct address.

          • RubberElectrons@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            3
            ·
            11 months ago

            Mmm… That doesn’t seem right, it’s usually gotta be fully expanded to at least a particular A record/MX.

            How would you tie the tld itself to an MX?

            • TwitchingCheese@lemmy.world
              link
              fedilink
              English
              arrow-up
              14
              ·
              11 months ago

              TLD is just another DNS layer, try an SOA or NS lookup for “com.” those are obviously hosted somewhere. Hell the “.” at the end is even another layer with the root nameservers. You’d probably trip up a bunch of systems that filter on common convention rather than the actual RFC, but you could do it.

              • RubberElectrons@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                11 months ago

                How the hell were the original rfc designers so creative as to result in such a flexible system?? It’s gets crazier the more you look at it.

                • PoolloverNathan@programming.dev
                  link
                  fedilink
                  English
                  arrow-up
                  5
                  ·
                  11 months ago

                  It makes the system as a whole simpler. Your computer only needs to remember one root DNS server (although most computers allow setting 4 for redundancy) as opposed to one DNS server for each TLD, and it also makes adding TLDs easier.

          • PoolloverNathan@programming.dev
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            A lot of providers support plus‑aliasing, although it‌’‌s usually in a company‌’‌s best interest to block plus‑aliases.

            • dan@upvote.au
              link
              fedilink
              English
              arrow-up
              4
              ·
              11 months ago

              + symbols aren’t always used for aliasing though, and companies that strip them out can break the email address. There’s no guarantee that dan+foo@example.com is the same person as dan@example.com.

              I have a catchall domain and used to use email addresses like shopping+amazon@example.com with a Sieve rule to filter it into a “shopping” folder, but these days I just do amazon@example.com without the category or filtering.

        • tomi000@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          2
          ·
          11 months ago

          Yea but most of the time its more important to block code injection than to have the last promille of valid mail adresses be accepted.

          • dan@upvote.au
            link
            fedilink
            English
            arrow-up
            4
            ·
            11 months ago

            You’re not going to get code injection via an email address field. Just make sure you’re using prepared statements (if you’re using a SQL database) and that you properly escape the email if you output it to a HTML page.

      • Malfeasant@lemm.ee
        link
        fedilink
        English
        arrow-up
        13
        arrow-down
        1
        ·
        11 months ago

        interesting if you’re interested in the topic

        The first rule of tautology club is the first rule of tautology club.

      • lud@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        11 months ago

        Yeah that video is great. My favourite part is the Russian post address thing.

        He has a lot of interesting and funny talks like that.

      • sacbuntchris@lemmy.worldOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        The problem is their website also implemented an invalid email check when I try to login which is what got me to this point

      • force@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        5
        ·
        edit-2
        11 months ago

        Nah, it’s just a old school chat bot following a predefined flow chart.

        yes but that would be an AI still

        • stom@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          11 months ago

          A bunch of IF statements don’t qualify as an AI. That’s not how that works.

          • force@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            edit-2
            11 months ago

            Yeah mate you’re talking out of your ass. A bunch of if statements can, in fact, constitute an AI depending on the context. You don’t know what you’re talking about, stop trying to pretend you do.

            AI is a broad concept, a pathfinding algorithm can be considered AI, a machine learning image generator can be considered AI, a shitty chatbot with predefined responses (like this one) can be considered AI. Reducing something to a stupid sentence like “just a bunch of if statements” to try to make it seem absurd is. I can reduce something like ChatGPT the same way and it’d be pretty much as accurate as your take.

            You can draw any AI as a predefined flowchart, that’s literally the point, they just make decisions based off of data. Large NLP algorithms like ChatGPT are no exception, they’re just very large involving incomparably heavier mathematics.

            Here is a good stackoverflow answer to it that actually gives credible sources (including from the people who pioneered AI themselves): https://stackoverflow.com/a/54793198

            AI is very broad. You can use many different definitions of varying specificity to describe AI which can all be correct, even a shitty chatbot counts as AI despite being so basic. There’s no bottom limit for the complexity of AI.

            • stom@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              3
              ·
              edit-2
              11 months ago

              Selecting a canned-text response based on simple keywords is a long way from AI, and it’s foolish to equivocate equate the two of them.

              Also, chill tf out, and don’t be so aggressively presumptious. I have enough experience with the topics in question to point out how misleading this statement is.

              • force@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                11 months ago

                I suppose you didn’t click the link I sent – either that, or you think you know better than some of the leading figures in the field of AI… it’s not “a long way from AI”, it IS AI in its design and its purpose. It’s misleading to assert that it isn’t AI because it doesn’t meet your arbitrary complexity standard.

                I doubt you have any relavant experience in AI research or engineering based off of how you treat the concept of AI and even data science in general here… boiling the bot down to “just a series of if statements” – and then implying that lack of complexity makes it not an AI – is extremely naïve and is itself misleading, you can do that for anything, every program is ultimately just a bunch of if-else/goto and simple math operations. It’s just an attempt to conceptually reduce it so much that it seems absurd that it could be in the same category as more advanced AI. Despite the name, AI doesn’t have to meet some bar for “smartness”, it’s a ridiculously broad term and any program intended to mimic human behaviour falls under AI (no matter how poorly it does it).

                You confidently and rudely/condescendingly asserted something that is very blatantly ignorant of the subject of AI, I find it reasonable for me to assume that you had no idea what you were talking about, and I find it reasonable to very plainly call you out.

                Also you misused “equivocate”… it’s not a word used to compare two things, it means using double speak/speaking evasively, “to equivocate the two [AI vs. chatbots]” doesn’t mean anything. Did you mean “equate”?

                • stom@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  11 months ago

                  I did click your link. The accepted answer there states:

                  "The term artificial intelligence denotes behavior of a machine which, if a human behaves in the same way, is considered intelligent.

                  Again, I don’t think that selecting basic responses based on keywords found in the string meets the criteria for being qualified as an AI, as anyone with experience of a chat bot this simple knows it won’t hold up the illusion of “intelligence” for very long.

                  I did mean “equate”, you’re correct. The rest of my point remains - a very simple chat-bot like this is leaps and bounds from what would be termed an AI these days. To equate the two is misleading.

        • ChaoticNeutralCzech@feddit.de
          link
          fedilink
          English
          arrow-up
          15
          ·
          11 months ago

          Even “algorithm”, you could say! The text adventure game I made in BASIC when I was 14 is going to blow your mind. It is 100% artificial and uses logic (IF statements), hence AI!

  • 𝕱𝖎𝖗𝖊𝖜𝖎𝖙𝖈𝖍@lemmy.world
    link
    fedilink
    English
    arrow-up
    34
    ·
    11 months ago

    My Ameriprise account has its own email address because the fuckers don’t believe any email starting with email@ is a real email. I’ve called them a million times and got them to file a bug, which they did, and then closed as won’t fix.