Email addresses reflect evolving history, making simple validation unreliable. Avoid complex regular expressions and instead send verification emails. Providers like Gmail diverge from official rules, supporting varied formats despite technical restrictions on characters, length or readability.

Valid email addresses may include subdomains, lack dots, use IP literals, or feature non-standard domains. RFCs permit quoted local-parts, optional dots and trailing dots, plus case sensitivity. Client support varies despite technical validity.

Email handling involves complex pitfalls despite common case-insensitive server practices. Forcing case conversion risks Unicode errors, as uppercase or lowercase changes can alter characters irreversibly.

Unique indexes should use citext in Postgres or COLLATE utf8mb4_general_ci in MySQL. Plus tag subaddressing is valid but not universal across providers.

Verification requires sending confirmation emails with codes or links.