The use of private API endpoints for email validation is encouraged and there is no limit past the initial burst per minute rate.
Here’s a fairly common code sample from Rails Applications with some sort of authentication system: If you’re experienced at Regex, this seems simple. Sections 3.2.4 and 3.4.1 of the RFC go into the requirements on how an email address needs to be formatted and, well, there’s not much you can’t do in your email address when quotes or backslashes are involved.
If (like me when I first saw this) you AREN’T experienced at Regex, it takes a while to parse. The local string (the part of the email address that comes before the @) can contain any of these characters: is a valid email address. For this reason, for a time I began running any email address against the following regular expression instead: Simple, right? This is often the most I do and, when paired with a confirmation field for the email address on your registration form, can alleviate most problems with user error.
It is highly suggested that the private key is used whenever possible.
Parses a delimiter-separated list of email addresses into two lists: parsed addresses and unparsable portions.
Think about it this way: I register for your website under the email address . That’s probably going to bounce off of the illustrious mail daemon, but the formatting is fine; it’s a valid email address.