Here is a question for my IT/Sysadmin readers out there. When you get a user who has an apostrophe, or an unusual character in their last name, how do you go about setting up his or her email address? Do you:
- Drop the apostrophe and special characters and/or replace them with the closest ASCII equivalent to keep it easy
- Keep the special characters and force everyone in the world to struggle as they try to email that user
Apparently IT people at a certain bank that I will not name (but let me just say it’s initials are HSBC) think that option #2 is a good idea. Why? Let’s think about a hypothetical scenario in which, for example and apostrophe in the email could be a problem. Again, this is just a make believe situation that has never actually happened yesterday at my company.
So, hypothetically speaking a made up user JC calls me up yesterday and tells me that she can’t send email to one Frogurt D’mangello who works at the said bank. Why can’t she do it? Because Mr. Frogurt’s email looks like this:
On the surface this is ok – after all apostrophes are allowed to be part of the email address according to the RFC, right? I know this, you know this but apparently whoever hacked together SquirrelMail didn’t. So when you try to send an email to Mr. Frogurt via this popular and widely used webmail application his address becomes:
Yes, someone is running mysql_escape_string method on all input fields, even those which legally are allowed to contain MySQL unfriendly characters. I should be mad at SquirrelMail but you know what – they are doing the right thing. I sanitize all my input fields too when I work on a web application. Better be safe than sorry. Naturally, they could use strip_slashes just before actually sending the email but what are you going to do. It’s a bug (which might have been already patched in then newest release), but I can’t fix it because I do not maintain the SquirelMails server. :(
But the situation is now a conundrum because JC is behind some draconian firewall which blocks all outgoing ports save for port 80 meaning she can’t use Outlook to send emails. She also can’t use SquirrelMail due to this peculiar bug. So how do they communicate?
This could have been easily avoided if certain IT department simply had a policy which said “only dots and alphanumeric ASCII characters in usernames”. And not just because certain email packages may not support all the different addressing formats as specified in the RFC. It’s also because everyone thinks they know how to validate emails but they don’t. Half the validation scripts out there is just plain wrong. You actually need a 6.4K regular expression to cover all the different addressing schemes covered by the RFC. So if Mr. Frogurt wants to subscribe to some mailing list, or sign into some popular web application he might at one point be told his email is not valid. Remove the apostrophe, and even the most broken email validator will let it through.
Not to mention the hassle of emphasizing the apostrophe every time he tries to dictate his email address to someone over the phone. So really, other than blindly following the RFC, what other benefits are there of putting that non alphanumeric character in his email? Would Mr. Frogurt really mind if his email started with frogurt.dmangello? Would it really make his life a living hell, or would it actually spare him some potential hassles, misunderstandings and unnecessary tech support calls?
I too have a non-standar letter in my name. If I wanted, I could set up my email as: Łukasz@example.com. It would be legal under RFC but I would probably spend the rest of my days explaining to people what that “weird L” is and how to get it in Outlook. Oh, and no iPhone user would probably ever email me because these poor schmucks can’t copy and paste yet. ;P
I say stick to alphanumeric ASCII and dots. Anything more is just asking for trouble.
[tags]email, apostrophe in email, rfc, rant[/tags]