What is the best regex pattern for email validation?

The most commonly used email regex is [a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}. This pattern matches most valid email addresses while being simple enough for practical use. It checks for the basic structure: username@domain.tld.

Can regex perfectly validate all email addresses?

No. The full RFC 5322 specification for email addresses is extremely complex and cannot be perfectly expressed in a single regex. For most practical applications, a simplified pattern that checks for username@domain.tld structure is sufficient. For strict validation, consider using a dedicated email validation library.

Does the email regex support plus addressing (Gmail aliases)?

Yes. The pattern [a-zA-Z0-9._%+-]+ includes the + character in the character class, so addresses like user+tag@gmail.com will match correctly. This supports Gmail-style plus addressing and similar alias systems.

How do I validate emails with subdomains?

The standard email regex already supports subdomains. The domain part [a-zA-Z0-9.-]+ matches dots and hyphens, so user@mail.example.com will match. The \.[a-zA-Z]{2,} at the end ensures there's at least a two-letter TLD.

Should I use regex or a library for email validation?

For most web forms and basic validation, regex is sufficient and fast. Use a regex pattern for client-side validation to give users immediate feedback. For security-critical applications, combine regex with a server-side validation library that performs additional checks like DNS MX record lookups.

What's the difference between simple and RFC-compliant email regex?

A simple email regex like [a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,} covers 99% of real-world email addresses. An RFC 5322 compliant regex is hundreds of characters long and handles extremely rare edge cases. For practical purposes, the simple pattern is recommended.

Email Regex Pattern — Validate Email Addresses with Regular Expressions

How the Email Regex Works

The standard email regex pattern breaks down into three main parts: the local part (username), the @ symbol, and the domain part. Let's examine each component:

[a-zA-Z0-9._%+-]+

Local part (username):Matches one or more letters, digits, dots, underscores, percent signs, plus signs, or hyphens. This covers standard usernames like "john.doe", "user+tag", and "info%40".

@

At symbol: The literal @ character separating the local part from the domain. Every valid email address requires exactly one @.

[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}

Domain part:Matches the domain name (letters, digits, dots, hyphens) followed by a dot and a top-level domain of at least two letters. This handles domains like "gmail.com", "mail.company.co.uk", etc.

Email Regex Patterns Compared

Different use cases call for different levels of email validation. Here are the most common approaches:

Simple Pattern (Recommended for most uses)

\S+@\S+\.\S+

Quick and dirty: matches anything with @ and a dot. Good for extracting emails from text, not for strict validation.

Standard Pattern (Best balance)

[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}

The sweet spot: validates structure while remaining readable and maintainable. Catches most typos and invalid formats.

Strict Pattern (For maximum validation)

^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$

Closer to RFC 5322 compliance. Handles more special characters and enforces domain label length limits. Use when you need stricter validation.

Common Email Validation Edge Cases

Email addresses are more varied than most people expect. Here are edge cases your regex should handle:

user+tag@gmail.com

Plus addressing (Gmail aliases)

user.name@domain.com

Dots in local part

user@sub.domain.com

Subdomains in domain

user@domain.co.uk

Multi-part TLDs

user@domain

Missing TLD

@domain.com

Missing local part

user@@domain.com

Double @ symbol

user@.com

Domain starts with dot

Email Regex in Different Programming Languages

The email regex pattern works across most programming languages with minimal modifications. Here's how to use it:

JavaScript

const emailRegex = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/;
const isValid = emailRegex.test("user@example.com");

Python

import re
email_regex = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
is_valid = re.match(email_regex, "user@example.com")

PHP

$email = "user@example.com";
$pattern = '/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/';
$isValid = preg_match($pattern, $email);

Best Practices for Email Validation

Use regex for format validation only
Regex checks that the email looks like a valid address. It cannot verify that the email actually exists or can receive mail.
Combine with confirmation emails
The only way to truly verify an email address is to send a confirmation email. Use regex as a first-pass filter, then confirm via email.
Validate on both client and server
Client-side regex validation gives instant feedback. Always re-validate on the server since client-side checks can be bypassed.
Be permissive, not restrictive
It's better to accept a slightly invalid email (and let the confirmation email fail) than to reject a valid one. Overly strict regex can block real users.