I don't think I've ever had a working definition of a business rule beyond what feels right intuitively. I'm going to carry this forth with me.
Perhaps you've been reading this with mounting frustration: How about validating the address according to the SMTP spec?
Indeed, that sounds like something one should do, but turns out to be rarely necessary. As already outlined, users can easily supply a bogus address like foo@bar.com. It's valid according to the spec, and so what? How does that information help you?
I feel like this is the difference between an academic and a professional. One is trying to do it provably right and the other is trying to satisfy a need with limited resources.
Recently, I have seen web apps that requires an email address, then does the validation by sending an email to that address and only then allows the user to proceed with registration. That's probably the only sure way of validating an email. Users may still use disposable email addresses or short-lived aliases. But I think that's acceptable.
Well... yes. That was the point made in the article. Validating the email address doesn't do anything. The easiest way is to just sent a link to the entered address and see if the user can click it.
The academic view here is also ignoring the improved UX you get by being able to tell a user immediately if they've failed to fully type out email address which could happen for any number of reasons (another application stealing focus after they started typing, hitting tab by accident, certain kinds of typos, etc.).
I don't think I've ever had a working definition of a business rule beyond what feels right intuitively. I'm going to carry this forth with me.
I feel like this is the difference between an academic and a professional. One is trying to do it provably right and the other is trying to satisfy a need with limited resources.
Recently, I have seen web apps that requires an email address, then does the validation by sending an email to that address and only then allows the user to proceed with registration. That's probably the only sure way of validating an email. Users may still use disposable email addresses or short-lived aliases. But I think that's acceptable.
Well... yes. That was the point made in the article. Validating the email address doesn't do anything. The easiest way is to just sent a link to the entered address and see if the user can click it.
The academic view here is also ignoring the improved UX you get by being able to tell a user immediately if they've failed to fully type out email address which could happen for any number of reasons (another application stealing focus after they started typing, hitting tab by accident, certain kinds of typos, etc.).