Proper email validation in Django is fundamental for data integrity and reliable user communication. We will walk through four distinct methods, providing working code for each. Along the way, we'll examine the pitfalls of traditional validation and see how Abstract API helps overcome them.
How to Implement Email Validation in Django
Django offers several ways to validate email addresses. Here we explore three common approaches, from built-in tools to custom logic, each with its own implementation and use case.
Django’s Built-in EmailField and EmailValidator
Django’s “models.EmailField” automatically attaches the “django.core.validators.EmailValidator”. This validator uses a regular expression that follows RFC 5322 standards and accepts domains encoded with IDNA. The field’s maximum length is 320 characters, so your database column length must be consistent.
For data that is not bound to a model instance, you can invoke the validator directly with the “validate_email(value)” function. The validator also includes “whitelist” or “allowlist” parameters, which let you permit local development domains according to the Django testing documentation.
from django.core.validators import validate_email
def create_user(email):
validate_email(email) # raises ValidationError on failure
return User.objects.create(email=email)
class Customer(models.Model):
email = models.EmailField(unique=True) # DB & validator in one line
Form-Layer Validation with Clean Logic
This method prevents polluted data from entering the “cleaned_data” dictionary before a model save. It helps keep user interfaces and REST interfaces consistent and allows for contextual checks, such as domain policies or duplication across models.
The form’s “EmailField” still runs the default “EmailValidator” first. Custom code inside a “clean_email” or “clean” method only runs if that initial syntax check passes. This approach separates domain logic from syntax checks, a topic explored on Stack Overflow.
class SignupForm(forms.ModelForm):
class Meta:
model = Account
fields = ('email',)
def clean_email(self):
email = self.cleaned_data['email']
if not email.endswith('.edu'):
raise forms.ValidationError('Only .edu addresses allowed')
return email
def clean(self):
data = super().clean()
if data.get('send_copy') and not data.get('email'):
self.add_error('email', 'Email is required for copies.')
return data
A Custom Validator via Subclass or Composition
You can inject a custom validator to impose length limits that match your storage, such as 254 characters. Other use cases include the disallowance of quoted local parts, the enforcement of corporate SSO suffixes, or a performance tune of the regex.
As an alternative, you can attach “RegexValidator” instances or use a standalone function and add it to the “validators” list. This technique is detailed in Django's documentation and related project tickets.
from django.core.validators import EmailValidator
from django.core.exceptions import ValidationError
import re
class TightEmailValidator(EmailValidator):
user_regex = re.compile(r'^[A-Za-z0-9._+-]{4,64}$')
domain_regex = re.compile(r'^[A-Za-z0-9.-]+\.[A-Za-z]{2,10}$')
def __call__(self, value):
super().__call__(value) # run Django’s default first
if len(value) > 254:
raise ValidationError('Email exceeds 254 chars.')
class Partner(models.Model):
email = models.EmailField(validators=[TightEmailValidator()])
Challenges of Email Validation in Django
While Django’s built-in tools offer a solid start, they present several limitations. These drawbacks can lead to validation inconsistencies, security gaps, and problems with international user data.
- Django's EmailValidator regex simplifies broad RFC standards. This compromise creates false positives and false negatives, as it accepts some invalid formats while it rejects others that are technically valid.
- The built-in EmailValidator struggles with international addresses. It relies on an outdated punycode standard, which causes the rejection of valid emails that use modern international character sets like Thaana.
- Front-end and back-end validation rules often conflict. A browser might accept an email that Django’s EmailValidator rejects, which creates inconsistent user experiences and difficult-to-diagnose bugs on form submission.
- A syntactically valid email says nothing about its deliverability. Methods like EmailField or custom validators cannot detect disposable domains or confirm the mail server exists, which leaves security and reliability gaps.
Validate Emails with Abstract API
Keep your user data clean. Add a simple email validation step to your Django project.
Get started for free
How Abstract API Handles Email Validation in Django
Abstract API addresses the core weaknesses of traditional Django validation. It provides a multi-layered check that goes beyond basic syntax.
- It performs syntax checks and offers autocorrect suggestions for common typos.
- It detects disposable, role-based, and free email providers.
- It executes a real-time SMTP handshake and MX record lookup to confirm the address can receive mail.
- It provides a quantitative quality score and checks for catch-all configurations, spam traps, and greylists.
How to Set Up Abstract API in Your Project
Once you're familiar with Abstract’s capabilities, you can add its email validation API to your project with a few simple steps.
- Create a free account on Abstract API and obtain your API key from the dashboard.
- Install the requests library through pip or add it to your requirements.txt file.
- Export the API key as an environment variable and reference it in your settings.py file.
- Write a utility function that sends a request to the API endpoint.
- Use the function within a form or serializer to validate the email.
Sample Email Validation Implementation with Abstract API
This code first defines a utility function, validate_email, to handle the API call. It sends the email address to the Abstract API endpoint with your key. The SignupForm then uses this function in its clean_email method. If the API response shows the email is not "DELIVERABLE" or comes from a disposable provider, the form raises a validation error.
# utils/email_validation.py
from django.conf import settings
import requests
BASE = "https://emailvalidation.abstractapi.com/v1/"
def validate_email(addr: str) -> dict:
params = {"api_key": settings.ABSTRACT_EMAIL_API_KEY, "email": addr}
r = requests.get(BASE, params=params, timeout=3)
r.raise_for_status()
return r.json()
# forms.py
from django import forms
from utils.email_validation import validate_email
class SignupForm(forms.Form):
email = forms.EmailField()
def clean_email(self):
e = self.cleaned_data["email"]
data = validate_email(e)
if data["deliverability"] != "DELIVERABLE" or data["is_disposable_email"]["value"]:
raise forms.ValidationError("Undeliverable or disposable email.")
return e
A successful API call returns a detailed JSON object like this:
{
"email":"johnsmith@gmail.com",
"autocorrect":"",
"deliverability":"DELIVERABLE",
"quality_score":0.9,
"is_valid_format":{"value":true,"text":"TRUE"},
"is_free_email":{"value":true,"text":"TRUE"},
"is_disposable_email":{"value":false,"text":"FALSE"},
"is_role_email":{"value":false,"text":"FALSE"},
"is_catchall_email":{"value":false,"text":"FALSE"},
"is_mx_found":{"value":true,"text":"TRUE"},
"is_smtp_valid":{"value":true,"text":"TRUE"}
}
The deliverability and quality_score fields summarize the validation result. A value other than "DELIVERABLE" or a score below "0.7" indicates a risk. The is_free_email and is_disposable_email flags let you apply business rules, while is_mx_found and is_smtp_valid confirm the server accepts mail. The autocorrect field suggests fixes for common typos.
Final Thoughts
Traditional Django validators only check syntax, so they miss typos and disposable domains. They cannot confirm if an address receives mail. Abstract API overcomes these limits with real-time SMTP checks and domain analysis. For reliable validation, consider a free account on Abstract API to get your API key.
Validate Emails with Abstract API
Add email validation to your Django project to maintain a clean user list and improve deliverability.
Get started for free
