Laravel Email Validation Guide: Methods & Code Examples

Last Updated Mar 28, 2022
Emma Jagger

Engineer, maker, Google alumna, CMU grad

Table of Contents:

Laravel provides users with a wide array of options when it comes to email validation. In this article, we’ll explore all of these methods, showing you a code example for each.

Let’s look at these 6 email validation methods available in Laravel.

Don't reinvent the wheel.
Abstract's APIs are production-ready now.

Abstract's suite of API's are built to save you time. You don't need to be an expert in email validation, IP geolocation, etc. Just focus on writing code that's actually valuable for your app or business, and we'll handle the rest.

Get started for free

6 Email Validation Methods in Laravel

Laravel provides 6 methods for email validation. You can select the exact method that best suits your needs. We’ll explain each method in detail and provide a code example. Let’s get started.

1. rfc: RFCValidation

This method supports standard RFC-like email validation. RFCs are specifications that define the basic protocol for Internet electronic mail transport. There are different versions of these specifications. The RFCValidation library in Laravel supports the following RFCs:

The code for implementing this validation would be:


public function save(Request $request)
{

$validated = $request->validate([
  email=> 'email:rfc'
  ]);

  //If email passes validation, method will continue here.
}

2. strict: NoRFCWarningsValidation

Using strict will perform RFC-like validation that will fail when warnings are found. This is similar to the last RFC validation rule except for one key difference. It is stricter. This version will fail if any warnings are encountered, whereas the previous rule (rfc: RFCValidation) will only return a warning and the program will continue to run. 

The code for implementing this validation would be: 


public function save(Request $request)
{

$validated = $request->validate([
  email=> 'email:strict'
  ]);

  //If email passes validation, method will continue here.
}

3. DNS: DNSCheckValidation

The DNSCheckValidation will check if there are DNS records that signal whether the server accepts emails. Just using RFC validation may not be enough.  RFC’s perception of email is quite loose in terms of what it means by email. According to the RFC specification, example@gmail and example@gmail.con are valid emails.

To validate emails and properly filter out emails like example@gmail and example@gmail.con, we can use the DNS validator. To apply this level of validation on top of your existing RFC validation, you can simply change our code to:

All you need to do is change the validate method as follows:


public function save(Request $request)
{

$validated = $request->validate([
  email=> 'email:rfc,dns'
  ]);

  //If email passes validation, method will continue here.
}

This allows us to apply both DNS and RFC validation to our email addresses. 

This email validation checks if the email address domain exists or is configured to receive emails. It gets all MX, A, and AAAA DNS records for the host, and then it will count email addresses as valid if MX records exist and its target is not empty or if A and/or AAAA DNS records exist.

If a domain has A and/or AAAA records then we can confidently conclude that this domain exists. Next, if a domain has MX records and its target is not empty then it means that the domain is configured to receive emails. 

Note, in order to use DNS validation as we have described here, you must use install the intl extension.

4. spoof: SpoofCheckValidation

The SpoofCheckValidation is used to prevent email spoofing. Email spoofing is the act of trying to imitate a trusted email address or domain by changing letters or numbers to appear only slightly different than the original. So this validation checks if all characters of the email are from a single script. 

Let’s look at some sample code for this email validation rule:


public function save(Request $request)
{

$validated = $request->validate([
  email=> 'email:spoof'
  ]);

  //If email passes validation, method will continue here.
}

Note, in order to use the spoof validation as we have described here, you must use install the intl extension.

5. filter: FilterEmailValidation

This FilterEmailValidation uses the native PHP function filter_var with the FILTER_VALIDATE_EMAIL filter and FILTER_FLAG_EMAIL_UNICODE flag. This was Laravel's default email validation behavior prior to Laravel version 5.8. 

This filter validates against the email address syntax stated in RFC 822 with the exception that comments (strings of characters enclosed in parentheses), whitespace, and domain names without periods are not supported. For example, these emails from the list above will not pass filter validation:

  • (help)@example.com
  • please\ help\ me@example.com
  • help@example

6. Your own validation 

Laravel gives you the ability to extend the existing validation behavior by implementing your own validation rules. To do so, you need to implement an EmailValidation rule of your own.

In Laravel, you can create your own custom validation rules. This is easily achievable by using the Artisan command. For example, let’s create a validation rule which checks if the email address comes from a domain, “example.com”.

Using the artisan rule looks like so:


php artisan make:rule CustomValidation

This command will create a rule file in app/Rules directory. Open this directory and add your validation logic to the passes() method:


app/Rules/CustomValidation.php

public function passes($attribute, $value)
{
  $domainPart = explode('@', $value)[1] ?? null;

  if (!$domainPart) {
    return false;
  }

  if ($domainPart != 'examplel.com') {
    return false;
  }

  return true;
}

Add a custom error message to the message() method:


app/Rules/CustomValidation.php

public function message()
{
  return 'The :attribute must be a example.com address';
}

And then add this rule to your validation request:


'email' => [new CustomValidation()]

How Do I Check if An Email is Valid in Laravel?

Laravel provides validation rules to validate input fields. You can check if an email is valid or not in Laravel using the validate method by passing in the validation rules.

You can validate your email addresses using one or more of the validation rules we have discussed. Or as previously demonstrated, you can write your own custom validation method.

Which method is used to check validation error in Laravel?

You can create a method to validate an email at the time the user sends their request. This method might look like the following code:


$validator = Validator::make($request->all(), []);

  $validator->sometimes('email', 'unique:users,email', function ($input) {
    return $input->email !== Auth::user()->email;
  });

Alternatives to Laravel Email Address Validation

Of course, if you’re using other programming languages as part of your stack, you can implement email validation in one of these languages. Check out this guide on email validation in Java, if it applies to your current stack. One alternative to using Laravel email address validation, is to use an API. One such API is the Email Validation and Verification API from Abstract. This API provides a more thorough examination and will ensure that a valid email address is entered with a descriptive error message for any incorrect addresses. It’s a perfect alternative to checking if emails are properly formatted with custom client and server-side code that you would have to implement. 

You can learn the following information and perform the following checks using the Abstract API:

  • Typo checking and smart suggestions for errors.
  • Disposable and free email providers check allows you to only retain high-quality email addresses.
  • The API is privacy-friendly being GDPR and CCPA compliant.
  • The API can perform real-time MX & SMTP checks ensuring the address is valid and in use.

Abstract APIs are trusted by some of the biggest and best establishments in the industry such as Accenture, Google, and Standford.

If you think the Email Validation and Verification API is a good fit for your specific project, you can try it for free and implement it in your software solution immediately!

Wrapping up

We’ve covered a lot in this article. From the 6 main methods of Laravel email validation available through Laravel to some alternatives available such as the Abstract API. You should now be better equipped to implement an email validation rule that best suits your specific needs. Whether it’s using a built-in Laravel validation or using writing your own validation method, you now have the tools to handle the emails that your application ingests.

Laravel Email Validation Rules FAQs

Here are some answers to the two most common frequently asked questions when it comes to email validation in Laravel. 

Where do I put validation in Laravel?

Laravel provides several different approaches to validate your application's incoming data. By default, Laravel's base controller method uses a ValidatesRequests trait which provides a convenient method to validate incoming HTTP requests with a variety of powerful validation rules.

First, let's assume we have the following routes defined in our app/Http/routes.php file:


Route::get('post/create', 'PostController@create');
Route::post('post', 'PostController@store');

We need a simple controller method that handles these routes and a store method to save our data.


?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;

class PostController extends Controller
{
  public function create()
  {
    return view('post.create');
  }
    public function store(Request $request)
    {
      $this->validate($request, [
        email => 'email:rfc,dns'
      ]);
    }
  }

How do you add a validation rule in Laravel

We’ve covered this in point 6 of our 6 Methods for Email Validation in Laravel. In Laravel, you can create your own validation rules using the Artisan command. The code for this looks like this:


php artisan make:rule GmailValidation

Check out the full example from this article under point 6, your own validation.

Validate emails instantly using Abstract's email verification API.

Get started for free
Validate emails instantly using Abstract's email verification API.
Get started