Email Regex: Validate Email Addresses

Use these email regex patterns to validate email addresses in forms and apps. Below you will find simple and stricter patterns, plus copy-ready examples for JavaScript, Python, and HTML form validation.

Email regex

For most apps, a practical email regex is enough. Start with a simple validation pattern for common email formats, and use a stricter regex only if your product truly needs it.

Recommended practical regex:

^\S+@\S+\.\S+$

Stricter regex:

^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$

What the practical regex matches:

• hello@example.com
• team@uibakery.io
• name.surname@company.co

What it does not match:

• hello@
• example.com
• hello example@company.com
• hello@example

Quick note: Regex can validate email format, but it cannot prove that an address really exists or can receive messages.

Best email regex for most apps

If you need a practical email regex for forms and everyday validation, use:

^\S+@\S+\.\S+$

This pattern:

• requires text before @
• requires text after @
• requires a dot in the domain part
• rejects spaces

It is not fully RFC-compliant, but it is often the right tradeoff for signup forms, contact forms, and internal tools.

Stricter email regex

If you need stricter syntax validation, use:

^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$

This version catches more invalid formats, including some cases with invalid dot placement. It is a better choice when you need tighter client-side validation without jumping to a very long RFC-level regex.

The basic validation

A simple JavaScript regex to validate string against email format and catch the most obvious syntax errors:

/^\S+@\S+\.\S+$/

Example code in Javascript:

// Validate email address
const validateEmailRegex = /^\S+@\S+\.\S+$/;
validateEmailRegex.test('hello@uibakery.io'); // Returns true

// Extract email addresses from a string
const extractEmailRegex = /\S+@\S+\.\S+/g;
'You can reach me out at hello@uibakery.io and contact@uibakery.io'.match(extractEmailRegex); // returns ['hello@uibakery.io', 'contact@uibakery.io']

The more complex email regex

This Javascript regular expression will match 99% of valid email addresses and will not pass validation for email addresses that have, for instance:

• Dots in the beginning
• Multiple dots at the end

But at the same time it will allow part after @ to be IP address.

/^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$/ 

Example code in Javascript:

var regex = /^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$/;
regex.test('hello@uibakery.io.'); // returns false
regex.test('hello@192.168.0.1'); // returns true

RFC 5322 compliant regex

This Javascript regular expression is compliant to RFC 5322 standard which allows for the most complete validation. Usually, you should not use it because it is overkill. In most cases apps are not able to handle all emails that this regex allows.

/(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])/

Example code in Javascript:

var regex = /(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])/;
regex.test('hello@uibakery.io'); // returns true

Common mistakes

1. Using an overly complex RFC regex by default

Most products do not need a huge RFC 5322-level pattern in the first line of client-side validation. It makes the page harder to use and the code harder to maintain.

Start with a practical regex unless your use case clearly requires more.

2. Expecting regex to prove the email exists

Regex only checks format. It cannot tell whether:

• the mailbox exists
• the domain accepts mail
• the address can receive messages

If you need real validation, use verification email flows or backend validation logic.

3. Blocking valid emails because the regex is too strict

Some aggressive patterns reject addresses that are technically valid or commonly used in real products. If conversion matters, do not over-tighten validation unless there is a strong product reason.

4. Using validation regex for extraction

This validation pattern:

^\S+@\S+\.\S+$

is for checking the full string.

This extraction pattern:

\S+@\S+\.\S+

is for finding emails inside longer text.

Extra information about validating email

As was stated previously, regex email validation can not fully guarantee that email exists and the message can be delivered. The best way how to know for sure that email is valid is to actually send an email to that address because even paid email validation services do not provide a 100% guarantee for that.