Are email addresses case sensitive?
Solution 1:
From RFC 5321, section 2.3.11:
The standard mailbox naming convention is defined to be "local-part@domain"; contemporary usage permits a much broader set of applications than simple "user names". Consequently, and due to a long history of problems when intermediate hosts have attempted to optimize transport by modifying them, the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address.
So yes, the part before the "@" could be case-sensitive, since it is entirely under the control of the host system. In practice though, no widely used mail systems distinguish different addresses based on case.
The part after the @ sign however is the domain and according to RFC 1035, section 3.1,
"Name servers and resolvers must compare [domains] in a case-insensitive manner"
In short, you are safe to treat email addresses as case-insensitive.
Solution 2:
I know this is an old question but I just want to comment here: To any extent email addresses ARE case sensitive, most users would be "very unwise" to actively use an email address that requires capitals. They would soon stop using the address because they'd be missing a lot of their mail. (Unless they have a specific reason to make things difficult, and they expect mail only from specific senders they know.)
That's because imperfect humans as well as imperfect software exist, (Surprise!) which will assume all email is lowercase, and for this reason these humans and software will send messages using a "lower cased version" of the address regardless of how it was provided to them. If the recipient is unable to receive such messages, it won't be long before they notice they're missing a lot, and switch to a lowercase-only email address, or get their server set up to be case-insensitive.
Solution 3:
Way late to this post, but I've got something slightly different to say...
>> "Are email addresses case sensitive?"
Well, "It Depends..." (TM)
Some organizations actually think that's a good idea and their email servers enforce case sensitivity.
So, for those crazy places, "Yes, Emails are case sensitive."
Note: Just because a specification says you can do something does not mean it is a good idea to do so.
The principle of KISS suggests that our systems use case insensitive emails.
Whereas the Robustness principle suggests that we accept case sensitive emails.
Solution:
- Store emails with case sensitivity
- Send emails with case sensitivity
- Perform internal searches with case insensitivity
This would mean that if this email already exists: [email protected]
... and another user comes along and wants to use this email: [email protected]
... that our case insensitive searching logic would return a "That email already exists" error message.
Now, you have a decision to make: Is that solution adequate in your case?
If not, you could charge a convenience fee to those clients that demand support for their case sensitive emails and implement custom logic that allows the [email protected] into your system, even if [email protected] already exists.
In which case your email search/validation logic might look like something this pseudocode:
if (user.paidEmailFee) {
// case sensitive email
query = "select * from users where email LIKE ?"
} else {
// case insensitive email
query = "select * from users where email ILIKE ?"
}
This way, you are mostly enforcing case insensitivity but allowing customers to pay for this support if they are using email systems that support such nonsense.
p.s. ILIKE is a PostgreSQL keyword: http://www.postgresql.org/docs/9.2/static/functions-matching.html
Solution 4:
IETF Open Standards RFC 5321 2.4. General Syntax Principles and Transaction Model
SMTP implementations MUST take care to preserve the case of mailbox local-parts. In particular, for some hosts, the user "smith" is different from the user "Smith".
Mailbox domains follow normal DNS rules and are hence not case sensitive
Solution 5:
Per @l3x, it depends.
There are clearly two sets of general situations where the correct answer can be different, along with a third which is not as general:
a) You are a user sending private mails:
Very few modern email systems implement case sensitivity, so you are probably fine to ignore case and choose whatever case you feel like using. There is no guarantee that all your mails will be delivered - but so few mails would be negatively affected that you should not worry about it.
b) You are developing mail software:
See RFC5321 2.4 excerpt at the bottom.
When you are developing mail software, you want to be RFC-compliant. You can make your own users' email addresses case insensitive if you want to (and you probably should). But in order to be RFC compliant, you MUST treat outside addresses as case sensitive.
c) Managing business-owned lists of email addresses as an employee:
It is possible that the same email recipient is added to a list more than once - but using different case. In this situation though the addresses are technically different, it might result in a recipient receiving duplicate emails. How you treat this situation is similar to situation a) in that you are probably fine to treat them as duplicates and to remove a duplicate entry. It is better to treat these as special cases however, by sending a "reminder" mail to both addresses to ask them if the case of the email address is accurate.
From a legal standpoint, if you remove a duplicate without acknowledgement/permission from both addresses, you can be held responsible for leaking private information/authentication to an unauthorised address simply because two actually-separate recipients have the same address with different cases.
Excerpt from RFC5321 2.4:
The local-part of a mailbox MUST BE treated as case sensitive. Therefore, SMTP implementations MUST take care to preserve the case of mailbox local-parts. In particular, for some hosts, the user "smith" is different from the user "Smith". However, exploiting the case sensitivity of mailbox local-parts impedes interoperability and is discouraged.