[Nadya]

> Even on the left side of the @ a surprising number of scripts seem to fail on things that are perfectly acceptable characters.

I've had an input require a minimum of 3 characters on the left side of the @ to register. My email was just "me@example.com" using my own domain name. A perfectly valid email address. I am also unable to sign up for Id.me for the IRS because it rejects both of my personal email addresses. I cannot register to create NPM packages for the same reason. I also cannot sign up for Vercel either. I cannot sign up to Vercel via Github and when I try to sign up by email it says the account already exists. When I attempt to do a password recovery for the email it says "Sorry, we are unable to validate that email." So the original error of "account already exists" is actually wrong - the account doesn't exist and can't exist because they aren't able to validate the email for it.

My personal emails aren't even "weird" ones like ones with an emoji or punycode domain or non-Latin character sets.

I hate with a fiery, burning passion every site that attempts to do any kind of email validation beyond simply sending me an email and letting me click a link to verify my email exists.

[Gaelan]

Reminds me of the USPS vending machines in the post office, which helpfully obfuscate my email address, xyz@example.com, to xyz***@example.com

[cge]

>I hate with a fiery, burning passion every site that attempts to do any kind of email validation beyond simply sending me an email and letting me click a link to verify my email exists.

Yet at the same time, that's the one important validation that infuriatingly many sites don't do.

I once lost a protracted argument with the US Department of Education who absolutely refused to stop sending me private personal financial aid and academic details of a complete stranger who mistakenly gave them a common outlook.com email address that I have. As far as I can tell, in their view, since the user had put in a valid email address, that was their email address, and just because it was my email address didn't mean I was authorized to have it removed from the account. I continue to receive the person's private information from the state, colleges, and predatory businesses.

In fact, the number of mistaken accounts that get linked with that email address is fascinating. Paypal UK apparently does not send email validation requests before associating email addresses with accounts. Nordstrom does not. Internal divisions of the North Carolina Department of Insurance does not. UK Revenue and Customs apparently does not. Many of the larger organizations that, even more infuriatingly, always send emails from noreply addresses, and give no other way of contacting them other than logging into your account.

[epse]

Similar situation here. My address is s@myname.tld where is is the first letter of my name. So may rejects