Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
email-validator-dns-provider-rules
Advanced tools
email-validator-dns-provider-rules
Strict Email Validator with checking DNS MX records and email providers rules in browser!
Email validator dns provider rules
Email Validator with checking DNS MX records and strict real-life symbols rules
- more strict and realistic validation for symbols before "@"
- stricter specific rules for ESP like gmail, yahoo, etc
- check if domain really exist and works
- check if domain can receive emails (DNS MX record)
- your version of invalid reasons text
- passing your blocklist MX domains
- everything works in browser! (DNS query by DOH)
- works in Node.js via DNS library
- supports TypeScript and JavaScript
Invalid emails that other validators pass:
| reason | |
|---|---|
| som_e-one@gmail.com | Gmail don't allows "_" and "-" symbols |
| someone@8avymt4v93mvt3t03.com | "8avymt4v93mvt3t03.com" isn't real domain and dont have DNS MX records |
| s!o#m$e%o^n&e@realdomain.com | 99.99% public email providers allow only "a-z","0-9",".","_","-","+" before "@" part |
| someone@hotnail.com | possibility of adding your blocklist of domains and MX domains |
Usage
npm install email-validator-dns-provider-rules --save
import { isValidEmail, getLastInvalidText } from "email-validator-dns-provider-rules";
if (!await isValidEmail('someone@gmail.com')) {
alert('Please correct your email: ' + getLastInvalidText());
}
Your version of invalid reasons text
You can use getLastInvalidReasonId() and make dictionary with your version of text:
const INVALID_REASON_TEXT = {
INVALID_REASON_AMOUNT_OF_AT: 'no @ symbol or too many of them',
INVALID_REASON_USERNAME_GENERAL_RULES: 'invalid username before @ by general email rules',
INVALID_REASON_DOMAIN_GENERAL_RULES: 'invalid domain after @ by general domain rules',
INVALID_REASON_NO_DNS_MX_RECORDS: 'domain after @ has no DNS MX records',
INVALID_REASON_DOMAIN_IN_BLOCKLIST: 'email domain is in blocklist',
INVALID_REASON_USERNAME_VENDOR_RULES: 'invalid username before @ by domain vendor rules',
}
Passing your blocklist domains
const yourBlocklistDomains = ['somedomain.com', '...'];
isValidEmail('someone@gmail.com', yourBlocklistDomains);
Passing your DOH provider
You can choose other DNS over HTTPS provider or even create your own
isValidEmail('someone@gmail.com', null, 'https://your-provider-site/dns-query');
Testing
npm test
generating d.ts
npm i -g typescript
tsc
NPM package
https://www.npmjs.com/package/email-validator-dns-provider-rules
FAQs
Strict Email Validator with checking DNS MX records and email providers rules in browser!
The npm package email-validator-dns-provider-rules receives a total of 305 weekly downloads. As such, email-validator-dns-provider-rules popularity was classified as not popular.
We found that email-validator-dns-provider-rules demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 08 Jul 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025