🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

emval

Package Overview
Dependencies
Maintainers
1
Versions
10
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

emval

emval is a blazingly fast email validator

pipPyPI
Version
0.1.12
Maintainers
1

📬 emval

GitHub License GitHub Release GitHub last commit GitHub Actions Workflow Status Crates.io Version docs.rs PyPI

emval is a blazingly fast email validator written in Rust with Python bindings, offering performance improvements of 100-1000x over traditional validators.

performance image

Features

  • Drop-in replacement for popular email validators like python-email-validator, verify-email, and pyIsEmail.
  • 100-1000x faster than python-email-validator.
  • Validates email address syntax according to RFC 5322 and RFC 6531.
  • Checks domain deliverability (coming soon).
  • Supports internationalized domain names (IDN) and local parts.
  • Provides user-friendly syntax errors.
  • Normalizes addresses.
  • Rejects invalid and unsafe Unicode characters.

Getting Started

Install emval from PyPI:

pip install emval

or use emval in a Rust project:

cargo add emval

Usage

Quick Start

To validate an email address in Python:

from emval import validate_email, EmailValidator

email = "example@domain.com"

try:
    # Check if the email is valid.
    val_email = validate_email(email)
    # Utilize the normalized form for storage.
    normalized_email = val_email.normalized
except Exception as e:
    # Example: "Invalid Local Part: Quoting the local part before the '@' sign is not permitted in this context."
    print(str(e))

The same code in Rust:

use emval::{validate_email, ValidationError};

fn main() -> Result<(), ValidationError> {
    let email = "example@domain.com";
    let val_email = validate_email(email)?;
    let normalized_email = val_email.normalized;
    Ok(())
}

Configurations

Customize email validation behavior using the EmailValidator class:

from emval import EmailValidator

emval = EmailValidator(
    allow_smtputf8=False,
    allow_empty_local=True,
    allow_quoted_local=True,
    allow_domain_literal=True,
    deliverable_address=False,
    allowed_special_domains=['test', 'invalid'],
)

email = "user@[192.168.1.1]"

try:
    validated_email = emval.validate_email(email)
    print(validated_email)
except Exception as e:
    print(str(e))

The same code in Rust:

use emval::{EmailValidator, ValidationError};

fn main() -> Result<(), ValidationError> {
    let emval = EmailValidator {
        allow_smtputf8: false,
        allow_empty_local: true,
        allow_quoted_local: true,
        allow_domain_literal: true,
        deliverable_address: false,
        allowed_special_domains: vec!["test".to_string(), "invalid".to_string()],
    };

    let email = "example@domain.com";
    let validated_email = emval.validate_email(email)?;
    Ok(())
}

Options

  • allow_smtputf8: Allows internationalized email addresses.
  • allow_empty_local: Allows an empty local part (e.g., @domain.com).
  • allow_quoted_local: Allows quoted local parts (e.g., "user name"@domain.com).
  • allow_domain_literal: Allows domain literals (e.g., [192.168.0.1]).
  • deliverable_address: Checks if the email address is deliverable by verifying the domain's MX records.
  • allowed_special_domains: List of special-use domains to allow despite being reserved (e.g., ['test', 'invalid']).

Polars Plugin

emval includes a high-performance Polars plugin for validating email addresses in DataFrames at scale.

Installation

The Polars plugin is included when you install emval:

pip install emval

Usage

Import the validate_email function from emval.polars and use it with Polars expressions:

import polars as pl
from emval.polars import validate_email

# Create a DataFrame with email addresses
df = pl.DataFrame({
    "email": [
        "user@example.com",
        "invalid-email",
        "another.user@domain.org",
        ""
    ]
})

# Validate emails and add results as a struct column
result = df.with_columns(
    validated=validate_email(
        pl.col("email"),
        allow_smtputf8=True,
        allow_empty_local=False,
        allow_quoted_local=False,
        allow_domain_literal=False,
        deliverable_address=False,
        allowed_special_domains=[]
    )
)

# Extract individual fields from the validation result
result = result.with_columns(
    original=pl.col("validated").struct.field("original"),
    normalized=pl.col("validated").struct.field("normalized"),
    local_part=pl.col("validated").struct.field("local_part"),
    domain_address=pl.col("validated").struct.field("domain_address"),
    domain_name=pl.col("validated").struct.field("domain_name"),
    is_deliverable=pl.col("validated").struct.field("is_deliverable"),
)

print(result)

Return Fields

The validate_email function returns a struct with the following fields:

  • original: The original email address (null if invalid)
  • normalized: The normalized form of the email address (null if invalid)
  • local_part: The local part of the email address (null if invalid)
  • domain_address: The IP address if a domain literal was used (null otherwise)
  • domain_name: The domain name (null if invalid)
  • is_deliverable: Whether the email is deliverable based on MX records (null if invalid or not checked)

Invalid emails will have all fields set to null, making it easy to filter valid emails:

# Filter to only valid emails
valid_emails = result.filter(pl.col("normalized").is_not_null())

Performance Benefits

The Polars plugin leverages Rust's performance and Polars' columnar architecture to validate millions of email addresses efficiently. This is ideal for:

  • Data cleaning and validation pipelines
  • Batch processing of user data
  • ETL workflows
  • Large-scale email list verification

Technical Details

Email Address Syntax

emval adheres to the syntax rules defined in RFC 5322 and RFC 6531. It supports both ASCII and internationalized characters.

Internationalized Email Addresses

Domain Names

emval converts non-ASCII domain names into their ASCII "Punycode" form according to IDNA 2008. This ensures compatibility with systems that do not support Unicode.

Local Parts

emval allows international characters in the local part of email addresses, following RFC 6531. It offers options to handle environments without SMTPUTF8 support.

Unsafe Unicode Characters

emval rejects unsafe Unicode characters to enhance security, preventing display and interpretation issues.

Normalization

emval normalizes email addresses to ensure consistency:

  • Lowercasing domains: Domain names are standardized to lowercase.
  • Unicode NFC normalization: Characters are transformed into their precomposed forms.
  • Removing unnecessary characters: Quotes and backslashes in the local part are removed.

Acknowledgements

This project draws inspiration from python-email-validator. While python-email-validator is more comprehensive, emval aims to provide a faster solution.

Getting Help

For questions and issues, please open an issue in the GitHub issue tracker.

License

emval is licensed under the MIT License. See the LICENSE file for more details.

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious Crate Mimicking ‘Finch’ Exfiltrates Credentials via a Hidden Dependency

Security News

/

Research

Malicious Crate Mimicking ‘Finch’ Exfiltrates Credentials via a Hidden Dependency

Socket found a Rust typosquat (finch-rust) that loads sha-rust to steal credentials, using impersonation and an unpinned dependency to auto-deliver updates.

By Kush Pandya  -  Dec 05, 2025