Normalizing Email Addresses for minFraud

When providing an email address as an input to the minFraud services, you can provide it either as plain text or as an MD5 hash.

If you provide the email as an MD5 hash, it’s important that you normalize it before generating the hash. Otherwise minor, inconsequential differences could cause minFraud to consider it a different address.

Our client APIs do this for you if you enable sending the MD5 hash. This is the recommended way to do this.

Normalizing email addresses

If you are not able to use our client APIs, you can normalize an email address yourself. Below are the steps to take to do this.

  1. Trim whitespace from both ends of the address.
  2. Lowercase the address.
  3. Find the local part of the email (before the @) and the domain (after the @).
  4. Trim whitespace from the beginning of the domain.
  5. If the domain ends with any number of periods, trim them off.
  6. Convert international domain names (IDNs) to ASCII. For example, you can do this in Java using
  7. Check for typos in the domain names (for a complete list of typos we correct for, you can consult the normalization code in one of our client APIs below).
  8. If the domain ends with a repetition of .com (,, etc.), replace with a single .com.
  9. If the domain ends with .com followed by any extra characters, the extra characters are removed (i.e., .comxyz is replaced with .com).
  10. If the domain is with any leading digits, it is replaced with (i.e., is replaced with
  11. If the domain is or any of the fastmail domains, replace the email local part with the subdomain (i.e., is replaced with
  12. Fix common typos in domain names. You can see a list of typos we map in our Java client API.
  13. Remove alias parts from the local part. For addresses at the domain, or other domains affiliated with Yahoo, this is everything after and including the first - character, if present. For addresses with all other domains, this is everything after and including the first + character, if present.
  14. Put the local part and the domain back together to form the normalized email address.
  15. Calculate the MD5 hash.


You can review the code in our client APIs see how to normalize an email address in various languages.

This page was last updated on June 6, 2023.