Tell HN: I can't buy a PS4 because of my email

57 points by kaeruct ↗ HN
Just wanted to share this because I think it's ridiculous.

I happen to have an email with one of the newer TLDs (like .pizza or .website). This somehow makes me unable to check out on the sony website.

See: https://imgur.com/a/gL0u6JY

Of course, the real error is swallowed by their frontend and all I can see is that an error has occurred. I have to dig into the network requests to find out the real reason why they don't want to take my money. Who comes up with this? Why is email validation still a problem in 2022?

How can a normal internet user figure this out? If I wasn't a web developer I would have given up.

137 comments

[ 8.1 ms ] story [ 181 ms ] thread
Well, a "normal" user probably wouldn't have an email address with one of those TLDs, for what it's worth.
I can't use my ".me" email domain on Facebook. That's a regular country domain that could be from a "normal" user.
Your email would probably be valid according to the pattern in the screenshot, which expects a TLD between two and four characters. Not sure what Facebook has to do with it, but your address is probably "normal" to Sony.
My point is mostly that email validation is broken in a lot of places even if it's not a "weird" ending.
But a normal developer still can allow users to have email on TLD with more than 4 letters anyway. Thank's God a webpage unless an app does not forbid to look at the code full of fancy regexps.

It reminds me a situation when I could not register a bank account and nobody could help me, even the official support. There was (maybe even still is) an issue when the webpage tells me that my password must contain 4 digits but it did not tell that that digits must be in one chunk (abcd1234 or a1234bcd but not a1b234cd). Several friends of mine had to show me their passwords until I realized that their digits are not sparse.

You shouldn't check for a specific list of TLD's, you're going to get it wrong.
The validator in the screenshot doesn't check for a specific list. The examples .pizza and .website would not validate because the pattern expects a TLD between two and four characters long.
Have you tried contacting their customer support? Twitter shame them?
Why would you buy new base PS4 in 2022?
Maybe because getting a PS5 is still difficult in most places
Getting a PS5 consists of signing up for Telegram alerts and waiting for stock alerts. Within 1-3 weeks you’ll snag one.

In my opinion it makes sense to be patient for 3 weeks and get a PS5, which will surely be relevant for 5-7 more years.

Keep in mind, PS4s are also difficult to find right now. They are still selling at the full $300 retail price if you can even find one, and used on eBay they are $250. Why pay $250 for a console that will stop getting new games this year or next year?

Now granted, OP seems to be in a different country so maybe these circumstances are different for them but in the US certainly it does not make sense to buy a PS4, for the same price you can buy an Xbox Series S.

or maybe they are too busy with the rest of their life to wait for telegram alerts, clicking on the link in time, checking out, etc etc?
It’s not a synchronous task. You don’t have to block your life, you set an alert and when you get the alert, you try to buy it. It takes 5 minutes for an attempt, and if it doesn’t work you try again next time.

I know, because I did it when the shortage was at its peak. I set up telegram alerts and I kept my personal laptop on standby. If an alert came in, as long as I wasn’t in a work meeting, I opened my laptop and quickly followed through to the link.

It just takes a little bit of patience but it’s not too bad. But hopefully the shortage improves soon and this will no longer be necessary.

(comment deleted)
Email validation should just be sending a confirmation email. Otherwise you end up with a super large regex and having to update it every time there is a new TLD.
I'd imagine the regex just doesn't get updated, leading to this exact problem.
No sane person keeps a list of all TLDs in a regex. It's huge and they keep changing.
Indeed, that would truly be some insane regex and unfeasible to maintain. Here is the official list of registered TLDs from IANA: https://data.iana.org/TLD/tlds-alpha-by-domain.txt

> Last Updated Wed Mar 16 07:07:01 2022 UTC

Have fun keeping up-to-date with it.

If you wanted, you could parse the list and build dynamically the tld portion of the regex.

But also, you can get the tld and match it against the list, then send an email.

The regex in OP's screenshot just says that it needs to end with between 2 and 4 characters after the last dot.
The point is that you shouldn't ever be in that position to begin with. Maybe your regex does some simple sanity checks but you shouldn't ever be baking assumptions about the TLD into it. The confirmation email should do the heavy lifting.
The only real regex that would be relatively future-proof is one that checks that there is a "@" and a "." somewhere in the address, and that the "@" comes before the last ".". Anything else is a fool's errand.

Actually, even trying to use regex to see if a email is valid is a fool's errand, but if you have to, the rule above is the only thing you could do. You really need to send a email to address and ask the user to input something from the email in order to actually validate it.

ICANNlandgrab@sony
Great work, I put three basic rules in my comment and you failed two of them :)
Theoretically a MX record on a TLD is valid, but I doubt many try to use that.
Perversely it depends. With older and country TLDs yes, with the new ones no... I'm not even joking... This isn't RFC, but ICANN...
Indeed I couldn't find a brand TLD with an MX, but there does seem to be an MX on ua, so "support@ua" is a valid email with no "."..
I noticed that .nft was missing and spent about 30 minutes trying to google how one goes about registering for one and gave up. Someone else will make that killing.
that means that this is valid,

    @.
They did say "there is a" not "there is only a". In the end it doesn't matter though, they can't get confirmation mail delivered to that and nothing bad happens.
Retail stores should still be an option.
What are the odds he'd still be locked out of any online features that require a Sony account?
It's pretty ridiculous. But it's also pretty common. I'd highly recommend getting a new email address if you don't want to continually run into these problems.
Sony's playstation billing system is a mess and always has been.

Forward slashes in addresses (e.g. <floor>/<apartment>) cause similar mysterious errors.

Email validation keeps being a problem because the rules keep changing. The assumption that .pizza is not a valid TLD was valid before, but is not valid anymore, but not everyone has updated themselves to understand these new rules.

It could also be that they see a lot of fraud from people using non-traditional TLDs (basically the gTLDs) so they block those, but serve some generic error that looks like their email is not actually valid.

But then email validation has basically always been an issue. The only real way of validating emails is to send an actual email to specified address and ask the user to input something that that email contains, but that adds a lot of work than some simple regex.

I also used to use a uncommon gTLD, but then we're not "normal internet users", at this point at least, maybe in the future. Best work-around I came up with is having a traditional TLD that I can use when the system doesn't work with the email I usually use. I think this is the best thing you can do moving forward, because Sony is not the only ones fucking this up, there are plenty of services that don't accept your email if you use something like .pizza, .app or any other common gTLD.

Edit: I should clarify. "Rules" is referring to regex rules, for the ones who are engaging in the fruitless endeavour of trying to validate emails with regex, not the "rules" as the specifications for what emails addresses are actually valid. I restate what I said elsewhere: only proper way to validate emails is by sending a email to the address and make the user input some data you sent in said email. Anything else is bound to not work for X% of users.

> because the rules keep changing

the single relevant rule is the same ever since:

do an opt in. The spelling of the email address is of zero relevance and must not be nosed at.

You forget one thing: People make typos.

Assuming Sony blocks all LEN(TLD)>3, do you think they’ll lose more customers than they’ll lose from them not getting their validation mail because they typoed their mail?

I’d bet that the first group is far smaller than the 2nd.

Now instead of blocking it would be nice if they just asked if you are really sure that’s your email, but it’s probably still better than just accepting everything and trying to send a confirmation, both from a business and from a customer-friendliness perspective.

haven't forgotton. Typos happen not only in the tld. So check and warn if you will. But indeed let it happen and don't gag people.

You need the opt-in and have people confirm or repeat in case.

Ran into this issue at one of the job. Developers wanted to implement validation based on RFCs.

But QA and business refused to believe RFC rules and instead wanted their own rules. Guess what we end up implementing.

What did you end up doing? Anything more than checking if the string contains @ is wrong, and you should be able to find dozens of articles supporting this argument by now.
We checked for dot in addition to @. There was probably also check for special chars which makes sense, iirc.

One win we had was, we didn't hardcode any tlds.

even a RFC doesn't guarantee the existence of a mailbox - if the address e.g. has a typo in the name.

And own rules very much sounds like management ever wanted to invent something.

> The assumption that .pizza is not a valid TLD was valid before,

Why do you think so? We didn't have a strict set of TLDs before as far as I know. We just stagnated for a long time. But the list of TLDs has changed many times with countries being created/renamed. If you saw .pizza or .zx, systems should've behaved the same - tried resolving.

> Why do you think so?

Because .pizza wasn't a valid TLD before 2014 when it got delegated? Don't know what to tell you, .pizza haven't always existed, it's a relatively new gTLD that got introduced by the new gTLD program by ICANN.

But I agree with you in general, trying to validate emails with regex will never work in practice, and has lots of issues. Only real way to validate a address is to actually send email, ask user to input data from said email.

"trying to validate emails with regex will never work in practice"

Of course it does. It just depends on how you define 'validate emails'. Your statement is ambiguous. The Friedl has an entire appendix on a single regex that validates an email address to the format described in RFC 5322, although of course maybe a proper parser would be better, from a technical perspective. However, an email address being in the right format does not ensure that the user that email address is 'associated' with (for whatever definition of 'associated' that is appropriate to the application we're talking about) can/will actually receive emails send to that address.

You should do both. Do a first 'pass' validation to check the user didn't make a type. This is more for user convenience, as this can give immediate feedback. And then send an actual email to see if email is deliverable there.

The problem here is not that they checked the format. The problem is that they check the wrong way. Although it's not entirely unthinkable that it's sometimes appropriate to add additional constraints to which addresses you want to accept, e.g. banning certain tld's, or even only accepting whitelisted ones. If your fraud stats say that doing that reduces loss, it's not unreasonable to add such a third filter layer.

Valid and delegated are different things. It didn't resolve to anything on the public internet, but it was a valid label and you could use it internally just fine. Just like .ITotallyMadeItUp is valid right now.
Before the point where TLDs became a free-for-all, were there any that were more than 3 characters?
The rules never changed, the TLD list did. The problem is that people like to put restrictions on which emails are "normal" and which are not. I wouldn't be surprised if websites like these only accept Gmail and Outlook email addresses with their nonsensical restrictions.

Blocking an entire TLD because of fraud is insanity. There are plenty of realistic looking domains available for cheap in the dot com TLD, no need to go for dot pizza or dot dev to bypass spam filters.

>Blocking an entire TLD because of fraud is insanity.

Wikipedia does this with .xyz links. When I asked about this (I wanted to put a link to finl.xyz on my user page), I was told that this was because of link spamming.

.xyz gets your spam score increased as well by a lot of mail filters. Price and stricter TLD rules do work as a deterrence to abuse.
Meanwhile xyz is a perfectly legit tld for sites about 3d printing, cnc machining, 3d modelling, etc. But get stigmatized and prejudged through no fault of their own. It's like name racism.
(comment deleted)
The rules never changed. One should only match if the email contains "@" (or better, use browser email inputs), and do the verification by sending an email to it (as you said). Validating TLDs was never a good idea, and still isn't.

Yes, you can put UX helpers for spelling mistakes on most common domains (gmail…) (helps the majority), but never make it a hard error. It's that simple.

IIRC the RFCs for email address specify mandatory local-part@domain. Not just @.

edit: https://datatracker.ietf.org/doc/html/rfc2822#section-3.4.1

The RFC has a specified regex for validating email that absolutely nobody uses. Given that, matching on an @ (if you do it at all - even that is a bad idea. Just send an email) is the easiest approach that you're least likely to mess up.
Totally agree with just sending an email and see if it sticks.

Perhaps tech giants could sponsor a new RFC for email addresses.

A tech giant sponsored RFC would just be what (US) tech giants feel is convenient and nothing else. I am vehemently opposed to them getting an even bigger say in how the internet works, it's going downhill fast enough as it is.
A normal internet user would probably have a Gmail or another popular email address.

As a web developer, I'm sure if you really want it one, you could create a quick throwaway email address using a small array of services.

Let's think about how strange this as far a bit, if you have a smartphone at all, you'll either have an email address provided by Apple or Google. Google. If you choose not to utilize either one of these, that's your choice.

At the same time, Sony has never been good with web technology, the PS4s online play has always been less feature-rich than Microsoft's offering.

Nice victim blaming
It’s really not victim blaming. But it’s still bullshit nonetheless. The amount of power consolidated between Gmail, Outlook, iCloud, and other top providers is problematic. Imagine how much damage they could cause by cancelling accounts for a political dissident. We see the chaos here on HN all the time when somebody gets their account mistakenly closed for “fraud” by an AI mistake.

There’s definitely a big problem here with email, and I don’t know what the solution is.

I have an iphone, it has various mail accounts on it, including my work one (.co.uk), my home ones (.net and .com), and an old gmail one.

I have no idea about any apple email addresses.

A 'normal internet user' has an email address, the format of which is probably specified in some decades old RFC.

Nothing else but the format should be checked and ANY kind of error should be properly communicated.

I had two situations recently that cost me a substantial amount of time and effort, due to f**ed up email handling and non-communication to the user.

Once I tried to sign up to Pinterest with my personal catch-all domain using the emai pinterest@mydomain.tld. Only received random errors no matter what browser and IP I tried, had to contact 'support' (three levels of bots) to eventually find out that 'pinterest' is a reserved word because of which they would not accept my email.

Second situation in a hotel trying to connect to WiFi via a captive portal. Using email hotel@mydomain.tld (which I used to check in and was thus required to use in the portal) the page just refreshed again and again without throwing a user facing error. After significant back and forth at the reception I was educated that I was only allowed to use private / personal emails (meaning GMail). My own domain wasn't personal enough...

Both situations could have been rectified easily if proper errors would have been communicated.

Of course it's ridiculous.

However, the solution is also obvious: get a new email address in a different domain specifically for this purchase. Free, paid, buy a new domain: all of these are options.

Use Firefox relay to quickly set one up and forward it to you. I'm assuming you don't need to respond to these emails. If its one way traffic (from them to you) FF relay can most probably help you.
Apologies, I read it as an "ask HN" and wrote this. Disregard if you've already found a solution
You can buy one, just use another email. You are welcome!

>How can a normal internet user figure this out? If I wasn't a web developer I would have given up.

A normal internet user will have a gmail or outlook mail address, not a .pizza one.

Those are definitely the most common but a normal user might also not know it matters and sign up for a novelty email service so theirs can sound cooler.
It isn't excusable. Email validation should be in the form of sending an email and clicking a link, not some 90s era regex.
Maybe "normal users" are not a good parameter for comparison after all.
This is great in theory. In practice you can get banned from your provider due to a high bounce rate.
Then that's a problem with the provider. I'm not completely ignorant of the inherent issues of email and spam, but solutions shouldn't be user-hostile.

If a "is this real" filter is required, they should write a script to check for new TLDs daily.

A problem with the provider that leads to an issue with the service is also an issue to thee service.
A normal internet user may also have a custom domain, like 90% of all companies do.

A normal internet user may also be in a country where ".com" is not the main TLD.

Granted, .pizza is unusual, but there is no valid excuse for not supporting it, and systems that fail to use it likely also fail other completely "normal" email addresses due to other invalid email validation like assuming a TLD has one dot, that an email address has a certain arbitrary max length, or because they failed to enumerate even common TLDs.

The only proper way to validate an email is to send an email to it.

Microsoft does not allow me to use my @kroltan.com email as a recovery email, because "you're not supposed to use business emails as a recovery". I can define what is a business email or not myself, Thank You Very Much.
> A normal internet user may also be in a country where ".com" is not the main TLD.

In my experience ccTLDs are always supported (I've used some funky ones over the years like .sh and .dj), while newer general ones (like .online) are sometimes rejected. My "solution" is to keep a ccTLD to use as an email alias.

Their regex fails on some valid ccTLDs:

- .香港 is a valid ccTLD (for Hong Kong)

- .xn--j6w193g is a valid ccTLD (punycode transliteration of the above)

There's a growing number of users with addresses ending with .email. Unfortunately, the same issue applies to .email domains.

Regardless, the issue is in the validation end here. There's public lists with valid TLD's and any email address validation should ensure valid email addresses are let through.

why would you even try to validate the TLD anyways? Just let it through. If the TLD doesn't exist, it will error out when querying the domain name anyways. Using public TLD lists runs the risk of the list going outdated.
Well, I get if you want to verify the submitted data is an actual email address, and checking the TLD is a valid way of doing it. It does seem excessive, though -- as you said, it will bug out on sending the email if it isn't valid.
This is the reply I got from AT&T customer service, when they were sending me all their new subscriber info for people who wanted a cell phone but didn't have email. They assumed my email address was fake. The office of the CEO didn't agree, when I started posting all my new account info online. It was as bad an answer then as it is now.
A normal user will have anything that any cpmpany offers to sell them.

A normal user does not know about common unsafe assumptions in every aspect of programming and IT integration.

Once the option to get foo.pizza exists, absolutely a ton of normal users take it, just like they do everything else.

There are plenty of websites that only accept emails from common providers, like gmail.com, yahoo.com, etc. Forget about personal domains. Well, at least they usually tell you that in an error message.
my main email is 42 characters long. You would not believe how often my email gets rejected because it's >40 chars. I mostly experience by startups which launch a MVP via producthunt. So my guess it, it is in some framework or library....
Why would you try to use a 42 characters long email when you seemingly have access to shorter ones?

From your HN profile:

> fe {at} f19n .dot. com

Are you really commonly using a 42 characters long email? How does that work when you fill out paper forms that asks for emails? I usually use one that is 16 characters in total (including the domain part), and I already sometimes cannot fit it on the papers.

i have access to the shorter one (i.e. for paper forms), but it's a mail-redirect. my logins are unified over my "real" one.
Because people have longer names. I just "love" how anglosphere programmers just assume so many wrong things.
I love how people assume others are "anglosphere programmers". For the record, my official name is 40+ characters and I'm neither from nor live in any english speaking country.

But peoples official names have nothing to do with your personal email addresses, as you usually get to choose whatever you want for those.

Well there was that explanation or one other I won't mention. So you have a relatively long name and you are still asking why someone would use their real name in an e-mail?

Because almost everyone else is, they should be able to too. It's not very difficult to understand really.

> So you have a relatively long name and you are still asking why someone would use their real name in an e-mail?

Yes, this is precisely why I'm asking, I have a long name but won't use my full name for my email because it is just that, long. Even with my abbreviated email address I'm having a hard time to fit it on forms, why would I make my life even more difficult and use my full name when I can chose whatever I want when creating my email address? It's not very difficult to understand really.

And yeah, life is unfair if you're different, because different things were built for different things. Understanding this is also not very difficult to understand. As someone not-from-the-anglosphere, you learn to try to workaround where your abnormalities don't fit in, otherwise you miss out.

I guess I now understand your position, the question is fair but I think its fundamentals are wrong. There's no benefit to accepting, forgiving and finding workarounds for out-of-spec behaviour that causes arbitrary unfairness.

The discussion should end at the conclusion that (those) programmers should write better code, they have written bad code and not that the victim should adapt around the bad code.

I agree that everyone should do better work, programmers including. But that doesn't actually solve anything at hand.

I guess are difference is that I'm seeing this as a practical issue that has a pragmatic solution, at least for me, since I care about moving on with my day, while you feel it's better to just give up and not use something if you can't use your email address for it.

The benefit for finding workarounds is that you can still use that thing you were trying to use.

It might be a work address (easily done with john.doe@acompany.com), but 40 is not very much though regardless...
To be fair, a form that doesn't fit 16 characters is just asking for trouble. "@gmail.com" alone is already 10 characters, so that would not fit most people's email addresses given few people will have a 5-character username. Of course, on a paper form you can always just ignore the boxes and write more...
I do have a "normal" email that I use for websites like this. I changed my email on my sony account to that.

The biggest gripe I have with this situation is that it was almost impossible to figure out what the real problem was. I had to dig into the request to find the error that the frontend refused to show me.

If they allow me to register an account with a weird email, why does having that weird email prevent me from paying?

>If they allow me to register an account with a weird email, why does having that weird email prevent me from paying?

Often times the merchant or payment processor has different systems entirely (and data is simply scraped from the form and input into their system for you).

Its happened to me before as well. Specifically when donating to my local PBS station...

So the operator doesnt care what your account name is, but the merchant they use to process payments/ensure PCI may care.

I don't think they were really asking. I think they were pointing out that there is no evidense of this from the user's interface.

They go to site x and it fails in inconsistent and unexplained way. It is correct to stick to that and pretend you don't have special insight into sepeerate building blocks and service boundaries behind the scenes.

I have this problem.

My email is <catchall>@david.kitchen and for most shops I will give them <shop>@david.kitchen .

Mostly it works.

But when it doesn't work it really doesn't work. And this is OK. If they don't support one of the recent TLDs then I can just fall back to using a throwaway email address. Or if I really need the item I will shop elsewhere :shrug

The annoying edge cases:

1. When <catchall>@david.kitchen works but <shop>@david.kitchen didn't work... like they're actively trying to fight the use of unique email addresses.

2. When <catchall>@david.kitchen works for registration on a web site, but doesn't work for signing in on their mobile app. Because the app enforces different email validation than the website. This is pretty annoying, especially as some apps will put the "change email" functionality in the app... rendering the account useless.

3. When <catchall>@david.kitchen works for registration on a web site, but doesn't work for the payment provider and checkout section. This is by far the most frustrating as you've got so far and are invested in the purchase and now you're stopped. I have contacted vendors about this, it's brain dead.

When email validation fails it's not because they are using a hard-coded list of domains, it's usually because they have a regexp pattern and only consider a 3 letter suffix valid.

I do tell web sites I have this issue, and sometimes they listen. Mostly I take my business elsewhere. Oh well, my choice to have a "difficult" domain name.

Also: People really don't understand email addresses. "What's your email?", "oh it's <shop>@david.kitchen", "If you work for us you're eligible to the staff discount, do you have your ID card?" - This happens, or some confusion of it, more than I would expect.

If you have a catchall, why not simply put <anything unique>@david.kitchen instead of <shop>@david.kitchen, and then use previously received emails to do any eventual pinpointing ?
I used to do this, and if signing up online it's fine. But IRL I'm not on my phone generating the email address when asked at the checkout. That inconsistency meant duplicate accounts, and TBH I figured I was making things excessively complex and <shop>@david.kitchen was perfectly sufficient for my goals.

My goals are just to identify who was compromised when an email address leaks, and secondarily to prevent entirely unconnected merchants or organisations from trivially joining the dots on a connected identity. In both cases good enough is good enough and I'm not trying to achieve perfect security or privacy with email as that's virtually impossible.

My goals are similar. I don't have a catch-all configured, but I have shop@example.com, and often use it with +aliases. Something like shop+epicgames@example.com.

I don't have to set those up on my phone, and I generally found cashiers and other customer service to be understanding (they mostly do not ask twice, except for confirming that "plus" is indeed "+"). Once I was looked at like I didn't understand what an e-mail address was supposed to be, until I told them my custom domain name.

That works fine for the majority of use-cases, but some refuse the "+" character, others (rarely) refuse my custom domain. Once, a shop refused to have its name.

For the edge-cases, I generate a new e-mail address, and sometimes drop them an annoyed e-mail with a technical explanation of what's allowed and how to check for it.

I think most client-side verification is here to avoid typos, but it shouldn't lock out the unexpected. Websites might have more success asking users to double-check unusual e-mail addresses or likely typos (like @gamil.com or smantha.lastname@... -- typo in first name), without outright rejecting them.

I do something like this.

It's on a .com domain I've had forever. There are a few inboxes for different people. There is a regex for each and if it matches, it goes in that inbox.

An example rule, it must contain 'zy' in the user and it gets rerouted to inbox 1. If it contains 'yz' it gets rerouted to inbox 2.

so, shopzy@example.com and shopyz@example.com

When the conversation about "oh, you work for us?" started to get too repetitive, I'd just start using "Caesar +1" for the name, that is, <tipq> instead of <shop>.

The problem is that I'd still received a lot of spam. Tried graylisting and other methods, but a hard rule (i.e. name must end in a number) ended up working better.

Another amusing thing about using a personalized catch-all is finding out who had their users' database hacked/leaked ...and, other than the common ones that we all know (the ones in have I been pwned?), I received some others that were kinda big (i.e. a Spanish airline company)

I don't even have a weird TLD. I've been using my domain 3e.org since 1996, and still to this day I get rejected by regexes that assume a domain name must start with [a-z].
OK that's the shortest privately-owned domain I've ever seen. Jealous!
A buddy of mine has 'ix.io' but .org is oldschool-er :)
I had ti.cm but lost it.
How do you lose a domain name?
The registrar didn't send me a reminder to renew the domain.

Lesson learned: If a domain is important to you, set up your own reminder to renew.

I wonder if a .sony email address would be rejected
You have just prompted me to check our email validation, all fine, thanks!

Interesting aside, I run an online store, something like 90% of customers have an email address from one of a main providers - MS, Google, Yahoo, Apple, and as we are in the UK BT.

We have also seen a significant correlation between customers with a @btinternet.com or @yahoo.com and those that contact support more. You could say they are significantly more likely to be "difficult" customers.

Of course my parents have a @btinternet.com email address...

Finally, Yahoo has by far the worst deliverability, all our email (transactional & support, not mailing list) get through to other providers but with Yahoo it's as much as 50% of email just disappears at times, it's not even in customers spam folders.

somewhat unrelated, but i would have thought buying a PS4 from amazon (or other reseller) would be cheaper then buying directly from Sony...
PS4s from resellers are very expensive right now because believe it or not, there’s a shortage of PS4s too. A used ps4 from a reseller is the same price as a brand new next gen Xbox series S.
wow interesting to know. I have a PS4 from 2014 gathering dust somewhere...
I had this with RedHat. I could not unsubscribe from a mailing list of theirs because the unsubscribe page, that was linked in an email sent to me, did not like a .digital TLD. They sent email to the address in the first place! Absolutely ridiculous.
I had the same issue at PlayStation, but with my own .com domain. I didn’t receive any validation emails on there, but after changing it to my gmail it was fine.

Watch out when trying to change it back to your custom domain. I tried that and was locked out of my account. Had to call PlayStation support to change it back.

Ugh, I feel your pain! I've had a .CC domain name for over a decade now, so this happens often to me. Happily, it is happening far, far less nowadays...so maybe in the future, more/other newer TLDs will be more accepted. Then again, .CC is technically associated to a country, so maybe its getting better because i think it is NOT technically a generic TLD. For this reason, and maybe other reasons to do with pseudo-privacy/pesudo-anonymity, maybe just have a silly, secondary email address from the big providers (e.g. gmail, yahoo, etc.) at your disposal...otherwise you will simply continuously bang your head against the wall with some of these services. ;-)
A normal internet user wouldn't need to figure this out, they wouldn't have a .pizza email, they'd have @gmail.com.

There are two approaches

1) You can complain that they aren't serving you, and take your money elsewhere. They see the lost revenue and fix the problem, or they decide the cost of supporting you isn't worth the profit

2) You can conform and get a more normal email address like 99% of the world. I have enough issues when I give people my own domain.com address as they are confused it doesnt end in gmail or hotmail

Most of the 1% that have the issues will conform, so you're left with 1% of 1% who draw a line in the sand. And that's great, good luck to you and the 35,000 other Americans that fit in that demographic. Big companies are interesting in the 99.99% that don't though.

(1) is a symptom of the centralising, automation, and reduction in costs of services. If you don't fit in the 99% pattern (or even 90% pattern), you are rejected as you're not worth it, that's the direction the world is travelling in (google etc drop your account automatically rather than spend the money to look at it manually, you can sometimes get redress via complaining to your social network if you're lucky)

>2) You can conform and get a more normal email address like 99% of the world. I have enough issues when I give people my own domain.com address as they are confused it doesnt end in gmail or hotmail

This one always makes me laugh. I got a quote from a garden center on some yard work last week. Guy was stunned i used my own TLD, made me verify it a couple times.

Then sends me an email from.....@soandsogardencenter.com.

I was a bit perplexed as to why it was confusing for him. I guess maybe he thought you had to be a company to have your own TLD. He definately didnt understand why i would run my own (which is totally fine, most arent really concerned with the minutia of email).

Sorry to tell you, but in your example the TLD is "com".

A TLD is not the same as a domain name, but rather a top-level domain (after the last dot).

I am aware. Was speaking colloquially. Maybe “custom domain name with email” would be better. But I was on my phone and just trying to get the point across.

It’s worth noting that while my email does use a .com as a backup, it’s primary is a gtld .email

Fantastic. Email handling is a canary for code quality. If a company can't parse a simple text string, they probably can't bring up efficient/bug-free cloud services and keep up with cybersecurity.
Give up. Sign up for an ordinary email, buy the PS4, get on with important things.

There are too many screwed up websites in the world to get hung up on somebody elses.