diff --git a/Cargo.lock b/Cargo.lock
index ba7aa94..04579b1 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1610,6 +1610,7 @@ dependencies = [
  "log",
  "mail-send",
  "pbkdf2 0.12.2",
+ "regex",
  "serde",
  "sha2",
  "sqlx",
diff --git a/Cargo.toml b/Cargo.toml
index 19baacf..1c4c33a 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -20,4 +20,5 @@ actix-web-httpauth = "0.8.0"
 sqlx = { version = "0.7.1", features = ["runtime-tokio", "mysql", "chrono"] }
 uuid = { version = "1.4.1", features = ["v4"] }
 chrono = "0.4"
-mail-send = "0.4.0"
\ No newline at end of file
+mail-send = "0.4.0"
+regex = "1.9.3"
\ No newline at end of file
diff --git a/src/api/account/handlers.rs b/src/api/account/handlers.rs
index 6f8b625..c4c8dcc 100644
--- a/src/api/account/handlers.rs
+++ b/src/api/account/handlers.rs
@@ -5,7 +5,7 @@ use crate::{
 };
 use anyhow::Result;
 use log::info;
-use mail_send::{mail_builder::MessageBuilder, SmtpClient, SmtpClientBuilder};
+use mail_send::{mail_builder::MessageBuilder, SmtpClientBuilder};
 use sqlx::MySqlPool;
 
 fn is_sql_injection(string: &String) -> bool {
@@ -33,6 +33,12 @@ pub async fn register(
         return Ok(data::RegisterResponse::Blocked);
     }
 
+    let email_regex = regex::Regex::new(r"^([a-z0-9_+]([a-z0-9_+.]*[a-z0-9_+])?)@([a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,6})")?;
+
+    if !email_regex.is_match(&request.email) {
+        return Ok(data::RegisterResponse::MalformedEmail);
+    }
+
     if Account::from_username(pool, &request.username)
         .await?
         .is_some()