diff --git a/app/main/validators.py b/app/main/validators.py
index b33e9f162..10c56a149 100644
--- a/app/main/validators.py
+++ b/app/main/validators.py
@@ -35,6 +35,6 @@ class ValidEmailDomainRegex(object):
             ' <a href="{}">contact us</a>').format(
                 "https://docs.google.com/forms/d/1AL8U-xJX_HAFEiQiJszGQw0PcEaEUnYATSntEghNDGo/viewform")
         valid_domains = current_app.config.get('EMAIL_DOMAIN_REGEXES', [])
-        email_regex = "(^[^@^\\s]+@[^@^\\.^\\s]+(\\.[^@^\\.^\\s]*)*.({}))".format("|".join(valid_domains))
+        email_regex = "[^\@^\s]+@([^@^\\.^\\s]+\.)*({})$".format("|".join(valid_domains))
         if not re.match(email_regex, field.data):
             raise ValidationError(message)
diff --git a/config.py b/config.py
index 0685195a5..d91ff3f83 100644
--- a/config.py
+++ b/config.py
@@ -37,16 +37,16 @@ class Config(object):
     WTF_CSRF_ENABLED = True
 
     EMAIL_DOMAIN_REGEXES = [
-        "gov.uk",
-        "mod.uk",
-        "mil.uk",
-        "ddc-mod.org",
-        "slc.co.uk"
-        "gov.scot",
-        "parliament.uk",
-        "nhs.uk",
-        "nhs.net",
-        "police.uk"]
+        "gov\.uk",
+        "mod\.uk",
+        "mil\.uk",
+        "ddc-mod\.org",
+        "slc\.co\.uk",
+        "gov\.scot",
+        "parliament\.uk",
+        "nhs\.uk",
+        "nhs\.net",
+        "police\.uk"]
 
 
 class Development(Config):
diff --git a/tests/app/main/test_validators.py b/tests/app/main/test_validators.py
index 1bebf9d84..4e89d089f 100644
--- a/tests/app/main/test_validators.py
+++ b/tests/app/main/test_validators.py
@@ -1,4 +1,8 @@
+import pytest
 from app.main.forms import RegisterUserForm
+from app.main.validators import ValidEmailDomainRegex
+from wtforms import ValidationError
+from unittest.mock import Mock
 
 
 def test_should_raise_validation_error_for_password(app_, mock_get_user_by_email):
@@ -45,3 +49,63 @@ def test_invalid_email_address_error_message(app_):
             mobile_number='4407888999111',
             password='1234567890')
         assert not form.validate()
+
+
+def _gen_mock_field(x):
+    return Mock(data=x)
+
+
+@pytest.mark.parametrize("email", [
+    'test@gov.uk',
+    'test@test.test.gov.uk',
+    'test@test.gov.uk',
+    'test@mod.uk',
+    'test@ddc-mod.org',
+    'test@test.ddc-mod.org',
+    'test@gov.scot',
+    'test@test.gov.scot',
+    'test@parliament.uk',
+    'test@gov.parliament.uk',
+    'test@nhs.uk',
+    'test@gov.nhs.uk',
+    'test@nhs.net',
+    'test@gov.nhs.net',
+    'test@police.uk',
+    'test@gov.police.uk'
+])
+def test_valid_list_of_white_list_email_domains(app_, email):
+    with app_.test_request_context():
+        email_domain_validators = ValidEmailDomainRegex()
+        email_domain_validators(None, _gen_mock_field(email))
+
+
+@pytest.mark.parametrize("email", [
+    'test@ukgov.uk',
+    'test@gov.uk.uk',
+    'test@gov.test.uk',
+    'test@ukmod.uk',
+    'test@mod.uk.uk',
+    'test@mod.test.uk',
+    'test@ukddc-mod.org',
+    'test@ddc-mod.org.uk',
+    'test@ddc-mod.uk.org',
+    'test@ukgov.scot',
+    'test@gov.scot.uk',
+    'test@gov.test.scot',
+    'test@ukparliament.uk',
+    'test@parliament.uk.uk',
+    'test@parliament.test.uk',
+    'test@uknhs.uk',
+    'test@nhs.uk.uk',
+    'test@uknhs.net',
+    'test@nhs.net.uk',
+    'test@nhs.test.net',
+    'test@ukpolice.uk',
+    'test@police.uk.uk',
+    'test@police.test.uk'
+])
+def test_invalid_list_of_white_list_email_domains(app_, email):
+    with app_.test_request_context():
+        email_domain_validators = ValidEmailDomainRegex()
+        with pytest.raises(ValidationError):
+            email_domain_validators(None, _gen_mock_field(email))