diff --git a/app/models/user.rb b/app/models/user.rb
index 4c137d0..3adfb72 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -10,10 +10,12 @@ class User < ApplicationRecord
     password_salt.last(10)
   end
 
-
   has_many :sessions, dependent: :destroy
 
-  validates :email, presence: true, uniqueness: true, format: { with: URI::MailTo::EMAIL_REGEXP }
+  # validates :email, presence: true, uniqueness: true, format: { with: URI::MailTo::EMAIL_REGEXP }
+  validates :email, presence: true, uniqueness: true,
+            format: { with: /\b[A-Z0-9._%a-z\-]+@(student\.|)hs\-rm\.de\z/, message: "must be a student.hs-rm.de or hs-rm.de account" }
+
   validates :password, allow_nil: true, length: { minimum: 12 }
   validates :password, not_pwned: { message: "might easily be guessed" }