A new version (Build: 20.4.7629.1599 \[ 11-20-20 ]) of the sandbox was put up last night. This fix addresses the following way:
If an email address is appears to invalid it does not prevent the user from updating or importing; if gives a warning to the user that the email might be incorrect and they should check it.
All emails will be converted to lowercase to normalize them within the MFA server. Email addresses must be unique for each user within a tenant or password recovery (among other things) will not function as designed. i.e. wrong user gets the notification.