In hook.js, you'll find a piece of code to ensure that new users' emails match certain criteria.
You'll have to deploy it as a "Pre User Registration" hook at https://manage.auth0.com/#/hooks.
Additionally, enable the "Force Email Verification" rule in https://manage.auth0.com/#/rules - otherwise, new users can sign in without confirming their email addresses first.