Underscores in host names

• Previous message (by thread): Underscores in host names
• Next message (by thread): Underscores in host names
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In article <1116377042.592906.137650 at g44g2000cwa.googlegroups.com> you write:
>Hello all.
>We have a client containing an underscore in the email address domain
>name.  Our email server rejects it because of it's violation of the RFC
>standard.  This individuals claim is that he doesn't have problems
>anywhere else and if this is going to be a problem he's "going to take
>his business elsewhere"!
>
>I understand it's a violation of the standard, but does it pose a
>security hole to the email server to allow this sort of mail?

No *security* hole as such, other than you need to make sure that if you're
going to accept such cruft, you make *damned* sure that you never leak it
back out and have some *other* standard-conformant site get on *your* case
about it....

Oh, and make sure that none of *your* automated tools that summarize maillogs
and the like choke on it. And that your e-mail admin is using software that
doesn't choke on it (otherwise if they send you e-mail, you can't reply.. ;)

You may want to balance the costs of making sure that *all* your stuff is
underscore-ready  (don't forget ongoing maintenance costs, as you'll probably
have to re-patch each new release of any tools) against what this customer is
willing to pay you.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20050517/fa7d0dfd/attachment.sig>

• Previous message (by thread): Underscores in host names
• Next message (by thread): Underscores in host names
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]