Programmers with network engineering skills
Mark Andrews
marka at isc.org
Tue Mar 13 03:18:12 UTC 2012
In message <201203130131.q2D1VLXa087735 at aurora.sol.net>, Joe Greco writes:
> > Owen DeLong wrote:
> > > http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses
> > >
> > > You may have noticed my particular test wouldn't accept foo!bar!ucbvax!us
> er format addresses, either.
> > >
> > > It works well enough for my purposes. I did not claim it was perfect.
> >
> > Why not leave it to the MTA to decide what is a valid address? It only
> > requires a few SMTP commands to the MTA to know if it will accept it.
> > Normally the MTA will tell you after the "rcpt to:" command if it will
> > accept it (i'm ignoring some badly behaving MTAs who will swallow
> > anything and then bounce, no point trying to work around such crap).
> >
> > No need to re-invent the wheel, unless you're actually creating an MTA
> > or something similar.
> >
> > Who is to say that even IF your address verifier verifies it as valid
> > that the MTA is configured to allow it (or the other way around)? MTAs
> > can be arbitrarily configured to (dis)allow "bang path" addresses, IP
> > addresses etc.
>
> The ideal world contains a mix of techniques.
>
> You cannot just blindly leave it to the MTA to decide what's valid.
> Along that path lies madness. How do you pass the address to the MTA?
> Don't do it as a system() call unless you want someone to own your
> box with a semicolon.
Only if you don't properly quote/escape the arguments you are passing.
> Do you allow \n? \r? Do you allow \\? There
> is a certain amount of paranoia that is prudent, and a certain amount
> that is actually necessary... though it's true that implementations
> often don't bother to work that out correctly...
>
> ... JG
> --
> Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
> "We call it the 'one bite at the apple' rule. Give me one chance [and] then I
> won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CN
> N)
> With 24 million small businesses in the US alone, that's way too many apples.
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG
mailing list