Re: [Extra] Email header / address parsing
John R Levine <johnl@taugh.com> Tue, 01 September 2020 22:35 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D6223A08DB for <extra@ietfa.amsl.com>; Tue, 1 Sep 2020 15:35:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=dtCNxpcx; dkim=pass (2048-bit key) header.d=taugh.com header.b=Wl3wJAKc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JJBZb0x7MqMI for <extra@ietfa.amsl.com>; Tue, 1 Sep 2020 15:35:11 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85F4E3A08C6 for <extra@ietf.org>; Tue, 1 Sep 2020 15:35:11 -0700 (PDT)
Received: (qmail 5560 invoked from network); 1 Sep 2020 22:35:09 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=15b6.5f4ecc9d.k2009; i=johnl-iecc.com@submit.iecc.com; bh=Dj+XgGg38uHb0vMTOGNCPX8eBWWpsgftTSD9shf6tz4=; b=dtCNxpcxpL0yToTyF/op0WXKhgf9zoyDmNZ4xAJy1TmFO5kUMD+KQmIUopY98H3VhEmkZcsTR8XUSqPCPHjCZfb7vQHSh3bMgZP0wfGRd+M//Lq74Zqz/tZHrKeD4BZBg+9SYPZNs6I4IvK3YNA3NhZnQVWI1UH3saI1iogWdO+WuvV+8yGj06zeJmOz4qUjXyI6xEgi3NFVAONT9J4KWSTNCRoN86Ch/YarP0QFTrdDrGssgayioAXm51vJrgMSPnHl793KhFxojEUyfgTR49hWnpu/sFUUaV34tW6XcCoeC8eYN2zhnaQMSk+aB/dOojHiV2uIVpL5bA8vhODePA==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=15b6.5f4ecc9d.k2009; olt=johnl-iecc.com@submit.iecc.com; bh=Dj+XgGg38uHb0vMTOGNCPX8eBWWpsgftTSD9shf6tz4=; b=Wl3wJAKcbc1dzH+pQeeoFlAZ3+dcRyUHjzwi9YrGg+sXnrJA3YB3oiJiXExDUgviFtGr/BH6mcX/4pIYJ9PMMCtvEr1jMFLsHPS4q3KBC+HMrQnZB8r+dDD+EVFokmDOWRqK9y1KXytdPCIWkehKtc7lqHSYrpseNf03ds1hFVeGgqOSpmNXBHHA1aB0reTMkawMUxON+sKefAcZIfwL+DDNCN8cbgZBtzDd8uXTNowDw1gl0ZXemf4imcL+0ihMixD8705lZKiL29AfDlGJczC4T7ANUywaex8i/ty42hINYJtz4689Ww1uM2m/xwv7m5a+UQ0lQaM9ctmerwTJTw==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 01 Sep 2020 22:35:09 -0000
Date: Tue, 01 Sep 2020 18:35:09 -0400
Message-ID: <1d266c79-1f46-3b66-1598-c0413af9779@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Timo Sirainen <timo@sirainen.com>
Cc: extra@ietf.org
In-Reply-To: <8A38854C-8914-4200-8EB3-4BFA5B03B5E0@sirainen.com>
References: <20200901174151.C75881F59628@ary.qy> <8A38854C-8914-4200-8EB3-4BFA5B03B5E0@sirainen.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/1Aq2pXVMuJawEb3hGn2UMVQLooE>
Subject: Re: [Extra] Email header / address parsing
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2020 22:35:13 -0000
> And '@' is not in atom. So it's not a valid address. Oh, right, it has to be quoted. >> Don't we already have a "don't do that" rule for invalid syntax? > > Sure, but that's causing security problems nowadays. Would be nice to try to prevent those. I meant that if the header is invalid, don't try to parse it into an envelope entry. That seems conservative and safe. There are certainly parsers that will accept invalid syntax, which is where don't do that applies. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly
- [Extra] Email header / address parsing Timo Sirainen
- Re: [Extra] Email header / address parsing John Levine
- Re: [Extra] Email header / address parsing Timo Sirainen
- Re: [Extra] Email header / address parsing John R Levine
- Re: [Extra] Email header / address parsing Timo Sirainen
- Re: [Extra] Email header / address parsing Arnt Gulbrandsen