Re: [Extra] Email header / address parsing
Timo Sirainen <timo@sirainen.com> Wed, 02 September 2020 00:52 UTC
Return-Path: <timo@sirainen.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B34DD3A08D8 for <extra@ietfa.amsl.com>; Tue, 1 Sep 2020 17:52:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cwIslzd7auPg for <extra@ietfa.amsl.com>; Tue, 1 Sep 2020 17:52:02 -0700 (PDT)
Received: from sirainen.com (mail.sirainen.com [94.237.26.55]) by ietfa.amsl.com (Postfix) with ESMTP id C18713A08D6 for <extra@ietf.org>; Tue, 1 Sep 2020 17:52:02 -0700 (PDT)
Received: from [192.168.0.101] (unknown [213.114.131.212]) by sirainen.com (Postfix) with ESMTPSA id E914A2B3C89; Wed, 2 Sep 2020 00:52:00 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
From: Timo Sirainen <timo@sirainen.com>
In-Reply-To: <1d266c79-1f46-3b66-1598-c0413af9779@taugh.com>
Date: Wed, 02 Sep 2020 02:52:00 +0200
Cc: extra@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <CD54ECDD-5B0E-4ADF-B799-4FB0DF2F43BC@sirainen.com>
References: <20200901174151.C75881F59628@ary.qy> <8A38854C-8914-4200-8EB3-4BFA5B03B5E0@sirainen.com> <1d266c79-1f46-3b66-1598-c0413af9779@taugh.com>
To: John R Levine <johnl@taugh.com>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/BavsWTNvFHf6PTR4K6cBB0bJCbg>
Subject: Re: [Extra] Email header / address parsing
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Sep 2020 00:52:05 -0000
On 2. Sep 2020, at 0.35, John R Levine <johnl@taugh.com> wrote: >>> Don't we already have a "don't do that" rule for invalid syntax? >> >> Sure, but that's causing security problems nowadays. Would be nice to try to prevent those. > > I meant that if the header is invalid, don't try to parse it into an envelope entry. That seems conservative and safe. There are certainly parsers that will accept invalid syntax, which is where don't do that applies. It does seem a bit harsh though. There are real emails that attempted to be correct, but failed due to some bugs. Especially bad are the emails where there are multiple addresses and some of the comma-separated addresses are invalid and some of them are correct. Should ENVELOPE then show the entire header as if it didn't exist, without any clue that it was invalid? I was thinking .INVALID or some such similar way of marking them might be more nicer.
- [Extra] Email header / address parsing Timo Sirainen
- Re: [Extra] Email header / address parsing John Levine
- Re: [Extra] Email header / address parsing Timo Sirainen
- Re: [Extra] Email header / address parsing John R Levine
- Re: [Extra] Email header / address parsing Timo Sirainen
- Re: [Extra] Email header / address parsing Arnt Gulbrandsen