Re: regarding illegally formed address and commands

"D. J. Bernstein" <djb@koobera.math.uic.edu> Tue, 24 December 1996 09:03 UTC

Received: from cnri by ietf.org id aa16135; 24 Dec 96 4:03 EST
Received: from list.cren.net by CNRI.Reston.VA.US id aa04537; 24 Dec 96 4:03 EST
Received: from localhost (localhost.0.0.127.in-addr.arpa [127.0.0.1]) by list.cren.net (8.7.6/8.6.12) with SMTP id DAA11667; Tue, 24 Dec 1996 03:22:07 -0500 (EST)
Received: from koobera.math.uic.edu (koobera.math.uic.edu [128.248.178.247]) by list.cren.net (8.7.6/8.6.12) with SMTP id DAA11654 for <ietf-smtp@list.cren.net>; Tue, 24 Dec 1996 03:22:00 -0500 (EST)
Received: (qmail 29183 invoked by uid 666); 24 Dec 1996 08:28:03 -0000
Message-Id: <19961224082803.29182.qmail@koobera.math.uic.edu>
Date: 24 Dec 1996 08:28:03 -0000
Sender: owner-ietf-smtp@list.cren.net
Precedence: bulk
From: "D. J. Bernstein" <djb@koobera.math.uic.edu>
To: ietf-smtp@list.cren.net
Subject: Re: regarding illegally formed address and commands
X-Listprocessor-Version: 8.1 beta -- ListProcessor(tm) by CREN

> Um... actually, according to the RFC821 grammar

According to the RFC 821 grammar, cs.utk.edu is an invalid domain name,
because cs has only two letters.

Really.

> I guess I am looking at this group to tell me what I should be
> doing with a malformed SMTP level address?

Here's what I do: write the simplest possible code that (1) is secure,
(2) is reliable, and (3) can handle any valid input.

Why should I be unhappy if this code also handles some invalid inputs?

One answer is ``because you end up relaying the invalid inputs to
someone else''---but rejecting the input is usually much more damaging.

---Dan
Put an end to unauthorized mail relaying. http://pobox.com/~djb/qmail.html