[Mailman-Developers] error with bad email with % in addErrorin
htmlformat.py
Darrell Fuhriman
darrell at grumblesmurf.net
Tue Jan 11 18:29:17 CET 2005
Brad Knowles <brad at stop.mail-abuse.org> writes:
> The "percent hack" has been deprecated for years, but I
> believe that it is still technically a valid way of expressing
> e-mail addresses. Same with the UUCP "bang" style of
Not only that, there are valid addresses that can contain those
characters (in fact, nearly every character on that list).
This is a perfectly valid e-mail address: "%@!"@example.com
Unfortunately, far too many programs make all sorts of incorrect
assumptions about what constitutes a truly valid e-mail address.
The biggest incorrect assumption is that you can correctly
validate one with a regex. You can't.
The real problem is programmers who are too lazy to treat all the
data as untrusted (I've certainly fallen into that category
myself). If you treat your data carefully, you shouldn't have to
do silly hacks like the one under discussion.
In other words, the solution to the bug is not to reject things
with a (validly used) '%' but to fix the program so that strings
containing a '%' don't generate an error.
This is a subset of the "Let's you save me some work" problem, as
described here:
http://www.asktog.com/Bughouse/10MostPersistentBugs.html
To summarize, mailman should accept *all* RFC2822 valid e-mail
addresses. It's not up to us to decide what's good and what
isn't. If it's formatted correctly, then we should treat it as
correct. If the software can't cope, that's a bug in the
software, not in the e-mail address.
Darrell
More information about the Mailman-Developers
mailing list