[Mailman-Developers] How to validate mailing list-id?
Mark Sapiro
mark at msapiro.net
Sat Apr 4 07:26:37 CEST 2015
On 04/03/2015 08:30 PM, Andrew Stuart wrote:
>
> Am I correct in understanding then that a mailing list-id may be composed of any ASCII characters?
No.
> Thus this is a valid mailing list-id: ///*/etc/pw.txt
No. It is a valid 'list-label', but a list-id is a list label followed
by a dot followed by 'localhost' or a domain name and the characters
that can appear in a domain name are much more restricted, i.e. only dot
separated strings of letters, digits and hyphens, not beginning with hyphen.
And even a list-label can't contain any ascii character or even any
ascii printable character.
>From RFC2919 Sec 2
The syntax for a list identifier in ABNF [RFC2234] follows:
list-id = list-label "." list-id-namespace
list-label = dot-atom-text
list-id-namespace = domain-name / unmanaged-list-id-namespace
unmanaged-list-id-namespace = "localhost"
domain-name = dot-atom-text
Where:
dot-atom-text is defined in [DRUMS]
"localhost" is a reserved domain name is defined in [RFC2606]
Unfortunately, the [DRUMS] reference is missing in this RFC, but
dot-atom-text is defined in RFCs 2822 and 5322 as
dot-atom-text = 1*atext *("." 1*atext)
and atext
atext = ALPHA / DIGIT / ; Printable US-ASCII
"!" / "#" / ; characters not including
"$" / "%" / ; specials. Used for atoms.
"&" / "'" /
"*" / "+" /
"-" / "/" /
"=" / "?" /
"^" / "_" /
"`" / "{" /
"|" / "}" /
"~"
> Is this function an accurate validator for a mailing list-id?
>
> def is_valid_list_id(list_id):
> try:
> list_id.decode('ASCII')
> except UnicodeDecodeError:
> return False
> else:
> return True
No. not only will it accept specials;, it will accept controls 0x00 -
0x1f and 0x7f, so it's not even a good validator for list-label.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Developers
mailing list