[Mailman-Users] Is Mailman 2.1 not plushack aware?
Bill Cole
mailmanu-20100705 at billmail.scconsult.com
Sat Jun 1 19:40:50 CEST 2013
On 30 May 2013, at 14:30, Jay Ashworth wrote:
> I just subscribed to the virtualgl-users list at SF, and I subscribed
> with
> a plushacked email address, jra+vgl@
>
> Got the confirmation email ok, of course, but when I tried to send
> something,
> it bounced "because I'm not subscribed to the list". I've never had
> that
> happen before, but it's possible that I've never tried to sub a
> plushack
> address to a Mailman list.
>
> Does Mailman in fact not understand plushacked addresses as
> subscription
> addresses, and that it should canonicalize them when a) checking for
> duplicate subscriptions and b) accepting messages for restricted
> lists?
It is altogether always wrong for ANY mail software outside of a domain
to parse the local part of an address in that domain except for a tiny
handful of standard special local parts (e.g. "postmaster"). The use of
'+' as a tag delimiter is widespread but it is not in any sense a
"standard" and comes nowhere near universality. There is no way for a
Mailman instance to know which domains make "user+tag" and "user"
equivalent and which do not, so canonicalizing as you suggest would
result in breakage.
Beyond that risk of breakage, "canonicalizing" local parts which one
does not own is wrong in principle: it violates the core assumption
which makes Sendmail-style plus-tagging useful. The tagged address is
supposed to be unique in the view of everyone except its owner and the
owner's delivery agent, which can easily discern that an address is
tagged (maybe with '+' but maybe not) and then handle the address and
tag in whatever locally customized manner their whims dictate. Outside
entities should never try to guess what those whims are at any
particular time and more importantly should never translate an address
from what it actually is to what their guesses about the owner's whims
implies.
Note: you might look at my address for this list and make any of a
number of reasonable guesses about how its structure (which *IS*
significant) relates to its delivery and handling. Most would be
operationally wrong and none would be complete. I tag addresses in
opaque ways precisely because of past rude & clueless attempts by others
(mostly spammers) to break + tagging.
More information about the Mailman-Users
mailing list