[Mailman-Users] cause of bounces

[Grant Taylor]

On 10/18/2017 11:51 AM, Dimitri Maziuk wrote:
> Like tnеtсоnsulting.nеt being a benign minor encoding change in a couple 
> of characters?

No.  That is not a simple content encoding change.  Content (re)encoding 
changes the representation of the same encoded data.

<е> 1077, Hex 0435, Octal 2065   !=   <e>  101,  Hex 65,  Octal 145
<с> 1089, Hex 0441, Octal 2101   !=   <c>   99,  Hex 63,  Octal 143
<о> 1086, Hex 043e, Octal 2076   !=   <o>  111,  Hex 6f,  Octal 157

An MTA changing the encoding method of data to / from: base 64 / 
quoted-printable / 8-bit, is distinctly different than what you have 
done, which is changing actual encoded data.

The (decimal) number 17 can be encoded multiple ways:

10001 = binary      base  2
    25 = hex         base  6
    21 = octal       base  8
    17 = decimal     base 10
    11 = hexadecimal base 16

All five encoded numbers represent the same value (decimal) 17.

What you have done (in the spirit of a white hat) is actually a 
homograph attack.  Something quite different from simple encoding 
differences.

Quite similar to a computer seeing a the following three characters as 
quite distinctly different things, each with different computational 
meanings.

0
O
o

> Just because the authors of the RFC have also chosen to stick the square 
> peg in the round hole doesn't make the hole any less round, nor the peg 
> any less square.

Fair.

> Somewhere I've a 10-year old e-mail from Whit Diffie explaining how SSL
> was a PR solution to a marketing problem. So this kind of 
> problem-finding and problem-solving has made to SMTP RFCs now, colour me 
> shocked.

I'd be curious to read said email, if it's convenient to dig up.



-- 
Grant. . . .
unix || die