From: Andy Thompson (athompsonmooreheadcomm.com)
Date: Mon Aug 02 2004 - 16:23:19 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>>What about:
>>>>>
>>>>> By default, this is not allowed, to avoid accidents with software
>>>>> that passes email addresses via the command line. Such software
>>>>> would not be able to distinguish a malicious address from a
>>>>> bona fide command-line option.
>>>>>
>>>>>I know that you can prevent this from happening by putting a "--"
>>>>>option into the command line, but I would not bet my life on it
>>>>>that everyone would follow such advice.
>>>>
>>>>That makes sense.
>>>
>>>
>>>I have updated the text.
>>>
>>>
>>>
>>>>So in your opinion, on a system such as mine with no local users, web
>>>>scripts, et al where I have complete control over what is run on the
>>>>box, is this a pretty low risk option to enable?
>>>
>>>
>>>Consider the following: does your machine communicate (email) with
>>>other systems? How will those systems respond to addresses beginning
>>>with a '-' character? Maybe it triggers a bug, and maybe it hits
>>>a defensive Postfix box.
>>
>>Obviously unknowns and out of my control. But I can control my system
>>and if I can reasonably say that the chances are pretty slim that my
>>system would send email in this way then it seems like it's not such a
>>big deal.
>>
>>AFAICT though, - is a valid char in an email address, even leading -
>>signs are valid, correct?
>
>
> That's only of academic interest, I'm afraid.
>
> The RFC lets one get away with a lot of characters that are unlikely
> to be accepted by actual implementations.
>

Just realized that check_recipient restrictions are applied before the
address is subjected to the allow_min_user check, so it's all academic
now. I'm still curious what the implications of allowing this are though.

-andy

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]