[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: why does smtpserver restrict quote in argument to router for verification




On Wed, 16 Aug 1995 Nicholas_Briggs.PARC@xerox.com wrote:

> Would anyone care to comment on why this piece of code in the smtpserver checks
> to see if there are quotes before it passes the address off to the router for
> verification ?
> 
> 	if (args == NULL
> 	    || strchr(args, '\'') != NULL || args[strlen(args)-1] == '\\') {
> 		type(501, (char *)NULL);
> 		return NULL;
> 	}
> 
> The result is that if verification of addresses is turned on, users who have a
> quote in their name are out of luck -- for instance, something like
> Shawn_O'Malley@mc.xerox.com -- which is just fine as far as RFC822 is
> concerned.

  Are sure?  As I understand, RFC 822 is for message headers while RFC 
821 is for SMTP and SMTP responses.  So envelope addresses (MAIL FROM, 
and RCPT TO) would fall under RFC 821.

  According to the BNF on page 30 of RFC 821, it appears that 
"Shawn_O'Malley@mc.xerox.com" is not fine at all.  However, the "'" can 
be escaped as "Shawn_O\'Malley@mc.xerox.com", or whole bit can be quoted.

Tom