[Dbmail-dev] [DBMail 0000490]: In dbmail-user.c, the is_valid() test fails

Sat, 03 Feb 2007 13:55:54 -0800 

The following issue has been UPDATED. 
====================================================================== 
http://www.dbmail.org/mantis/view.php?id=490 
====================================================================== 
Reported By:                sound_man_dan
Assigned To:                paul
====================================================================== 
Project:                    DBMail
Issue ID:                   490
Category:                   Command-Line programs (dbmail-users, dbmail-util)
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     resolved
target:                      
Resolution:                 fixed
Fixed in Version:           2.2.3
====================================================================== 
Date Submitted:             16-Jan-07 01:49 CET
Last Modified:              03-Feb-07 22:55 CET
====================================================================== 
Summary:                    In dbmail-user.c, the is_valid() test fails
Description: 
In dbmail-user.c, the is_valid() test fails:

  * some valid addresses are rejected...
    for example, unquoted addresses containing any of '|`?

  * some invalid addresses are allowed...
    for example, unquoted addresses containing any of ()[]<>:;\

  http://tools.ietf.org/html/rfc2821
  http://tools.ietf.org/html/rfc2822
  http://en.wikipedia.org/wiki/E-mail_address

I suggest either modifying or removing the is_valid() test.

  http://www.iamcal.com/publish/articles/php/parsing_email/

====================================================================== 
Total Sponsorship = US$ 5

16-Jan-07 18:22: jasb (US$ 5) 
====================================================================== 

---------------------------------------------------------------------- 
 rwlbuis - 01-Feb-07 11:23  
---------------------------------------------------------------------- 
The attached patch has an improved collection of characters that can match
the username. It should fix the testcases listed above. 

---------------------------------------------------------------------- 
 sound_man_dan - 02-Feb-07 18:01  
---------------------------------------------------------------------- 
re: dbmail-users.diff

Email address validation can be rather difficult. rwlbuis' patch brings
the is_valid() test a little closer to identifying valid email addresses,
but some valid addresses are still rejected, and some invalid addresses
are still allowed.

Because almost any character can appear in a valid email address, a simple
filter is not sufficient. It would be better to remove the test than to
have false positives or negatives.

If keeping the test is a must, consider the implementation at iamcal.com
and the difficulty of writing and maintaining that regular expression.

We could debate the merits of the standards, but meanwhile, the standards
contain the only arbitrary definition for valid email addresses.

Another option would be to warn the user when creating an "unusual"
address, but to allow the address to be created anyways. The determination
of a "normal" address could be the largest sub-set of what is allowed by
large email service providers such as aol, yahoo, gmail, msn, etc... maybe
something like alphanumerics plus . _ - for the local-part.

We are really talking about two different tests here: is_valid() and
is_normal()

is_valid() would throw an error and fail

is_normal() would issue a warning and continue

My vote is for removing the is_valid() test entirely. I'll make a patch if
others are agreeable. 

---------------------------------------------------------------------- 
 paul - 03-Feb-07 22:52  
---------------------------------------------------------------------- 
Removing is_valid test. Validating the username is deferred to the storage
layer. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
16-Jan-07 01:49 sound_man_dan  New Issue                                    
16-Jan-07 18:22 jasb           Sponsorship Added        jasb: US$ 5         
16-Jan-07 18:22 jasb           Sponsorship Total        0 => 5              
16-Jan-07 18:22 jasb           Issue Monitored: jasb                        
30-Jan-07 20:56 paul           Status                   new => confirmed    
01-Feb-07 11:22 rwlbuis        File Added: dbmail-users.diff                    
01-Feb-07 11:23 rwlbuis        Note Added: 0001808                          
02-Feb-07 18:01 sound_man_dan  Note Added: 0001809                          
03-Feb-07 22:52 paul           Note Added: 0001810                          
03-Feb-07 22:52 paul           Fixed in Version          => 2.2 branch      
03-Feb-07 22:53 paul           Assigned To               => paul            
03-Feb-07 22:53 paul           Status                   confirmed => resolved
03-Feb-07 22:53 paul           Resolution               open => fixed       
03-Feb-07 22:55 paul           Fixed in Version         2.2 branch => 2.2.3 
======================================================================

_______________________________________________
Dbmail-dev mailing list
Dbmail-dev@dbmail.org
http://twister.fastxs.net/mailman/listinfo/dbmail-dev

Reply via email to