#33969: Improve django.core.mail.messages EAI processing
------------------------------+--------------------------------------
Reporter: j-bernard | Owner: nobody
Type: New feature | Status: closed
Component: Core (Mail) | Version: dev
Severity: Normal | Resolution: needsinfo
Keywords: EAI IDNA RFC | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------
Comment (by j-bernard):
Replying to [comment:1 Florian Apolloner]:
> > try to send the message, regardless of the presence of Unicode in the
address (Python smtplib will add the right options if you use the
send_message method else the SMTPUTF8 option should be provided)
>
> Can you link the code in question?
[https://github.com/django/django/blob/main/django/core/mail/message.py#L116
This line] transforms the domain to A-Label.
>
> > if smtplib.SMTPNotSupportedError is raised
>
> What does this error tell us? Given a standard setup your "mail server"
is often a simple relay running on localhost which probably doesn't give
you errors often. Whether or how the server it relays to does domain
internationalization is unknown to it.
This error means the mail server does not support the SMTPUTF8 option and
won't be able to process a `to` address with Unicode.
>
> I am not deep into mail standards, so any details you could provide here
would be helpful. I also do think that we have some leeway when changing
stuff here because international domain names are not used often. We just
should make clear to not introduce any security issues (like sending mail
to a different domain all of a sudden -- though I am not sure if we can
prevent that realistically because for instance `ß` encodes differently in
the standards iirc).
IDNA 2008 was created to lower some security issues with the old IDNA 2003
standard. And as you mentioned, keeping both standards active creates even
more issues. Many already moved to the new standard and Django could
clearly make a difference by being also compliant. Without that kind of
move, IDNs will keep being "not used often".
--
Ticket URL: <https://code.djangoproject.com/ticket/33969#comment:3>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/01070182f97ab9e6-d0e4b0f7-bca8-40a9-b825-01b6bcee36a3-000000%40eu-central-1.amazonses.com.
