On Wed, Dec 16, 2015 at 10:16:32AM +0100, Geoffroy Couprie wrote: > RFCs 6530 and 6531 indicate that the local part can contain almost any > character, multibyte chars included. For the domain part, it must be > normalized before sending, but that's where it gets interesting: users > won't enter the email normalized, but in UTF8 form, apps will tend to > store (and validate) the complete email in UTF8 form, and let the mail > or DNS library handle the normalization before sending emails. So if > someone abuses UTF8 control characters, the delimitation of local or > domain part could be different, depending on which code validates the > email.
http://www.regular-expressions.info/email.html Ye old RFC 2822 also showed that it can contain these bizarre things called comments, and so on. My pet peeve is systems which don't respect the + sign in local-part, or worse, simply accept it but do not send email later. SIGH. I really should have set up my mailbox identifier as period. -- http://www.subspacefield.org/~travis/ | if spammer then j...@subspacefield.org "Computer crime, the glamor crime of the 1970s, will become in the 1980s one of the greatest sources of preventable business loss." John M. Carroll, "Computer Security", first edition cover flap, 1977 _______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
