At 4:03 PM -0800 2/4/02, Joe Wagner imposed structure on a stream of electrons, yielding: >On Sat, 02 Feb 2002 13:43:32, The most wise and far seeing Dmitry >Akindinov wrote: >>The quoted address was accepted as a name of account (it's not parsed and no >>relay will take place.) Apparently, you have created the account Unknown in >>your server - that account caught that address. >Ah, that is most correct, I do have "Unknown" on my server. Since >the relay test didn't actually send a test message that I could >follow, I completely missed that it treats quotes in the address as >part of the name of an account.
It's not quite that. The abuse.net tester DOES send a message, and I bet you'd find it in the Unknown dump. The quotes are not really treated as part of the address, but they (correctly) cause special treatment. The local part of an address can technically contain otherwise special characters, as long as they are inside double-quotes. > Out of curiosity, anyone know what on the market is tricked by >surrounding an address in quotes...presumably one that has a two >part delivery system one that accepts, and a second delivery part >that is fooled into thinking it's an outgoing message. Some versions and configurations of Sendmail would be the most prominent victims, but it's a fairly common problem. The problem is pretty simple: at SMTP time, the MTA sees something that may be a local address. In some servers (like sendmail) that gets it to pass the address to an address parsing and canonicalization subsystem, where it gets dequoted as an initial step after which it looks like a valid remote address. The vulnerable versions of Sendmail will then pump that dequoted address into those same parsing routines for delivery. SIMS' behavior is clearly more correct. A local-part cannot become a whole address with a remote-part via standard parsing after it has been provisionally accepted as local. -- Bill Cole [EMAIL PROTECTED] ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
