In message <201203130131.q2D1VLXa087735@aurora.sol.net>, Joe Greco writes:
Owen DeLong wrote:
http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses
You may have noticed my particular test wouldn't accept foo!bar!ucbvax!us er format addresses, either.
It works well enough for my purposes. I did not claim it was perfect.
Why not leave it to the MTA to decide what is a valid address? It only requires a few SMTP commands to the MTA to know if it will accept it. Normally the MTA will tell you after the "rcpt to:" command if it will accept it (i'm ignoring some badly behaving MTAs who will swallow anything and then bounce, no point trying to work around such crap).
No need to re-invent the wheel, unless you're actually creating an MTA or something similar.
Who is to say that even IF your address verifier verifies it as valid that the MTA is configured to allow it (or the other way around)? MTAs can be arbitrarily configured to (dis)allow "bang path" addresses, IP addresses etc.
The ideal world contains a mix of techniques.
You cannot just blindly leave it to the MTA to decide what's valid. Along that path lies madness. How do you pass the address to the MTA? Don't do it as a system() call unless you want someone to own your box with a semicolon.
Only if you don't properly quote/escape the arguments you are passing.
Do you allow \n? \r? Do you allow \\? There is a certain amount of paranoia that is prudent, and a certain amount that is actually necessary... though it's true that implementations often don't bother to work that out correctly...
... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CN N) With 24 million small businesses in the US alone, that's way too many apples.
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org