Re: [evolution-patches] Use of invalid HELO.

[David Woodhouse <dwmw2 infradead org>]

On Wed, 2005-03-16 at 17:13 -0500, Jeffrey Stedfast wrote:
> I could make this argument against the smtp implementation (or
> getaddrinfo) far easier than can be made against evolution, but I
> don't see you "fixing" either of those...

The rules for hostnames, labels and domain names are subtly different,
and I believe there are times when it's considered valid for an
underscore to appear in the DNS database, while RFC2821 is very clear
about it being invalid in HELO.

It makes some sense for an SMTP server to be strict about what it
accepts -- you can cut out a _lot_ of crap by refusing obvious RFC
breakage. Yes, I can probably work around this particular problem by
making my machines reject mail submitted with invalid HELO _only_ when
unauthorised, given that I've already delayed the rejection to RCPT time
anyway. But that doesn't mean we shouldn't _also_ fix Evolution not to
violate RFC2821 in the first place.

> can you imagine implementing hostname validation in every app? as
> if...

There are relatively few cases where the RFC compliance of a domain name
is as strictly checked. I made a judgement and considered it sanest to
place the sanity check where I did. If you disagree, please be specific
about where you want it and unless I violently disagree with you, I'll
put it where you like -- but please don't just heckle.

-- 
dwmw2