[Top] [All Lists]

Re: RE[2]: mailto URLs

1996-01-30 07:57:12
good that you do some syntax checking.
I would recommend doing hostname lookup and asking for confirmation if it
didn't resolve to either MX or A record; I think large networks generally
run with internal DNS, and for smaller systems the user can survive being
asked if he really means it.
BTW, enclosed is my (incomplete) Perl code for syntactically valid email
addresses; most addresses that fail these checks are probably illegal.
It at least catches the common name of "1234,567(_at_)compuserve(_dot_)com" - 
writing his Compuserve address with a comma in it, which is both illegal and
troublesome to handle.

About the urls: I think you haven't implemented mailserver:, so you looked
The other stuff is mostly harmless if you don't send out URLs with
CRLFs in them; I believe some browsers also check against "definitely not
HTTP" port numbers like 25.

The big difference between a POST mailto: and a POST http:// is the way it
arrives at the recipient; a POST mailto: arrives in E-mail, and if it has
the "right" content and recipient, it can create some noise for the
innocent-but-careless sender.
(The police actually came to the door of one person who had been a "little"
foolish when typing into the guest book at was a
bit of a surprise to him that someone took the Internet *that* seriously...)

                   Harald A

# PERL subroutine:
# Tell whether something is a legal E-mail address or not

sub isemail {
    local($addr, $restrict) = @_;
    if ($addr !~ /(\S+)@(\S+)/) {
        $notemailbecause = "No @ sign found in address";
        return 0;
    } else {
        $localpart = $1;
        $domain = $2;
    if ($domain !~ /bitnet|uucp$/i && $restrict ne "nodns") {
        $ckroute = `/local/bin/host $domain 2>&1`;
        if ($ckroute !~ /is handled |has address/) {
            $notemailbecause = "Name lookup failure: $ckroute";
            return 0;
        } elsif ($ckroute =~ /has address {
            $notemailbecause = "Points at loopback interface";
            return 0;
    if ($localpart =~ /^".*"$/) {
        # Quoted-string; no further checks (could check for unbalance..)
    } elsif ($localpart =~ /[ ()<>@,;:\\"\[\]]/) { # "
        $notemailbecause = "Illegal character in local part: $&";
        return 0;

    return 1;

<Prev in Thread] Current Thread [Next in Thread>