ietf-smtp
[Top] [All Lists]

Re: Strict RFC x821 Compliant: HELO/EHLO

2005-07-06 03:04:55



--On Wednesday, 06 July, 2005 11:07 +0200 Frank Ellermann
<nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> wrote:


Hector Santos wrote:

Part of the problem with integrating new DNS/domain based
validation methods is the overhead in the DNS lookup process.

If you know that say TLD .invalid is invalid then you don't
need a DNS lookup.  And if you're sure that the <toplabel>
cannot be 1*DIGIT it's almost the same situation.

Frank,

While I agree, please be _very_ careful here.  Implementations
--more of web applications than of actual email clients, but
some of the latter too-- have caused a world of trouble in the
last few years by assuming they knew which TLDs were invalid.
In some cases, that involved a lexical rule (e.g., "we know
there are no TLDs more than four characters long, so, if one
appears, we don't need to look it up").  In others, it involved
a list of known, and hence valid, TLD names with the assumption
that anything not on it was invalid.  In both cases, ICANN's
adding new TLDs a few years ago, some with rather long names,
fouled up the works and users of those domains are still
encountering "that isn't a valid email address" messages from
programs that are relying on local rules and putative knowledge
rather than DNS lookups.

So, in actuality, because there is a firm prohibition on TLD
names being all-digits, it is _lots_ safer to handle one of
those as an error without looking it up than to assume that
.invalid, which is invalid today, will continue to be invalid a
year from now.

     john