[UA-discuss] EAI Addresses for Testing

Andrew Sullivan ajs at anvilwalrusden.com
Sun Mar 6 17:27:52 UTC 2016


Hi,

I didn't expect this to work in my environment, but I thought I'd see
what happens.  This message may be a little geeky, so if you don't
want all that detail you can ignore most of it.

I'm running an old-timey mail user agent called mutt, on OS X 10.10.5.
It runs in a terminal. The OS X terminal does support UTF-8.  It's
version 1.5.23 (which means I'm a minor revision behind.  Oops).  It's
compiled with --with-idn, which is supposed to help with IDNA but
doesn't do EAI.  Mutt contains its own smtp client that allows me to
submit directly to my mail server.

At the moment my mailserver has EAI disabled (because my mail client
will spit up, so it's better to reject the mail):

So, this arrangement actually should just break.  Now, here's what's
fun:

On Sun, Mar 06, 2016 at 03:30:48PM +0000, Mark Svancarek wrote:
>
> مارك@رسيل.السعودية<mailto:مارك@رسيل.السعودية>
> 

In this case, I couldn't send mail at all, because I couldn't extract
the address.

It appears that the angle brackets from the mailto: URI turn this
whole thing into a giant bidi problem which wreaks havoc on cut and
paste.  I'm not good enough with Arabic script to be able to enter the
address correctly by hand.  So this one fails at entry, and it's a
human factors problem.  It's worth noting that this is not actually a
bug: it was part of the design of EAI.  The idea was that, if you were
going to internationalize email, you wouldn't give anyone an email
address that he or she couldn't read or write.  (Yes, I'm aware of the
irony that much of the world already can't read or write old-fashioned
email addresses.  But we're supposed to be getting better, remember?)
The idea is that people who email each other have some connection to
one another (unlike the case with domain names).

> 微软测试@互联网.中国<mailto:微软测试@互联网.中国>

What surprised me was this.  Mutt didn't choke.  Instead, it tried
very hard.

In my server logs, I see the login.  Then this (sorry about the geeky
bits):

---%<---cut here---

Mar  6 16:31:46 mx2 postfix/cleanup[11538]: C1CA8105A5: message-id=<20160306163142.GA68779 at mx2.yitter.info>
Mar  6 16:31:46 mx2 postfix/qmgr[30224]: C1CA8105A5: from=<ajs at anvilwalrusden.com>, size=609, nrcpt=1 (queue active)
Mar  6 16:31:46 mx2 amavis[10965]: (10965-13) WARN: address modified (recip): <\303\245\302\276\302\256\303\250\302\275\302\257\303\246\302\265\302\213\303\250\302\257\302\225 at xn--blq510jgwa.xn--fiqs8s> -> <"\\\303\245\\\302\276\\\302\256\\\303\250\\\302\275\\\302\257\\\303\246\\\302\265\\\302\213\\\303\250\\\302\257\\\302\225"@xn--blq510jgwa.xn--fiqs8s>
Mar  6 16:31:46 mx2 postfix/smtpd[11548]: disconnect from unknown[2620:f:8000:210:f57a:234:6424:2d24]

--->%---cut here---

What this shows is that the mail client took 互联网.中国 and processed
that as IDN, as desired: that's the @xn--blq510jgwa.xn--fiqs8s.  But
rather than spitting up on a malformed mail address, the client sent
raw bytes for the local part.  The WARN: line above is the mail server
saying that it escaped everything (so you can see \303 becomes
\\\303).  This is the mail server failing to be EAI-capable.

My mail scanner complained about the header ("Mar 6 16:31:46 mx2
amavis[10965]: (10965-13) Passed BAD-HEADER-2 ") but passed it along
anyway.

But of course, this didn't actually work, because I sent a malformed
mail address, so the receiving server rejected the mail:

---%<---cut here---

Mar  6 16:31:52 mx2 postfix/smtp[11554]: C3B9110A8F: to=<????????????@xn--blq510jgwa.xn--fiqs8s>, relay=zh.icoremail.net[120.31.129.134]:25, delay=5.7, delays=0/0.01/4.3/1.4, dsn=5.0.0, status=bounced (host zh.icoremail.net[120.31.129.134] said: 550 User not found: ????????????????????????????????????@?????????.?????? (in reply to RCPT TO command))

--->%---cut here---

As a result, I got a bounce message.  (No humans ever see bounce
messages any more, because they look like spam backscatter, so you
can't rely on bounce messages to help you.

I hope this is useful as an illustration of how something can be
really broken and yet not obvious to a user.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com


More information about the UA-discuss mailing list