Sonneveld, Rolf | 16 Apr 10:02 2010
Picon

Empty 5322.From address or 5322.From address containing <>

Hi,

it seems there are a number of appliances out on the Internet which generate (in situations where they cannot deliver the message) a non-delivery notification containing an empty From address:

From:

or a non-empty From address that looks like the envelope From for NDNs:

From: <>

in the header of the notification mail. Please note: the above From is the header From (5322.From), not the envelope From (5321.From). Are the above From: header lines valid according to RFC822/2822/5322?

It seems to me they are not valid, as from RFC5322 I get the impression that a From address at least should contain an " <at> " and a localpart and a domainname, and even if localpart and domainname would be allowed to be empty, there's still the " <at> " sign...

/rolf



Arnt Gulbrandsen | 16 Apr 10:28 2010
Picon

Re: Empty 5322.From address or 5322.From address containing <>


On 04/16/2010 10:02 AM, Sonneveld, Rolf wrote:
> in the header of the notification mail. Please note: the above From is
> the header From (5322.From), not the envelope From (5321.From). Are the
> above From: header lines valid according to RFC822/2822/5322?

No.

I've seen a lot of other invalid hacks, too. The only one I've seen 
that's syntactically legal is From: "" <at> [], which may have syntax going 
for it, but I do find it somewhat lacking in charm.

> It seems to me they are not valid, as from RFC5322 I get the impression
> that a From address at least should contain an " <at> " and a localpart and a
> domainname, and even if localpart and domainname would be allowed to be
> empty, there's still the " <at> " sign...

The localpart can be empty (IMO that's highly inadvisable, but it is legal).

Arnt

Sonneveld, Rolf | 16 Apr 10:56 2010
Picon

Re: Empty 5322.From address or 5322.From address containing <>

Hi, Arnt,

On 16-04-10, Arnt Gulbrandsen <arnt <at> gulbrandsen.priv.no> wrote:
On 04/16/2010 10:02 AM, Sonneveld, Rolf wrote:
>in the header of the notification mail. Please note: the above From is
>the header From (5322.From), not the envelope From (5321.From). Are the
>above From: header lines valid according to RFC822/2822/5322?

No.

I've seen a lot of other invalid hacks, too. The only one I've seen that's syntactically legal is From: "" <at> [], which may have syntax going for it, but I do find it somewhat lacking in charm.

>It seems to me they are not valid, as from RFC5322 I get the impression
>that a From address at least should contain an " <at> " and a localpart and a
>domainname, and even if localpart and domainname would be allowed to be
>empty, there's still the " <at> " sign...

The localpart can be empty (IMO that's highly inadvisable, but it is legal).

thanks a lot for your fast response! The messages which had these invalid From addresses came (as far as I could trace from the headers) from SurfControl and Websense appliances. It seems Websense bought Surfcontrol in the past, so...

The real problem here is that mail software from a recipient, that validates the headers of a message, might reject the message, which means a double-bounce (as we're talking here about invalid headers of notification messages causing a reject). For instance the mail adapter in SAP is such an SMTP server implementation which reject these type of messages at the end of the DATA phase, after the single dot. And we can't really blame SAP for this, after all why do we have standards?
 
Is there any '822 validator' tool or organization that can certfy mail servers and appliances, like there is the W3C validator tool? If we can't prevent vendors from releasing software that violates the standards, we might be able to give a positive impuls to the making of standards-based software by giving vendors, who release software that implements RFC5322 properly, the chance to certify their software.
 
/rolf
Dave CROCKER | 16 Apr 16:31 2010
Picon

Re: Empty 5322.From address or 5322.From address containing <>


On 4/16/2010 1:28 AM, Arnt Gulbrandsen wrote:
>
> On 04/16/2010 10:02 AM, Sonneveld, Rolf wrote:
>> in the header of the notification mail. Please note: the above From is
>> the header From (5322.From), not the envelope From (5321.From). Are the
>> above From: header lines valid according to RFC822/2822/5322?
>
> No.
>
> I've seen a lot of other invalid hacks, too. The only one I've seen
> that's syntactically legal is From: "" <at> [], which may have syntax going
> for it, but I do find it somewhat lacking in charm.
>
>> It seems to me they are not valid, as from RFC5322 I get the impression
>> that a From address at least should contain an " <at> " and a localpart and a
>> domainname, and even if localpart and domainname would be allowed to be
>> empty, there's still the " <at> " sign...
>
> The localpart can be empty (IMO that's highly inadvisable, but it is
> legal).

I'm not seeing it allowed in the ABNF:

     addr-spec       =   local-part " <at> " domain

     local-part      =   dot-atom / quoted-string / obs-local-part

     dot-atom-text   =   1*atext *("." 1*atext)

     dot-atom        =   [CFWS] dot-atom-text [CFWS]

d/
--

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net

SM | 16 Apr 18:53 2010
Picon

Re: Empty 5322.From address or 5322.From address containing <>


Hi Rolf,
At 01:56 16-04-10, Sonneveld, Rolf wrote:
>The real problem here is that mail software from a recipient, that 
>validates the headers of a message, might reject the message, which 
>means a double-bounce (as we're talking here about invalid headers 
>of notification messages causing a reject). For instance the mail 
>adapter in SAP is such an SMTP server implementation which reject 
>these type of messages at the end of the DATA phase, after the 
>single dot. And we can't really blame SAP for this, after all why do 
>we have standards?

The rejection at the end of the DATA phase won't cause the SMTP 
server to generate a bounce.  The DSN is generated by the SMTP 
sender.  There are two possible problems.  I'll use Section 6.4 of 
RFC 5321 for the easier one which is invalid headers:

   'Unfortunately, variations, creative interpretations, and outright
    violations of Internet mail protocols do occur'

   'The debate as to whether a well- behaved SMTP receiver or relay
    should reject a malformed message, attempt to pass it on unchanged,
    or attempt to repair it to increase the odds of successful delivery
    (or subsequent reply) began almost with the dawn of structured
    network mail and shows no signs of abating.  Advocates of rejection
    claim that attempted repairs are rarely completely adequate and that
    rejection of bad messages is the only way to get the offending
    software repaired.  Advocates of "repair" or "deliver no matter what"
    argue that users prefer that mail go through it if at all possible
    and that there are significant market pressures in that direction.'

The second possibility is discussed in RFC 3464.

Regards,
-sm

Arnt Gulbrandsen | 16 Apr 19:16 2010
Picon

Re: Empty 5322.From address or 5322.From address containing <>


On 04/16/2010 04:31 PM, Dave CROCKER wrote:
> I'm not seeing it allowed in the ABNF:

Via quoted-string. You end up with
   From: Ex Ample <"" <at> example.com>
I suppose you could say it's not empty any more once quoted.

Arnt

Dave CROCKER | 16 Apr 19:50 2010
Picon

Re: Empty 5322.From address or 5322.From address containing <>


On 4/16/2010 10:16 AM, Arnt Gulbrandsen wrote:
> On 04/16/2010 04:31 PM, Dave CROCKER wrote:
>> I'm not seeing it allowed in the ABNF:
>
> Via quoted-string. You end up with
> From: Ex Ample <"" <at> example.com>
> I suppose you could say it's not empty any more once quoted.

Not really.  It's empty.  I missed that.

Seems like a specification bug.

and it was in 822...

d/
--

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net


Gmane