DevHeads.net

RFC 5321 address quoting for policy delegation protocol

Hi,

Is there a reason why Postfix omits quoting the localpart (when that
would normally be necessary according to RFC 5321) of sender and
recipient addresses passed to a policy delegation service (in this case
Dovecot quota-status)?

So for:

RCPT TO:<"John Doe"@example.com>

the following line (among others) is sent to the policy service:

recipient=John <a href="mailto: ... at example dot com"> ... at example dot com</a>

Other example:

RCPT TO:<"user@detail"@example.com>

yields:

recipient=user@ ... at example dot com

Summarizing, postfix uses invalid addresses (at least in terms of RFC
5321) when communicating with a policy delegation service (i.e.
check_policy_service acl) and I wonder whether it is a bug or whether
there might be some reason. As shown, the addresses were quoted
correctly in the original SMTP session, but Postfix drops the quotes and
passes the result to the policy service.

Regards,

Stephan.

Comments

Re: RFC 5321 address quoting for policy delegation protocol

By Wietse Venema at 11/05/2018 - 19:36

Stephan Bosch:
What you see is the unquoted form which is what Postfix uses
everywhere internally. Using the RFC 532X syntax would make it
way too easy to circumvent address-based features.

In the previous year time I have converted most table lookups to
use canonical quoted form first, then try the unquoted form if it
is different, for backwards compatibility safety.

In the policy protocol there is no way to use multiple forms,
so changing from unquoted to quopted forms would have to be a
compatibility-breaking change.

Wietse

Re: RFC 5321 address quoting for policy delegation protocol

By Stephan Bosch at 11/06/2018 - 16:00

Hi Wietse,

Op 06/11/2018 om 00:36 schreef Wietse Venema:
OK, good to know. I'll adjust Dovecot accordingly then.

Do you have some special rules to parse this reliably? The strategy I am
currently testing splits the address on the last '@' and rejects the
result when the obtained localpart and domain cannot be used to compose
a valid (quoted) RFC5321 address.

Regards,

Stephan.

Re: RFC 5321 address quoting for policy delegation protocol

By Wietse Venema at 11/06/2018 - 17:01

Stephan Bosch:
Postfix does not support domain-less addresses, so the right-most
@ indicates the end of the localpart. For quoting a localpart,
Postfix uses RFC 821 or 822 syntax: if a localpart must be quoted,
it double-quotes the entire localpart, and it prepends a backslash
to controls and to backslash itself.

Wietse