(no subject)
Recent error: The value of the attribute "to", which is currently "(_)_)=====D ", is invalid.
While the ascii art is highly amusing, it kills the mail server. Add validation to any submitted "name" field coming out of that form, allow only letters, numbers and spaces. Add to current error message something like "... and may not contain any punctuation."
REAL ERROR WE RECEIVED
qurve: hahaha what is that for?
your app?
An email form on a website we did.
Someone put in an ascii penis
in the name field.
and cfmail bombed.
<@Pi> qurve: validating email addresses is a bitch though
dont u tink they could have fixed their mail server bug in the time it took to write that return 2 sender message?
<@Pi> and it's hard to do it RFC compliant
yeah
I have a pretty hardcore regex somewhere
But that was the best bug report I ever got.
<@Pi> qurve: it probably came out of the back of Mastering Regexps
A good way to validate is to see if u can connect to the server and do a RCPT TO:
<@Pi> chrak: i was just about to say that
Pi: i had to write this pthreads smtp server for this company 5 years ago lol
<@Pi> this dude I know was doing an app that needed to do email validation, and he just went "If I can't get an email to you, it's invalid, fail."
<@Pi> another guy I knew got pissed off when people didn't accept user+suff@addr addresses
<@Pi> and started sending them email from some horrible RFC-compliant address that had far too many symbols for its own good, but still was A-OK
exclamation points in the host
<@Pi> qurve: something like that
While the ascii art is highly amusing, it kills the mail server. Add validation to any submitted "name" field coming out of that form, allow only letters, numbers and spaces. Add to current error message something like "... and may not contain any punctuation."
REAL ERROR WE RECEIVED
qurve: hahaha what is that for?
your app?
An email form on a website we did.
Someone put in an ascii penis
in the name field.
and cfmail bombed.
<@Pi> qurve: validating email addresses is a bitch though
dont u tink they could have fixed their mail server bug in the time it took to write that return 2 sender message?
<@Pi> and it's hard to do it RFC compliant
yeah
I have a pretty hardcore regex somewhere
But that was the best bug report I ever got.
<@Pi> qurve: it probably came out of the back of Mastering Regexps
A good way to validate is to see if u can connect to the server and do a RCPT TO:
<@Pi> chrak: i was just about to say that
Pi: i had to write this pthreads smtp server for this company 5 years ago lol
<@Pi> this dude I know was doing an app that needed to do email validation, and he just went "If I can't get an email to you, it's invalid, fail."
<@Pi> another guy I knew got pissed off when people didn't accept user+suff@addr addresses
<@Pi> and started sending them email from some horrible RFC-compliant address that had far too many symbols for its own good, but still was A-OK
exclamation points in the host
<@Pi> qurve: something like that