Andreas Weigel:
> AFAICS it does break recipient (or sender) address verification for any
> mailbox containing a ":", though. How many of those are practically
> encountered in the wild I cannot say, but probably not too many given
> that this has been in the code base for so long :)
It hasn't come up as a problem because ':' is special in many
contexts, such as the username in /etc/passwd, the syntax of
/etc/aliases, and even in an email address localpart where it needs
to be quoted.
I'm looking at the cpde that introduced this: the first non-production
release (*) that introduced Postfix IPv6 support. This makes only
two code changes to the verify(8) daemon:
1 - It adds extra syntax checks when parsing a value that is read
from the verify cache (time stamps must be all digits). These
cache values consist of fields separated with ':'.
2 - It overwrites all ':' characters in an email address. This may
have been done out of a misplaced concern for cache value syntax
(the email address is not part of a cache value).
I'll test address verification for user@[ipv6:address] without the
':' filter, and if that does not unexpectdly break, then I'll remove
that filter.
Wietse
