On Sat, Apr 08, 2023 at 11:49:49AM +1000, Sean Gallagher via Postfix-users
wrote:
> I think the outcome of the discussion in this thread was that
> valid_utf8_hostname() really has no "official" use case.
Not all hostnames are HELO hostnames. The domain part of an email
address is a "hostname" when not a domain-literal. An SMTP nexthop name
in a transport table is a hostname, ...
> It allows RAW UTF8 in hostnames - which should never happen.
See above.
> Hostnames that contain Unicode (non ASCII) code-points should be
> encoded with punycode with the ACE prefix. Any name encoded this way
> should pass the valid_hostname() check.
IDNA2008 and EAI define how to map unicode names into an ASCII DNS.
One now needs to know what sort of name to expect in a given context.
A further complication is that the Unicode Consortium produced a
competing specification UTS#46 that subsumes IDNA2003 and IDNA2008 and
conflicts with both.
The UTS#46 specification has a competitive advantage, it that it is
directly supported by running code (libicu, ...). While the IETF
specifications are just words "on paper" (at some web site).
So Postfix in fact uses UTS#46 with legacy IDNA2003 compatibility
disabled (closer to IDNA2008). This pragmatic choice is not uncommon,
so UTS#46 may be "winning" at present.
> In summary, all "normal" systems should be using
> "reject_invalid_helo_hostname" and leave "reject_non_fqdn_helo_hostname"
> to isolated systems whose names never appear on the internet.
No. In summary, an oversight should (and will) be fixed in Postfix.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
