Space (was Unicode) in Quoted-string Local-part

[gene-hightower]

Web view of From: address is just <@>. Also: does mox verify that only valid UTF-8 byte sequences are sent in SMTPUTF8?

[mjl-]

Hi @gene-hightower! It's the space in the localpart causing the problems, not the utf8...

Mox uses package net/mail from the Go standard library to parse the message headers. It doesn't preserve the double quotes (seems like a bug to me). See this reproduction: https://go.dev/play/p/AFZVe44fWKN. I expect the printed string to be " "@example.com, but it is @example.com (which doesn't look like a valid address). When net/mail is parsing an address, and it's a quoted string, they properly parse the quoted string, but combine the bare parsed string (without double quotes/escaping) into an address.

I'll see if I can get around to reporting it as an issue. For the longer term, I want to implement header parsing in mox. There are a few other minor (obscure) issues. It would also be nice to have an optional pedantic parsing mode.

[mjl-]

Looking at the net/mail code some more, it seems like Address.String explicitly checks for the need to encode the localpart in field Address.Address. So it seems this is all intended. Seems better to do something similar in mox, going to give it a try!

[mjl-]

@gene-hightower I think the latest commit fixes the issue. Instructions to get a binary with this commit, in case you want to check it out: https://www.xmox.nl/b/#016fde8d783247129613b16b60dbe14e2a855b51

[gene-hightower]

Looks good for new messages.

[mjl-]

Excellent, thanks for testing! You can make mox reparse existing messages with mox reparse. That would fix up all messages in all accounts. You can also do mox reparse <youraccount> to reparse messages of just one account. (Note: it has to be an account name, which isn't typically an email address, but more often just the localpart of the an email address).

[gene-hightower]

It doesn't preserve the double quotes (seems like a bug to me).

I agree that this is a poor design choice, if not an outright bug.

I think it's reasonable to "canonicalize" a 'Quoted-string' but it should remain quoted if it cannot be represented as a 'Dot-string' -- this is making me suspicious of that Gmail bug!

Send a message to Gmail with MAIL FROM:<"a..b"@example.com> and it will strip off one level of quoting, then reject the message if it is no longer a valid "RFC-5321" Mailbox.

Could they be using this code? Or perhaps they just made the same mistake?

Multiple levels of quoting work, so MAIL FROM:<"\"a..b\""@example.com> works fine.