Closed alexmv closed 3 years ago
zulipbot
commented
3 years ago Hello @zulip/server-development, @zulip/server-production members, this issue was labeled with the "area: emails", "area: production" labels, so you may want to check it out!
gnprice
commented
3 years ago I think regardless of whether we try to prevent these long names in the UI, we'll want to truncate them when necessary at send time -- there will be names that bypass the UI via LDAP, or Slack import, or predating that change (or else we have to have a migration to truncate them), etc.
Once we're truncating, it's inevitably going to be a bit crude, and I think anything that causes the mail to go through is still an improvement. (In the extreme case: dropping the name entirely and just keeping the address itself would be a major improvement over not sending the mail.) Truncating it at a codepoint boundary is probably good enough not to be worth trying to do anything fancier.
(In fact, in that example, it probably actually comes out best if we don't try to treat "base character plus all its combining characters" as a unit! Better to have the last letter missing some of its diacritics than to have the letter itself missing.)
timabbott
commented
3 years ago It might actually generally be the case that for this corner case, it'd be better to just drop the name entirely; I don't think it's likely to be common for names to be too long, and it's not important to have the name in the To lines -- so we're more likely to upset someone by truncating their name badly than by just not including it.
@mateuszmandera @hackerkid FYI.
alexmv
commented
3 years ago I think that's a good solution -- nobody's going to notice if we're sending to <example@example.com>. Also very much easier to implement and be confident of. :)
mateuszmandera
commented
3 years ago So the idea would be to re-send the email with the name dropped, if the first sending attempt gets rejected like above?
alexmv
commented
3 years ago I was envisioning that when constructing the email, we would switch to email-only if the full name was longer than 320 characters. But we could also try sending both ways -- I think the difficulty is that there are a large number of reasons that the SMTP send could fail, and no consistency to error codes, and hardcoding an SES error message to check against seems fraught.
Oh, and apparently 320 bytes is the max length allowed per RFC. So making sure we stay within that seems reasonable. :)
alexmv
commented
3 years ago Somewhat relatedly, these sorts of failures show up as mail.send() raising SMTPDataError; we should ideally catch that and re-raise it as EmailNotDeliveredException, instead of propagating up the SMTPDataError.
pletinckxc
commented
3 years ago @zulipbot claim
zulipbot
commented
3 years ago Hello @pletinckxc, it looks like you've currently claimed 1 issue in this repository. We encourage new contributors to focus their efforts on at most 1 issue at a time, so please complete your work on your other claimed issues before trying to claim this issue again.
We look forward to your valuable contributions!
Amazon SES has an (undocumented) limit on the size of address fields, and reject email with too-long
Fromaddresses, as follows:This example header is the result of "zalgo" text, and, when formatted, looks like:
This is bad because it results in dropped email notifications, and the users have no feedback as to why they are no longer receiving email from Zulip.
We have a couple options:
None of this would address with folks whose email address is
A <aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@example.com>, however, since there's no way to truncate that.