Identical Addresses treated differently causes redundancy in address list

Bug #1430559 reported by Bhavesh Goyal
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman

Bug Description

In accordance with RFC standards, certain special characters such as 'plus' (+) symbol are allowed to be used in 'local part' of email addresses. Thus the addresses <email address hidden> and <email address hidden> are considered to be valid.

Also, certain mail service providers such as gmail accepts as using the '+' symbol in an address and appending any number of characters after the 'plus' giving an option to filter the emails utilising the '+' for filtering and all those set of email addresses with different sets of characters after '+' yet address to a single account.

On the other hand, Mailman doesn't processes 'plus' in any special way than a normal character and as a result two or more email addresses can be subscribed pointing to the same account for the same mailing list...This can cause redundancy of addresses in subscriber database and also multiple emails might go to the same user and thus even the important mails may be treated as spams.

Revision history for this message
Mark Sapiro (msapiro) wrote :

Both RFC 2821 and RFC 5321 contain the following statement:

The standard mailbox naming convention is defined to be "local-part@domain"; contemporary usage permits a much broader set of applications than simple "user names". Consequently, and due to a long history of problems when intermediate hosts have attempted to optimize transport by modifying them, the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address.

Thus, Mailman not being the host specified in the domain part of the address MUST assume that different local-parts are different addresses regardless of the widespread use of + as a delimiter indicating the mailbox name ends here.

Changed in mailman:
status: New → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers