cyrus-8bit-2.3.3.diff nonsense (Cyrus Patches used at FastMail.FM)

Greg A. Woods woods-cyrus at weird.com
Tue May 30 12:37:29 EDT 2006


At Mon, 29 May 2006 23:27:10 +0200 (CEST),
Simon Matter wrote:
> 
> Stop, are you joking? Did you ever work in the corporate world? Did you
> ever have a boss in a large international company? Did you ever tell him
> that the server you installed _rejects_ mail?

Indeed.  Many times.

In store-and-forward mail systems like SMTP on the Internet (as well the
good old real-work physical postal system) the full and total
responsibility for successfully, packaging, addressing, and delivering
mail falls solely on the shoulders of the sender (and the sender's
agents, e.g. the poor postal worker who has to read the sender's horrid
handwriting).  The only real difference between centralized systems such
as the physical postal system and peer-to-peer systems such as SMTP on
the internet is that in the former the post office returns your mail
to you (if they can), while in the latter the recipient's mail server
rejects it directly.  I agree that this does give a different
perception, but the end result is the same:  Corrupted (or dangerous)
messages are returned to the sender.

If the boss is too stupid to understand such simple and common-place
concepts then I really do not want to work for the idiot.

Some people do like to wallow in their own garbage I suppose, but
happily most people I've dealt with are quick to catch on to the idea of
holding the sender responsible for correctly packaging and addressing
their messages, and they all appreciate the reliability and robustness
of something that is known to be working correctly just as it was
designed to work.

Indeed many sending sites who discover (through their bouncing mail)
that their software is generating corrupt messages are quite thankful to
learn of the problem, and are eager to fix it too.


> > Maybe it's OK for internal-only systems which never see incoming
> > messages from the real world and which have their own brain-dead but
> 
> Ah, what you are talking about is the real wold?

The real world is the one where languages and character encoding systems
are _not_ universal, but in fact are rather quite diverse.  In the real
world mail systems must correctly identify and preserve character
encoding if the recipient is to have any hope of being able to read the
message on any different kind of system, or even different locale, from
that it was sent from.  The rules in protocol standards aren't there
just because that's the way the author likes to do things.

Sure sometimes it's just stupid encoding of various punctuation
characters which us humans can usually read around OK; but often enough
the result of allowing incorrectly coded crap through to an unsuspecting
recipient is a screen full of unreadable garbage.

Don't be too quick to dismiss the security risks either.
Implementations of multi-byte encoding systems have proven to be rather
fragile in some cases, and that's just the most obvious issue.  If you
start allowing raw data through then there are even better chances that
sanity checks will be skipped and foreign data will be trusted by
unsuspecting client software.

-- 
						Greg A. Woods

H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods at robohack.ca>
Planix, Inc. <woods at planix.com>       Secrets of the Weird <woods at weird.com>


More information about the Info-cyrus mailing list