News:

SMF 2.1.4 has been released! Take it for a spin! Read more.

Main Menu

[3527] Email addresses with plus sign (+)

Started by [CF]Gareth, June 17, 2009, 08:33:52 AM

Previous topic - Next topic

[CF]Gareth

Hi all

Had a spammer sign up using an e-mail address that included a plus sign. When trying to ban the user, SMF (1.1.9) complains that the e-mail address is invalid (it's not, see below) and shows how a valid address is built up.

Considering the point of the plus sign, the ideal thing for SMF to do would be (a) remove the plus sign and the rest up to the @ sign, and insert the remainder of the address in the ban list, and (b) when someone tries to sign up, remove the same (plus and everything up to the @) before comparing it with the ban list (otherwise any banned e-mail address can still be used... I've banned the e-mail address without the plus etc, but I don't know if SMF is doing point (b); if not, that ban may be useless anyway).

I didn't know about the use of the plus sign before I looked it up, so I don't know whether that's just me or if it's a little-known feature of e-mail. Still, the feature is there and there are sites pointing out how Yahoo and GMail support it, but SMF is overlooking it at the moment.



Sub-addressing

Some mail services allow a user to append a +tag qualifier to their e-mail address (e.g., [email protected]). The text of tag can be used to apply filtering. The text of the tag can also be used to help a user figure out which organization "leaked" the user's email address to a spammer. However, some mail servers violate RFC 5322, and the recommendations in RFC 3696, by refusing to send mail addressed to a user on another system merely because the local-part of the address contains the plus sign (+). Users of these systems cannot use plus addressing. On the other hand, most installations of the qmail and Courier Mail Server products support the use of a dash '-' as a separator within the local-part, such as [email protected] or [email protected]. This allows qmail through .qmail-default or .qmail-tag-sub-anything-else files to sort, filter, forward, or run an application based on the tagging system established. Disposable e-mail addresses of this form, using various separators between the base name and the tag are supported by several email services, including Runbox (plus and minus), Google Mail (plus), Yahoo! Mail Plus (minus), and FastMail (plus). The name sub-addressing is the generic term (used for plus-addressing and minus-addressing) found in some IETF standards-track documents, such as RFC 5233.

karlbenson


Advertisement: