[dev] [commits] Horde branch develop updated. 2cd26a26e02a3c15e50c6a7bbf2f59397288f9bf
Michael M Slusarz
slusarz at horde.org
Wed Aug 29 17:57:06 UTC 2012
Quoting Jan Schneider <jan at horde.org>:
> Zitat von Michael M Slusarz <slusarz at horde.org>:
>
>> Quoting Jan Schneider <jan at horde.org>:
>>
>>> It's not about false negatives but false positives, which we care
>>> about in this our use case. See my committed test.
>>
>> This test is wrong:
>>
>> $address3 = new Horde_Mail_Rfc822_Address('Test
>> <test at example.co.uk>');
>> [...]
>> $this->assertFalse($address3->matchDomain('co.uk'));
>>
>> This should be:
>>
>> $this->assertTrue($address3->matchDomain('co.uk'));
>>
>> The address "test at example.co.uk" is in the domain "co.uk". So
>> matchDomain('co.uk') SHOULD return true. 'example.co.uk' is, by
>> definition, a subdomain of 'co.uk'. From RFC 1034:
>>
>> "A domain is a subdomain of another domain if it is contained
>> within that domain."
>>
>> Put another way:
>>
>> $address = new Horde_Mail_Rfc822_Address('Test <test at example.com>');
>> $this->assertTrue($address->matchDomain('com'));
>>
>> 'com' is a perfectly valid domain. And 'example.com' is in the
>> 'com' domain.
>
> Granted, this is technically correct. But isn't the use-case to
> verify if an address is from a domain that can be "owned"?
No. The use case is whatever the consumer wants it to be.
In the case of IMP, we are now allowing the auto-accept itip code to
use a list of user-defined domains to treat as trusted. So it is up
to the admin to determine what consists of a user-defined domain.
Theoretically, if an admin wants to allow all 'co.uk' domains, they
should be allowed to do this (and the documentation should
sufficiently put them on notice that this is what the code will do).
Regardless, we shouldn't be in the business of trying to research and
determine what consists a TLD, or-pseudo TLD in the 'co.uk' situation.
Another example: several (all?) of the U.S. states "own" domains of
the form 'state.XX.us'. It should not be our duty to research, and
then maintain, this sort of "special" domain list.
michael
___________________________________
Michael Slusarz [slusarz at horde.org]
More information about the dev
mailing list