[ On Monday, January 10, 2005 at 16:00:08 (+0000), Philip Hazel wrote: ]
> Subject: Re: [exim] check_helo_slow?
>
> On Mon, 10 Jan 2005, Tony Finch wrote:
>
> > Actually, Exim's HELO name syntax checking is very lax and it's quite
> > happy with bare IP addresses, double dots, etc. The check above is very
> > effective and highly recommended.
>
> A bare IP (v4) address IS a syntactically valid host name.
Strictly speaking that's true -- however it is also a very widely, and
long, held convention that a hostname which is a valid IP address is
considered to be an _invalid_ hostname. This is partly because of
RFC-1123's rule from section 2.1:
Whenever a user inputs the identity of an Internet host, it SHOULD
be possible to enter either (1) a host domain name or (2) an IP
address in dotted-decimal ("#.#.#.#") form. The host SHOULD check
the string syntactically for a dotted-decimal number before
looking it up in the Domain Name System.
I.e. if this rule is followed then a valid IP address will never be
considered as a hostname in the first place.
Note that RFC 1123 does not define the range of the "#" parts -- syntax
alone is to be considered, not semantics.
I would suggest though that the implication here for the reverse
(i.e. for software validating hostnames) is _much_ stronger. In essence
the above rule means that because some systems will in fact implement
the rule, then it is imperative that no software ever consider a
syntactically correct dotted-decimal form to ever be a valid hostname.
I.e. software validating hostnames _must_ discard as invalid any "name"
that appears to be a syntactically correct dotted-decimal address since
that's how _some_ hosts will interpret it.
For SMTP this is further reinforced by the fact that in section 5.2.17
the requirement is made for explicitly handling "domain literals"
containing dotted decimal addresses. I.e. a syntax is given for
explicitly quoting dotted-decimal addresses and requiring that they be
valid in that form and thus suggesting that they not be valid in any
unquoted form.
See also the CERT ValidateHostname implementation (the lex source file
was called IsValid.l, but I can't find a direct link to it online within
any "cert.org" hostname or mirror any more).
(and of course, as Tony said, there is no, and likely never will be any,
valid top level domain in the global DNS that's all digits, as per IANA
rules and regs.)
> I understand we have 3Com to blame for this.
I think they are only "responsible" for forcing the IETF/IANA to allow
leading digits. I'm not sure exactly when the
> If only a different
> separator had been used for domain names...
Well it probably would have been sufficient to have never invented the
stupid dotted-decimal IP address form in the first place.
If only the non-programmers in the IETF at the time could have been
convinced that the normal hexidecimal representation of integer values
was more than sufficient for IP addresses. I like many others thought
the dotted-decimal format was "cool" and interesting when I first saw it
(probably because I was also deeply immersed in my mathematics education
at the time), but in hindsight I find it extremely frustrating and I
would much rather we had stayed with simple "0x" prefixed HEX 32-bit
values for IP addressing.
--
Greg A. Woods
H:+1 416 218-0098 W:+1 416 489-5852 x122 VE3TCP RoboHack <woods@???>
Planix, Inc. <woods@???> Secrets of the Weird <woods@???>