Author maxking
Recipients Dain Dwarf, Windson Yang, barry, bortzmeyer, cnicodeme, jpic, kal.sze, maxking, msapiro, ned.deily, nicoe, r.david.murray, vstinner, xtreak
Date 2019-05-31.06:26:22
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
How about we go a slightly different route than suggested by jpic and instead of returning a None value, we return the entire rest of the string as the domain? That would take care of the security issue since it won't be a valid domain anymore.

     msg = email.message_from_string(
        'From: SomeAbhilashRaj <>',    

     (Address(display_name='SomeAbhilashRaj', username='abhilash', domain='>'),)
     (InvalidHeaderDefect('invalid address in address-list'), InvalidHeaderDefect("missing trailing '>' on angle-addr"),  InvalidHeaderDefect("unpected '@' in domain"), ObsoleteHeaderDefect("period in 'phrase'"))

This lets us do postel-style error recovery while working in RFC 2822 style grammar. 

I wrote this patch to achieve this:

@@ -1573,6 +1574,11 @@ def get_domain(value):
             token, value = get_atom(value[1:])
+    if value and value[0] == '@':
+        domain.defects.append(errors.InvalidHeaderDefect(
+            "unpected '@' in domain"))
+        token = get_unstructured(value)
+        domain.append(token)
     return domain, value

Does this makes sense?
Date User Action Args
2019-05-31 06:26:22maxkingsetrecipients: + maxking, barry, vstinner, msapiro, ned.deily, r.david.murray, nicoe, kal.sze, Windson Yang, xtreak, cnicodeme, bortzmeyer, jpic, Dain Dwarf
2019-05-31 06:26:22maxkingsetmessageid: <>
2019-05-31 06:26:22maxkinglinkissue34155 messages
2019-05-31 06:26:22maxkingcreate