This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author jpic
Recipients Dain Dwarf, Windson Yang, barry, bortzmeyer, cnicodeme, jpic, kal.sze, maxking, msapiro, ned.deily, nicoe, r.david.murray, vstinner, xtreak
Date 2019-06-01.07:51:22
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
In-reply-to <>
The email API does error recovery without loading invalid domains into
the domain variable which could lead to dangerous situations, example
with "a@foo.":

>>> email.message_from_string('From: a@foo.',policy=email.policy.default)['from'].addresses[0].domain

In perspective with the new patch proposed by maxking that lets an
invalid domain make it to the domain variable:

>>> email.message_from_string('From:',policy=email.policy.default)['from'].addresses[0].domain

For me maxking's suggestion opens the question of where to draw the
line between invalid domains should be loaded into the domain variable
and what invalid domains should not be loaded into the domain

Another smaller advantage of of Go's net/mail behaviour is that
results between parseaddr and email are consistently empty strings for
an invalid domain: parseaddr does not seem able to return a list of
Date User Action Args
2019-06-01 07:51:23jpicsetrecipients: + jpic, barry, vstinner, msapiro, ned.deily, r.david.murray, nicoe, maxking, kal.sze, Windson Yang, xtreak, cnicodeme, bortzmeyer, Dain Dwarf
2019-06-01 07:51:22jpiclinkissue34155 messages
2019-06-01 07:51:22jpiccreate