Re: check_recipient_access, regexp and case sensitivity
- Viktor Dukhovni:
> src/smtpd/smtpd_resolve.c:Wietse Venema:
> lowercase(STR(reply->recipient)); /* XXX */
> This may have escaped the code cleanup when forced lowercaseFabio Sangiovanni:
> was removed from access maps.
> Thanks for your answer, Wietse. Should we then expect a bugfix inI do not expect that removing the lowercase() call will break other
> one of the next 2.10.x releases (and in the other maintained
> branches)? As far as I understand, this is not an intended behaviour
> (since Postfix 2.3), right?
code. It sits in code that maintains a cache of resolved recipient
addresses. However, this needs to be verified before anything can
be changed in a stable release.
Considering that this has not been a problem in the last 7 years,
this is not a high-priority item.
Generally, it is unwise to have access policy that depends on the
recipient address case. First, the case is under control by the
adversary. Second, the policy is prone to accidental matches