From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/61033 Path: news.gmane.org!not-for-mail From: Simon Josefsson Newsgroups: gmane.emacs.gnus.general Subject: Re: Hashcash-generation/check for IDN-domains Date: Wed, 28 Sep 2005 11:40:46 +0200 Message-ID: References: <87y85iejat.fsf@koldfront.dk> <87slvqfquu.fsf@koldfront.dk> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Trace: sea.gmane.org 1127900845 10154 80.91.229.2 (28 Sep 2005 09:47:25 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Wed, 28 Sep 2005 09:47:25 +0000 (UTC) Cc: ding@gnus.org Original-X-From: ding-owner+m9565@lists.math.uh.edu Wed Sep 28 11:47:25 2005 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by ciao.gmane.org with esmtp (Exim 4.43) id 1EKYVm-0003Q9-0f for ding-account@gmane.org; Wed, 28 Sep 2005 11:46:02 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu ident=lists) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 1EKYVc-0004Cp-00; Wed, 28 Sep 2005 04:45:52 -0500 Original-Received: from nas01.math.uh.edu ([129.7.128.39]) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 1EKYQw-0004Ck-00 for ding@lists.math.uh.edu; Wed, 28 Sep 2005 04:41:02 -0500 Original-Received: from quimby.gnus.org ([80.91.224.244]) by nas01.math.uh.edu with esmtp (Exim 4.52) id 1EKYQt-00075M-S6 for ding@lists.math.uh.edu; Wed, 28 Sep 2005 04:41:02 -0500 Original-Received: from 178.230.13.217.in-addr.dgcsystems.net ([217.13.230.178] helo=yxa.extundo.com) by quimby.gnus.org with esmtp (Exim 3.35 #1 (Debian)) id 1EKYQk-0005Z6-00 for ; Wed, 28 Sep 2005 11:40:50 +0200 Original-Received: from latte.josefsson.org (c494102a.s-bi.bostream.se [217.215.27.65]) (authenticated bits=0) by yxa.extundo.com (8.13.4/8.13.4/Debian-3) with ESMTP id j8S9enLk030395 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 28 Sep 2005 11:40:50 +0200 Original-To: asjo@koldfront.dk (Adam =?iso-8859-1?Q?Sj=F8gren?=) OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:21:050928:asjo@koldfront.dk::R4o7sCgPVda/A7YW:3a5o X-Hashcash: 1:21:050928:ding@gnus.org::yXetS4gW7Mnk3tQ7:3HAp In-Reply-To: <87slvqfquu.fsf@koldfront.dk> (Adam =?iso-8859-1?Q?Sj=F8gren'?= =?iso-8859-1?Q?s?= message of "Tue, 27 Sep 2005 17:54:49 +0200") User-Agent: Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) X-Spam-Status: No, score=0.1 required=5.0 tests=FORGED_RCVD_HELO autolearn=failed version=3.0.3 X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on yxa-iv X-Virus-Scanned: ClamAV version 0.84, clamav-milter version 0.84e on yxa.extundo.com X-Virus-Status: Clean X-MIME-Autoconverted: from 8bit to quoted-printable by yxa.extundo.com id j8S9enLk030395 X-Spam-Score: -2.2 (--) Precedence: bulk Original-Sender: ding-owner@lists.math.uh.edu Xref: news.gmane.org gmane.emacs.gnus.general:61033 Archived-At: asjo@koldfront.dk (Adam Sj=F8gren) writes: > On Tue, 27 Sep 2005 17:09:49 +0200, Simon wrote: > >> The X-hashcash header sent appeared to contain the non-ASCII >> characters, which I believe is wrong. So it is the generation that is >> faulty. Since, if I recall correctly, it copy the content from >> To/From/Cc, it probably should do its own IDN-processing. I'm not >> sure how that would interfact with answering 'n' at the query you >> refer to though. Perhaps that query is simply wrong? It doesn't make >> sense to send mail to non-ASCII domains ever, does it? > > That depends on whether the MTA that Gnus talks to understands IDN and > can convert itself, right? > > But I guess IDN is meant to be handled at the MUA level, and not by > the MTAs? Right. There is no non-ASCII API for sending e-mail. MUAs should IDN-encode strings. > If that is correct, I don't know why the user is even asked. Perhaps > the author of that piece of code can explain? I wrote the code... I think Arne is correct, the question was added to avoid IDN-encoding of non-ASCII typos. But interaction is bad. The query is only enabled if the optional idna.el package AND the external "idn" binary is installed. If both of those are true, it is likely that encoding will work. I have changed the default to t in both 5.10 and CVS. I also made the test whether to enable encoding do a test-encoding to see whether it works or not: (defcustom message-use-idna (and (condition-case nil (require 'idna) (file-error)) (mm-coding-system-p 'utf-8) (executable-find idna-program) (string=3D (idna-to-ascii "r=E4ksm=F6rg=E5s") "xn--rksmrgs-5wao1o") t) "Whether to encode non-ASCII in domain names into ASCII according to IDNA. GNU Libidn, and in particular the elisp package \"idna.el\" and the external program \"idn\", must be installed for this functionality to work." :version "22.1" :group 'message-headers :link '(custom-manual "(message)IDNA") :type '(choice (const :tag "Ask" ask) (const :tag "Never" nil) (const :tag "Always" t))) >> So Gnus should attempt to translate non-ASCII to xn--* via libidn, >> or refuse to send the message. Then the hashcash code could also >> unconditionally perform idn-encoding. Not sure what should happen if >> idn-encoding inside the hashcash cookie generation fail though.=20 >> Leave the X-hashcash as-is, with non-ASCII characters? Or remove the >> header? > > If the user really shouldn't be asked (above), it's easy (always > idn-encode in hashcash.el). > > I think it sounds reasonable that if hashcash.el fails to generate a > payment, the header should not be added? But it can still generate a payment, but it would not be to the IDN-encoded address. It would contain non-ASCII as in the posted example. I'm not sure whether sending that weird header out or removing it is the best choice. I'm leaning towards removing the header of IDN-encoding fails. > The checking does seem a little too fragile though, in that spam-split > breaks just because hashcash.el can't understand a Hashcash-header > (i.e. the mail-check-payment should just return false when the header > is not understandable, right? Instead of the error that makes nnmail > think that my fancy-split configuration is invalid). What error is that? Does it say "Unknown hashcash format version"? Perhaps the call to hashcash.el should be made in a condition-case.