IDN Mail not allowed for platform registration
I had problems with GPGTools and had to open a ticket. When I tried to submit it from the Mail -> Preferences -> GPGMail -> Problem reporting form, it got rejected. I had to replace my standard email address eckhard@rüggeberg.de with a stone age address without IDN to submit it.
THIS form says "User_email should look like an email address." Needless to say that eckhard@rüggeberg.de not only looks like an email address, it IS a valid email address since March 2004
Discussions are closed to public comments.
If you need help with Tender please
start a new discussion.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Courtenay on 08 Nov, 2017 10:57 PM
Ah, yes, we still are living in the stone age. Es tut mir leid! However with a good reason. The problem was that IDN addresses have a spoofing attack. e.g.
bob@pаypal.comwhich is actually[email blocked]. Is there a recent solution to this?2 Posted by Eckhard Rüggebe... on 09 Nov, 2017 09:08 AM
Well, in your example it is easy, because the first "a" (kyrillic az?) looks different in that typewriter font than the second one.
In general, the solution to spoofing is a good amount of common sense (which lacks for many internet users, as I have to admit).
Probabely I have to buy the domain "their-IT-is-from-stoneage.de" and use that for sites whose IT is from stone age...
Support Staff 3 Posted by Courtenay on 09 Nov, 2017 09:47 AM
Yes, it looks different in typewriter font but doesn't look different in basic body font like the times new roman we use like this: bob@pаypal.com .. or say wіkіреdіа.org and wikipedia.org UGH Anyway, that's mainly why we don't support it. Also, my neandertal DNA. I agree we can easily block unicode ranges for cyrillic and allow others, i.e. allow basic stuff like umlauts -- but then our ukranian customers are going to ask for characters and it's a mess. It's easier for lazy me to just stuck with rfc2822 or whatever it is for now. I hope a solution presents itself.
4 Posted by Ecckhard Rüggeb... on 09 Nov, 2017 03:02 PM
And what exactly is the problem if Bob from the kyrillic pаypal.com registers with his semi-kyrillic email address, as long as it exists? He sends you mails, and you send him mails. I see no harm in that!
Support Staff 5 Posted by Courtenay on 09 Nov, 2017 10:23 PM
A customer sends me an email, "Can you reset my password" or "Can you send me an export of our data", with a spoofed address. Or, on a public forum a user from thecompany.com is replying but it's not the actual domain.
brandi closed this discussion on 15 Mar, 2018 10:36 PM.