Re: Anonymous email users

[Chris Angelico via Python-list]

On Wed, 26 Jun 2024 at 03:40, Anton Shepelev via Python-list
 wrote:
>
> Chris Angelico to dn:
>
> > > Python mailing-lists are covered by the Code of Conduct
> > > and monitored by ListAdmins. Thus, there are controls
> > > which limit the impact which advertisers and others with
> > > non-pythonic aims might otherwise exert!
> >
> > So long as there's a newsgroup gateway, those controls are
> > toothless.
>
> The gateway operator can have the usual anti-spam software
> installed

Anti-spam is not the same as CoC and admins, though. Without putting
an actual moderation barrier in there, it's still toothless.

(Yes, there are a scant few posters who've been blocked from the
gateway, but it's rare.)

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Anton Shepelev via Python-list]

Chris Angelico to dn:

> > Python mailing-lists are covered by the Code of Conduct
> > and monitored by ListAdmins. Thus, there are controls
> > which limit the impact which advertisers and others with
> > non-pythonic aims might otherwise exert!
>
> So long as there's a newsgroup gateway, those controls are
> toothless.

The gateway operator can have the usual anti-spam software
installed, and of course there is Gmane:

  

which actually subscribes users to mailing lists (on their
behalf).  Gmane's NNTP server is: news.gmane.io .

-- 
()  ascii ribbon campaign -- against html e-mail
/\  www.asciiribbon.org   -- against proprietary attachments
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Anton Shepelev via Python-list]

Sebastian Wells:

> The spammers won the spam wars, so even if you have
> someone's real e-mail address, that's no guarantee that
> you can contact them.

No so with me.  My e-mail address here is munged, but in a
very obvious way, and no, my mailbox is not overwhelmed with
spam.

I make a habit of reporting spam via:

  1.  https://www.spamcop.net/anonsignup.shtml
  2.  https://submit.spamhaus.org/submit/

They maintain blacklists of e-mail providers or notify them
of spam e-mails.  It helps.

-- 
()  ascii ribbon campaign -- against html e-mail
/\  www.asciiribbon.org   -- against proprietary attachments
-- 
https://mail.python.org/mailman/listinfo/python-list

RE: Anonymous email users

[AVI GROSS via Python-list]

This discussion has wandered far from my original mention that I found it
hard to reply to people using an invalid email address. I see no real
connection to python except insofar as at least one spam-filter mentioned is
written in python!

Just to add an observation, the people writing here have obviously had many
different experiences with their email addresses and whether yours is
hijacked in some way, and made less useful, can even just become down to
random luck. 

But SPAM filters can also be manipulated and cause you to lose mail. I think
some people have been reporting email from a source they do not favor, such
as for political reasons, that then ends up being junked for people who
would welcome the messages. And, I can well imagine how something like a
post about python programs can start being filtered out because some key
words commonly use end up being used a lot in some kind of SPAM and the
filter "learns" to filter those out. Imagine of "python" appeared in lots of
actual SPAM messages as the war moved on, such as in the metadata designed
to make it look legit.

Email addresses can go bad for many reasons. My wife had a nice simple
address like jane.sm...@gmail.com that was messed up probably by
well-meaning people when another Jane Smith had an email address like
smith.jane or janesmith123 and they or others typed in the more
straightforward ones. It seems we ended up getting odd email from many
continents such as e-tickets for airplanes, initial estimates or bills from
vendors for products in places we have never been for services rendered in
say Tennessee or South Africa (well, I've been in Tennessee, but) and
subscriptions to internet magazines or groups that sent lots of messages, or
conversations between lots of people (all To: or Cc:) that included her
email address wrongly and even when she replied to ask to be taken off, the
conversations continued for months as many kept hitting reply-all, ...)

And, obviously, with so many people using the address wrongly, SPAM
followed.

Of course, choosing a strange name designed not to be typed by accident, has
it's own disadvantages.

But for those who want me to CALL their unspecified phone number and tell
them the subject line and then maybe you will look for my message,
FUGGEDABOUTIT! I have a cousin who does a trick  with her phone service
where she never answers and I have to run some gauntlet to identify myself
and then wait for a call back. After a few times, I solved the problem and
simply never call her.

Admittedly, making it hard for an email address to be abused in a forum like
this is understandable. Making it very hard to reach you legitimately when
the message is that your house is burning or just that your appointment is
canceled, may not work as well as you think.

And, FYI, I check my junkmail regularly and I have a fairly high rate of
finding things, including posts on forums like this one, that are NOT in my
opinion junk as I ordered them and they are on topic and not easily visible
as having committed some kind of sin. And as I use many email services, I
still find a high rate of false negatives everywhere.

It would not surprise me if a phrase like "not SPAM" gets this message
dumped into /dev/null


-Original Message-
From: Python-list  On
Behalf Of Chris Angelico via Python-list
Sent: Monday, June 24, 2024 9:49 PM
To: python-list@python.org
Subject: Re: Anonymous email users

On Tue, 25 Jun 2024 at 11:41, Grant Edwards via Python-list
 wrote:
> I've been using the same e-mail address for about 20 years. I've use
> that e-mail address with probably close to 100 retailers, charities,
> open-source projects, media sites, and various other organizations.

Mostly the same, although in my case, I've had multiple email
addresses for different purposes (and still kept all of them for
decades).

> I get at most a few spam emails per week [I just checked my spam
> folder: 8 in the past 30 days]. And Gmail is very, very close to 100%
> accurate at filtering them out.  I can't remember the last time I
> actually got a spam message in my inbox.
>
> > A few years ago the spam count was greater than a 1,000 a month.
>
> I'm baffled.  Is Gmail silently rejecting that much junk before it
> even gets to the filter that puts stuff into my "spam" folder?
>

It really depends on how you count. On my mail server (can't get stats
for Gmail), I have a number of anti-spam and anti-abuse rules that
apply prior to the Bayesian filtering (for example, protocol
violations), and any spam that gets blocked by those rules isn't shown
in my stats. And then I have a further set of rules that nuke some of
the most blatant spam, and finally the regular trainable filter. I
should probably keep better stats on the stuff I don't keep, but at
the moment, all I actually track is the ones that the filter sees -
whi

Re: Anonymous email users

[Chris Angelico via Python-list]

On Tue, 25 Jun 2024 at 11:41, Grant Edwards via Python-list
 wrote:
> I've been using the same e-mail address for about 20 years. I've use
> that e-mail address with probably close to 100 retailers, charities,
> open-source projects, media sites, and various other organizations.

Mostly the same, although in my case, I've had multiple email
addresses for different purposes (and still kept all of them for
decades).

> I get at most a few spam emails per week [I just checked my spam
> folder: 8 in the past 30 days]. And Gmail is very, very close to 100%
> accurate at filtering them out.  I can't remember the last time I
> actually got a spam message in my inbox.
>
> > A few years ago the spam count was greater than a 1,000 a month.
>
> I'm baffled.  Is Gmail silently rejecting that much junk before it
> even gets to the filter that puts stuff into my "spam" folder?
>

It really depends on how you count. On my mail server (can't get stats
for Gmail), I have a number of anti-spam and anti-abuse rules that
apply prior to the Bayesian filtering (for example, protocol
violations), and any spam that gets blocked by those rules isn't shown
in my stats. And then I have a further set of rules that nuke some of
the most blatant spam, and finally the regular trainable filter. I
should probably keep better stats on the stuff I don't keep, but at
the moment, all I actually track is the ones that the filter sees -
which is roughly 25-50 a day.

So yeah, Gmail is probably rejecting that much junk, but most of
it for protocol violations.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Grant Edwards via Python-list]

On 2024-06-24, Barry Scott via Python-list  wrote:
>> On 23 Jun 2024, at 06:58, Sebastian Wells via Python-list 
>>  wrote:
>> 
>> The spammers won the spam wars, so even if you have someone's real
>> e-mail address, that's no guarantee that you can contact them. [...]
>
> My email address is well known and yes I get spam emails.

I've been puzzled by this for a long time. Many people talk about how
they get so much spam e-mail that there's little chance they'll notice
if I send them an e-mail.

I've been using the same e-mail address for about 20 years. I've use
that e-mail address with probably close to 100 retailers, charities,
open-source projects, media sites, and various other organizations.

I get at most a few spam emails per week [I just checked my spam
folder: 8 in the past 30 days]. And Gmail is very, very close to 100%
accurate at filtering them out.  I can't remember the last time I
actually got a spam message in my inbox.

> A few years ago the spam count was greater than a 1,000 a month.

I'm baffled.  Is Gmail silently rejecting that much junk before it
even gets to the filter that puts stuff into my "spam" folder?

--
Grant


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Chris Angelico via Python-list]

On Tue, 25 Jun 2024 at 08:31, dn via Python-list  wrote:
> Python mailing-lists are covered by the Code of Conduct and monitored by
> ListAdmins. Thus, there are controls which limit the impact which
> advertisers and others with non-pythonic aims might otherwise exert!
>

So long as there's a newsgroup gateway, those controls are toothless.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[dn via Python-list]

On 25/06/24 05:17, Thomas Passin via Python-list wrote:

On 6/24/2024 5:51 AM, Barry Scott via Python-list wrote:



On 23 Jun 2024, at 06:58, Sebastian Wells via Python-list 
 wrote:


The spammers won the spam wars, so even if you have someone's real
e-mail address, that's no guarantee that you can contact them. You
certainly wouldn't be able to contact me at my real e-mail address,
unless you also had my phone number, so you could call me and tell
me that you sent me an e-mail, and what the subject line was so I
can find it. I don't even open my e-mail inbox unless there's a
specific message I'm expecting to find there right now.


My email address is well known and yes I get spam emails.

I use the wonderful python based spambayes software to detect spam and
file into a Junk folder. It works for 99.9% of the emails I get.


I use the Thunderbird mail client and I just use its built in spam 
detector.  I don't know how it works but it's pretty darn good.  Very 
few false positives or false negatives.  And it learns each time I 
classify a message as "Junk", in case it missed one.


I am subscribed to a lot of mailing lists. I just checked and I am 
getting ~3,200

emails a month of which less than 200 are spam.

A few years ago the spam count was greater than a 1,000 a month.

I have been using spambayes for a very long time, 20 years I guess at 
this

point and bayesian categorisation has stood the test of time for me.

For me the spammers have not won, I have the tech to keep ahead of them.


Aside from the attractions of the new, and the 'shiny', what 
email-antagonists didn't anticipate, was that as fast as they moved to 
non-email messaging, the spammers, advertisers, and malcontents would 
simply do the same. Thus, a variation on whack-a-mole, as folk move from 
platform to platform trying to stay-ahead and find an illusion of 
safety. Quite how one out-runs human-nature is an issue 
philosophised-over by the (Ancient) Greeks (and was no-doubt old even-then).


Paradoxically, applying for an account elsewhere usually involves 
providing an email address. Even backing-up a cell-phone (communication 
tool) to the cloud requires an email address(!!!)


Most of the non-email platforms are provided by organisations who have 
'other uses' for your personal-data (and not forgetting GMail and MSFT's 
email services).


Python mailing-lists are covered by the Code of Conduct and monitored by 
ListAdmins. Thus, there are controls which limit the impact which 
advertisers and others with non-pythonic aims might otherwise exert!


--
Regards,
=dn
--
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Thomas Passin via Python-list]

On 6/24/2024 5:51 AM, Barry Scott via Python-list wrote:




On 23 Jun 2024, at 06:58, Sebastian Wells via Python-list 
 wrote:

The spammers won the spam wars, so even if you have someone's real
e-mail address, that's no guarantee that you can contact them. You
certainly wouldn't be able to contact me at my real e-mail address,
unless you also had my phone number, so you could call me and tell
me that you sent me an e-mail, and what the subject line was so I
can find it. I don't even open my e-mail inbox unless there's a
specific message I'm expecting to find there right now.


My email address is well known and yes I get spam emails.

I use the wonderful python based spambayes software to detect spam and
file into a Junk folder. It works for 99.9% of the emails I get.


I use the Thunderbird mail client and I just use its built in spam 
detector.  I don't know how it works but it's pretty darn good.  Very 
few false positives or false negatives.  And it learns each time I 
classify a message as "Junk", in case it missed one.



I am subscribed to a lot of mailing lists. I just checked and I am getting 
~3,200
emails a month of which less than 200 are spam.

A few years ago the spam count was greater than a 1,000 a month.

I have been using spambayes for a very long time, 20 years I guess at this
point and bayesian categorisation has stood the test of time for me.

For me the spammers have not won, I have the tech to keep ahead of them.

Barry



--
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Barry Scott via Python-list]

> On 23 Jun 2024, at 06:58, Sebastian Wells via Python-list 
>  wrote:
> 
> The spammers won the spam wars, so even if you have someone's real
> e-mail address, that's no guarantee that you can contact them. You
> certainly wouldn't be able to contact me at my real e-mail address,
> unless you also had my phone number, so you could call me and tell
> me that you sent me an e-mail, and what the subject line was so I
> can find it. I don't even open my e-mail inbox unless there's a
> specific message I'm expecting to find there right now.

My email address is well known and yes I get spam emails.

I use the wonderful python based spambayes software to detect spam and
file into a Junk folder. It works for 99.9% of the emails I get.

I am subscribed to a lot of mailing lists. I just checked and I am getting 
~3,200
emails a month of which less than 200 are spam.

A few years ago the spam count was greater than a 1,000 a month.

I have been using spambayes for a very long time, 20 years I guess at this
point and bayesian categorisation has stood the test of time for me.

For me the spammers have not won, I have the tech to keep ahead of them.

Barry

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Sebastian Wells via Python-list]

On Fri, 14 Jun 2024 18:00:37 -0400, avi.e.gross wrote:

> I notice that in some recent discussions, we have users who cannot be
> replied to directly as their email addresses are not valid ones, and I
> believe on purpose. Examples in the thread I was going to reply to are:
>  
>  <mailto:henha...@devnull.tb> henha...@devnull.tb
>  
>  <mailto:no.email@nospam.invalid> no.email@nospam.invalid
>  
>  <mailto:candycanearter07@candycanearter07.nomail.afraid>
> candycanearter07@candycanearter07.nomail.afraid (user  is
> generated from /dev/urandom)
>  
> I know some here suggest that we only reply to the wider community and
> they have a point. But I think there is a role for having some
> conversations offline and especially when they are not likely to be
> wanted, or even tolerated, by many in the community.
>  
> Using such fake or invalid emails makes it hard to answer the person
> directly or perhaps politely ask them for more info on their request or
> discuss unrelated common interests. Worse, when I reply, unless I use
> reply-all, my mailer sends to them futilely. When I do the reply-all, I
> have to edit out their name or get a rejection.
>  

The spammers won the spam wars, so even if you have someone's real
e-mail address, that's no guarantee that you can contact them. You
certainly wouldn't be able to contact me at my real e-mail address,
unless you also had my phone number, so you could call me and tell
me that you sent me an e-mail, and what the subject line was so I
can find it. I don't even open my e-mail inbox unless there's a
specific message I'm expecting to find there right now.

With e-mail addresses being phone-validated, it's not easy to create
a new one either. And even if I did, you can't even trust e-mail 
providers not to give your address out to spammers.

The only function e-mail addresses serve now is to positively identify
the sender of a Usenet posting so he can be targeted for harassment,
lawsuits, or worse.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Grant Edwards via Python-list]

On 2024-06-18, Mats Wichmann via Python-list  wrote:
> On 6/17/24 17:51, dn via Python-list wrote:
>
>> +1
>> 
>> The "public" part is not to embarrass posters, but recognition that 
>> there are likely other people 'out there' (or arriving in-future if they 
>> care to read the archives) experiencing a similar problem. (hence need 
>> for descriptive Subject lines - isn't the most difficult task in 
>> programming 'choosing names'?)
>
> well, one of two, along with cache invalidation and off-by-one errors 
> (according to the wags).
>
> I do agree with this, but mailman (2) archives aren't particularly 
> useful for searching, as they're organized in monthly chunks and you 
> have to keep clicking around - this list doesn't have a search engine as 
> it's not converted to be one of the mailman 3 lists.

Gmane used to have a usable search feature (along with a decent
threaded web UI to read the arhives), but that got lost during the
great gmane server/domain upheaval of 2016 (or whenever that was). I
still miss it.

--
Grant

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Mats Wichmann via Python-list]

On 6/17/24 17:51, dn via Python-list wrote:


+1

The "public" part is not to embarrass posters, but recognition that 
there are likely other people 'out there' (or arriving in-future if they 
care to read the archives) experiencing a similar problem. (hence need 
for descriptive Subject lines - isn't the most difficult task in 
programming 'choosing names'?)


well, one of two, along with cache invalidation and off-by-one errors 
(according to the wags).


I do agree with this, but mailman (2) archives aren't particularly 
useful for searching, as they're organized in monthly chunks and you 
have to keep clicking around - this list doesn't have a search engine as 
it's not converted to be one of the mailman 3 lists.


There are supposed to be some search engine incantations to make this 
better. I find this one works, though I can never actually remember it 
and have to go hunting again each time... picking a random-ish subject 
line from this list in the past:


site:mail.python.org inurl:Python-list multiplication

I don't know that we publicise such methods (there are probably others).

--
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[dn via Python-list]

On 18/06/24 05:29, Roel Schroeven via Python-list wrote:

AVI GROSS via Python-list schreef op 17/06/2024 om 17:03:
I simply am thinking that people who do not allow me to easily reply 
to them

directly, should be ignored by me and not get my cooperation that way.
FWIW, personally I (mostly) don't see the point of replying to people 
personally. To me a public mailing list is much like any public forum, 
where my expectation is that conversations happen in public. To me it 
always feels weird when I get a personal reply when I make a public post 
in a mailing list. I mostly ignore those, unless there's really 
something in it that's best kept out of the public. Sometimes people 
write long mails with wandering thoughts only loosely related to the 
topic at hand directly to me instead of to the whole list. My take is: 
if it's not on-topic enough for the list, it's not on-topic enough for 
me either. Not that it bothers me *that* much; I just ignore those. It's 
very well possible that's just me, and that other people have different 
expectations.


+1

The "public" part is not to embarrass posters, but recognition that 
there are likely other people 'out there' (or arriving in-future if they 
care to read the archives) experiencing a similar problem. (hence need 
for descriptive Subject lines - isn't the most difficult task in 
programming 'choosing names'?)


Yes, like @Avi, I have been known to contact folk directly. However, 
such for personal purposes - as distinct from the list, and possibly 
subjects OT for the list.


When contacted by others off-list, I play it by ear - ignore, personal, 
or post response on-list. (some lists/email-clients do seem to prefer 
personal replies, even when incoming message is from a list - so easy 
accident.)


The Delete-key is your friend!

--
Regards,
=dn
--
https://mail.python.org/mailman/listinfo/python-list

RE: Anonymous email users

[AVI GROSS via Python-list]

It seems clear we have people on mailing lists that see it as a purely
public forum, and that is fine for them.

I have found plenty of times I choose not to continue in public and waste
time for people as in this reply on a topic I raised and now will move away
from.

I have in the past, for example, offered to help people and participate in
aspects of their project that do not need to be viewed here, such as helping
them find out how to adjust their graphical output to better fit their
needs. Or, if someone mentions me negatively, I prefer not always replying
in public to perhaps see if I misunderstood something or was misunderstood. 

I have lots of people I "met" in places like this that I keep in touch with
privately and see that as a plus. For those who just want a business-like
experience, no problem. For those who choose levels of anonymity or don't
like being contacted, again, fine for them.

The reality is that I have found people who show up in forums looking almost
legit but actually are not at all who they appear or claim to be even when
they have valid email addresses like mrsp...@gmail.com or even use names of
real people you can search for on the internet but who are not actually the
ones they may even claim.

My message was not to say what people could not do, but to point out they
may be missing out on what some see as collateral opportunities. The people
I have helped privately would not have received it had they only
participated through the group and I would not have received some chances to
learn if I could not ask questions in private that clearly did not fit the
purpose of the group.

So, I am outa this conversation IN PUBLIC. LOL!

-Original Message-
From: Python-list  On
Behalf Of Grant Edwards via Python-list
Sent: Monday, June 17, 2024 5:08 PM
To: python-list@python.org
Subject: Re: Anonymous email users

On 2024-06-17, Roel Schroeven via Python-list 
wrote:

> FWIW, personally I (mostly) don't see the point of replying to people 
> personally. To me a public mailing list is much like any public forum, 
> where my expectation is that conversations happen in public. To me it 
> always feels weird when I get a personal reply when I make a public post 
> in a mailing list. I mostly ignore those, unless there's really 
> something in it that's best kept out of the public.

My sentiments exactly. I generally don't even read replies that get
mailed to me. They almost always seem to be copies of replies that
were also posted to the mailing list (which I read using an NNTP
client pointed at news.gmane.io).

--
Grant
-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Grant Edwards via Python-list]

On 2024-06-17, Roel Schroeven via Python-list  wrote:

> FWIW, personally I (mostly) don't see the point of replying to people 
> personally. To me a public mailing list is much like any public forum, 
> where my expectation is that conversations happen in public. To me it 
> always feels weird when I get a personal reply when I make a public post 
> in a mailing list. I mostly ignore those, unless there's really 
> something in it that's best kept out of the public.

My sentiments exactly. I generally don't even read replies that get
mailed to me. They almost always seem to be copies of replies that
were also posted to the mailing list (which I read using an NNTP
client pointed at news.gmane.io).

--
Grant
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Roel Schroeven via Python-list]

AVI GROSS via Python-list schreef op 17/06/2024 om 17:03:

I simply am thinking that people who do not allow me to easily reply to them
directly, should be ignored by me and not get my cooperation that way.
FWIW, personally I (mostly) don't see the point of replying to people 
personally. To me a public mailing list is much like any public forum, 
where my expectation is that conversations happen in public. To me it 
always feels weird when I get a personal reply when I make a public post 
in a mailing list. I mostly ignore those, unless there's really 
something in it that's best kept out of the public. Sometimes people 
write long mails with wandering thoughts only loosely related to the 
topic at hand directly to me instead of to the whole list. My take is: 
if it's not on-topic enough for the list, it's not on-topic enough for 
me either. Not that it bothers me *that* much; I just ignore those. It's 
very well possible that's just me, and that other people have different 
expectations.


But I don't go hiding my email address, that's a whole different kettle.

--
"Let everything happen to you
Beauty and terror
Just keep going
No feeling is final"
-- Rainer Maria Rilke

--
https://mail.python.org/mailman/listinfo/python-list

RE: Anonymous email users

[AVI GROSS via Python-list]

Thanks, Marco, for explaining.

I, personally, have no interest in finding out who people are in this case.
I simply am thinking that people who do not allow me to easily reply to them
directly, should be ignored by me and not get my cooperation that way.

I do understand reasons people use fake ID but note others have put their
email address in their signature, perhaps slightly disguised as in:

Myname=ereweon.com

Or 

myn...@unspecified.tb s/unspecified.tb/yahoo.com/

It may be the gateway or other records can find them if they are nasty, but
for now, it is just an observation that it seems the discussions with people
in the email list are more useful to me.

-Original Message-
From: Python-list  On
Behalf Of Marco Moock via Python-list
Sent: Saturday, June 15, 2024 2:03 AM
To: python-list@python.org
Subject: Re: Anonymous email users

On 15.06.2024 um 10:30 Uhr dn wrote:

> These mailing-lists all run under the Python Code of Conduct.
> 
> This also effects a conundrum. Firstly, that someone abusing others
> (for example) shall be held responsible. Secondly, that in order to
> hold someone responsible, he/she/... must be identifiable.

The mailing list has a Usenet gateway

Those users use the Usenet to post.
Check the Injection-Info header for the address of the news server
operator. He can identify the account that posted it.

-- 
kind regards
Marco

Send spam to 1718440236mu...@cartoonies.org

-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Marco Moock via Python-list]

On 15.06.2024 um 10:30 Uhr dn wrote:

> These mailing-lists all run under the Python Code of Conduct.
> 
> This also effects a conundrum. Firstly, that someone abusing others
> (for example) shall be held responsible. Secondly, that in order to
> hold someone responsible, he/she/... must be identifiable.

The mailing list has a Usenet gateway

Those users use the Usenet to post.
Check the Injection-Info header for the address of the news server
operator. He can identify the account that posted it.

-- 
kind regards
Marco

Send spam to 1718440236mu...@cartoonies.org

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Cameron Simpson via Python-list]

On 14Jun2024 18:00, avi.e.gr...@gmail.com  wrote:

I notice that in some recent discussions, we have users who cannot be
replied to directly as their email addresses are not valid ones, and I
believe on purpose. Examples in the thread I was going to reply to are:

<mailto:henha...@devnull.tb> henha...@devnull.tb

[...]
I know some here suggest that we only reply to the wider community and 
they

have a point. But I think there is a role for having some conversations
offline and especially when they are not likely to be wanted, or even
tolerated, by many in the community.

Using such fake or invalid emails makes it hard to answer the person
directly or perhaps politely ask them for more info on their request or
discuss unrelated common interests. Worse, when I reply, unless I use
reply-all, my mailer sends to them futilely. When I do the reply-all, I have
to edit out their name or get a rejection.


I often reply-all (meaning to the list and to the author). And edit the 
headers (frankly, often just to discard anything @gmail.com which has 
very stupid spam poolicies).  If I miss an @invalid.com or whatever, 
then whoops.


If I want to reply directly (eg for some kind of feedback rather than a 
list type reply) and they've got a bogus address, well then I don't.  
Supposedly my reply would be of benefit for them or I shouldn't be doing 
it, so their loss. But equally, if they don't want personal off-list 
contact, they've expressed their preference. I should respect that.


Plenty of people have reasons to post anonymously, even to a list like 
this one. Just assume they've got their reasons and move on.

--
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[Chris Angelico via Python-list]

On Sat, 15 Jun 2024 at 08:32, dn via Python-list  wrote:
> These mailing-lists all run under the Python Code of Conduct.
>

The newsgroup, however, is not. Which means that anyone who posts on
the newsgroup is subject to no such restrictions - and that might
explain the, shall we say, quite different signal-to-noise ratio of
newsgroup posters compared to mailing list posters.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Anonymous email users

[dn via Python-list]

On 15/06/24 10:00, AVI GROSS via Python-list wrote:

I notice that in some recent discussions, we have users who cannot be
replied to directly as their email addresses are not valid ones, and I
believe on purpose. Examples in the thread I was going to reply to are:

...

It's an interesting conundrum. There are good reasons and nefarious, for 
such behavior.


Some have questioned my behavior in similar regard - asking why I use 
initials (also used IRL). It is because my first name "David" is/was 
very popular. At a meeting this week there were three of us. Thus, 
"David", "Dave", and "dn" was necessary to distinguish between us.



These mailing-lists all run under the Python Code of Conduct.

This also effects a conundrum. Firstly, that someone abusing others (for 
example) shall be held responsible. Secondly, that in order to hold 
someone responsible, he/she/... must be identifiable.



Personal opinion: if someone is asked a 
question/clarification/sample-code, particularly as a response to their 
own OP, and does not answer; this is at the least rude, and thus 
disrespectful, or at worst grounds for not bothering with them again - 
hardly a 'community' attitude!


--
Regards,
=dn
--
https://mail.python.org/mailman/listinfo/python-list

Anonymous email users

[AVI GROSS via Python-list]

I notice that in some recent discussions, we have users who cannot be
replied to directly as their email addresses are not valid ones, and I
believe on purpose. Examples in the thread I was going to reply to are:
 
 <mailto:henha...@devnull.tb> henha...@devnull.tb
 
 <mailto:no.email@nospam.invalid> no.email@nospam.invalid
 
 <mailto:candycanearter07@candycanearter07.nomail.afraid>
candycanearter07@candycanearter07.nomail.afraid (user  is
generated from /dev/urandom)
 
I know some here suggest that we only reply to the wider community and they
have a point. But I think there is a role for having some conversations
offline and especially when they are not likely to be wanted, or even
tolerated, by many in the community.
 
Using such fake or invalid emails makes it hard to answer the person
directly or perhaps politely ask them for more info on their request or
discuss unrelated common interests. Worse, when I reply, unless I use
reply-all, my mailer sends to them futilely. When I do the reply-all, I have
to edit out their name or get a rejection.
 
I understand some are concerned over getting email of the junk variety by
any who scan members of forums like this. I can see making a throwaway email
address for such purposes that can be replaced when it gets inundated. But
emails that don't work are a bit irksome to me albeit I assume perfectly
legit for many purposes.
 
The thread I posted in recently is an example where I spent a little time,
just for fun, and wrote a fairly short piece of code (almost a one-liner)
that I might have sent to the OP and not bothered others here with. I
suspect few here understand why there was a request to generate a limited
subset of three-digit numbers. I did suggest an outline of a way it could be
done, perhaps a bit wastefully but compactly. But there is no way to share
that with people who choose not to receive private email except to post
something like this here:
 
import re
[i for i in range(999) if re.match("^[1-4]0[1-3]$",str(i))]
 
*   The internet is a wild place and when it is anonymous, even wilder.
 
-- 
https://mail.python.org/mailman/listinfo/python-list

RE: Checking if email is valid

[AVI GROSS via Python-list]

Text messages have taken a nasty turn and especially now that so many people
have unlimited messages per month in their plan. People overuse them to the
point where I opt out of some things like my home town notifications as they
bombard me with other things I am not interested in.

A major offender now is various forms of security which insist on not
letting you into a web site for your bank or other resources unless they
first send you an email or text message or perhaps a voice call with random
digits to use as verification. Try sitting somewhere with your phone muted
as all the beeps get annoying.

There are many reasons for preferences and I know many people find it harder
to reply to texts on their phone than to emails on a PC with a full
keyboard. 

But all of this is not really here or there. We are talking more about user
interface design than about programming, let alone about Python.

What strikes me as a useful direction is for people to suggest what
resources and methods in the Python world are helpful. Examples would be
modules that have been tested and used that do things well such as
validating phone numbers or emails, perhaps flexibly so that if a validation
fails, they prompt the user asking if they are sure it is correct and maybe
offer to let them type it in again for verification. Other ideas as stated
recently are routines that don't just ask for a number but specify the
purpose, and perhaps messages about what circumstances would trigger a use
of the number, such as if fraud is detected, and get you to opt in or
refuse.

Reusable libraries of sorts, or good documentation of examples, would
perhaps help make User Interface design and customer satisfaction better and
show Python as a good way to do some kinds of programs.

In that light, I wonder if it makes sense to NOT insist people give you
their email address at all, and make it optional so they do not need to
provide you with something bogus just to go on.

-Original Message-
From: Python-list  On
Behalf Of D'Arcy Cain via Python-list
Sent: Tuesday, November 7, 2023 11:24 AM
To: python-list@python.org
Subject: Re: Checking if email is valid

On 2023-11-07 08:40, Grant Edwards via Python-list wrote:
> If you, as a web developer, want the user to enter a text-message
> capable phone number, then ASK FOR THAT!

And you may as well ask if they even want you to send texts whether they 
can technically receive them or not.

-- 
D'Arcy J.M. Cain
Vybe Networks Inc.
http://www.VybeNetworks.com/
IM:da...@vex.net VoIP: sip:da...@vybenetworks.com

-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[D'Arcy Cain via Python-list]

On 2023-11-07 08:40, Grant Edwards via Python-list wrote:

If you, as a web developer, want the user to enter a text-message
capable phone number, then ASK FOR THAT!


And you may as well ask if they even want you to send texts whether they 
can technically receive them or not.


--
D'Arcy J.M. Cain
Vybe Networks Inc.
http://www.VybeNetworks.com/
IM:da...@vex.net VoIP: sip:da...@vybenetworks.com

--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Grant Edwards via Python-list]

On 2023-11-06, Greg Ewing via Python-list  wrote:
> On 7/11/23 7:45 am, Mats Wichmann wrote:
>> Continuing with the example, if you have a single phone number field, or 
>> let a mobile number be entered in a field marked for landline, you will 
>> probably assume you can text to that number.
>
> But if the site can detect that you've entered a mobile number into
> the landline field or vice versa and reject it, then it can figure out
> whether it can text to a given numner or not without you having
> to tell it!

Maybe. I'm pretty sure the last time I was in Australia, you could
send/recieve text messages from landalines. And I've had mobile number
that didn't support text messaging.

If you, as a web developer, want the user to enter a text-message
capable phone number, then ASK FOR THAT!


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[rbowman via Python-list]

On Tue, 7 Nov 2023 12:11:18 +1300, Greg Ewing wrote:

> On 6/11/23 6:34 pm, rbowman wrote:
>> We've found even if you directly ask the user often the answer is 'I
>> dunno' or some mythology they have constructed to explain the problem.
> 
> This seems to apply to hardware issues as well. Louis Rossmann has a
> philosophy of "Never believe what the customer tells you."

Truer words... A customer called to report an industrial dielectric heater 
wasn't putting out full power. First question was 'Did you check the 
fuses?' since it was three phase but if you blew one leg it would still 
operate on reduced power. He assured me he had. I went through the rest of 
the common problems with no solution so the next day I flew out to the 
plant. I replaced the 30 amp fuse and all was good. The customer had a 
very expensive lesson in how to check fuses. 

At least with software you don't have to physically appear on site.
-- 
https://mail.python.org/mailman/listinfo/python-list

RE: Checking if email is valid

[AVI GROSS via Python-list]

Just mildly noticing the topics discussed have wandered quite a bit away
from Python, let alone even programming.

Phone numbers are not what they used to be. They tend to be quite portable
and in some ways can be chained so my house phone rings through to my cell
phone but a text will not be forwarded. And, if I do not choose to read my
texts, no amount of sending would enlighten me about your needs. I know
people who get WhatsApp messages but not standard texts, for example.

-Original Message-
From: Python-list  On
Behalf Of Chris Angelico via Python-list
Sent: Monday, November 6, 2023 6:20 PM
To: python-list@python.org
Subject: Re: Checking if email is valid

On Tue, 7 Nov 2023 at 10:11, Greg Ewing via Python-list
 wrote:
>
> On 7/11/23 7:45 am, Mats Wichmann wrote:
> > Continuing with the example, if you have a single phone number field, or
> > let a mobile number be entered in a field marked for landline, you will
> > probably assume you can text to that number.
>
> But if the site can detect that you've entered a mobile number into
> the landline field or vice versa and reject it, then it can figure out
> whether it can text to a given numner or not without you having
> to tell it!
>

Oh yes, it totally can. Never mind that some mobile numbers are able
to accept text messages but not calls, nor that some landline numbers
can accept text messages as well as calls :)

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Tue, 7 Nov 2023 at 10:11, Greg Ewing via Python-list
 wrote:
>
> On 7/11/23 7:45 am, Mats Wichmann wrote:
> > Continuing with the example, if you have a single phone number field, or
> > let a mobile number be entered in a field marked for landline, you will
> > probably assume you can text to that number.
>
> But if the site can detect that you've entered a mobile number into
> the landline field or vice versa and reject it, then it can figure out
> whether it can text to a given numner or not without you having
> to tell it!
>

Oh yes, it totally can. Never mind that some mobile numbers are able
to accept text messages but not calls, nor that some landline numbers
can accept text messages as well as calls :)

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Greg Ewing via Python-list]

On 6/11/23 6:34 pm, rbowman wrote:

We've found even if you directly ask the user often the answer is 'I
dunno' or some mythology they have constructed to explain the problem.


This seems to apply to hardware issues as well. Louis Rossmann has
a philosophy of "Never believe what the customer tells you."

--
Greg
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Greg Ewing via Python-list]

On 7/11/23 7:45 am, Mats Wichmann wrote:
Continuing with the example, if you have a single phone number field, or 
let a mobile number be entered in a field marked for landline, you will 
probably assume you can text to that number.


But if the site can detect that you've entered a mobile number into
the landline field or vice versa and reject it, then it can figure out
whether it can text to a given numner or not without you having
to tell it!

--
Greg
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Tue, 7 Nov 2023 at 07:10, Mats Wichmann via Python-list
 wrote:
> Suggests maybe labeling should be something like:
>
> * Number you want to be called on
> * Number for texted security messages, if different
>
> Never seen that, though :-)
>

My responses would be:

* Don't.
* That's what cryptographic keys are for.

:)

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Mats Wichmann via Python-list]

On 11/6/23 08:23, Jon Ribbens via Python-list wrote:

On 2023-11-06, Mats Wichmann  wrote:

On 11/6/23 01:57, Simon Connah via Python-list wrote:

The thing I truly hate is when you have two telephone number fields.
One for landline and one for mobile. I mean who in hell has a
landline these days?


People who live in places with spotty, or no, mobile coverage. We do
exist.


Catering for people in minority situations is, of course, important.

Catering for people in the majority situation is probably important too.


A good experience would do both, in a comfortable way for either.

Continuing with the example, if you have a single phone number field, or 
let a mobile number be entered in a field marked for landline, you will 
probably assume you can text to that number.  I see this all the time on 
signups that are attempting to provide some sort of 2FA - I enter the 
landline number and the website tries to text a verification code to it 
(rather have an authenticator app for 2FA anyway, but that's a different 
argument)


Suggests maybe labeling should be something like:

* Number you want to be called on
* Number for texted security messages, if different

Never seen that, though :-)


--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Tue, 7 Nov 2023 at 02:05, Jon Ribbens via Python-list
 wrote:
> That was another thing that I used to find ridiculous, but seems to have
> improved somewhat in recent years - website error pages that said "please
> contact us to let us know about this error". I'm sorry, what? You want
> me to contact you to tell you about what your own website is doing? How
> does that make any sense? Websites should be self-reporting problems.

Actually, I think those serve a very important purpose. The reports
are almost certainly being discarded unread; the value of such a
reporting system is to give the user the sensation that they've "done
something" to "help". It makes some people feel better about running
into a bug.

But you're right, they serve little purpose in solving web site problems.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[MRAB via Python-list]

On 2023-11-06 08:57, Simon Connah via Python-list wrote:



I can see how the truley dim-witted might forget that other countries
have phone numbers with differing lengths and formatting/punctuation,
but there are tons of sites where it takes multiple tries when
entering even a bog-standard USA 10-0digit phone nubmer because they
are completely flummuxed by an area code in parens or hyphens in the
usual places (or lack of hyhpens in the usual places). This stuff
isn't that hard, people...


The thing I truly hate is when you have two telephone number fields. One for 
landline and one for mobile. I mean who in hell has a landline these days? And 
not accepting your mobile number in the landline number field is just when I 
give up. Or having a landline only field that does not accept mobile phones.


I have a landline. It's also how I access the internet.
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Jon Ribbens via Python-list]

On 2023-11-06, Mats Wichmann  wrote:
> On 11/6/23 01:57, Simon Connah via Python-list wrote:
>> The thing I truly hate is when you have two telephone number fields.
>> One for landline and one for mobile. I mean who in hell has a
>> landline these days? 
>
> People who live in places with spotty, or no, mobile coverage. We do
> exist.

Catering for people in minority situations is, of course, important.

Catering for people in the majority situation is probably important too.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Jon Ribbens via Python-list]

On 2023-11-06, D'Arcy Cain  wrote:
> On 2023-11-05 06:48, Jon Ribbens via Python-list wrote:
>> Sometimes I think that these sorts of stupid, wrong, validation are the
>> fault of idiot managers. When it's apostrophes though I'm suspicious
>> that it may be idiot programmers who don't know how to prevent SQL
>> injection attacks without just saying "ban all apostrophes everywhere".
>> Or perhaps it's idiot "security consultancies" who make it a tick-box
>> requirement.
>
> https://xkcd.com/327/

Indeed. My point is that the correct way to solve this problem is not
to declare vast swathes of valid inputs verboten, but to *not execute
user input as code*. Controversial, I know.

>>> OK, now that I am started, what else?  Oh yah.  Look at your credit
>>> card.  The number has spaces in it.  Why do I have to remove them.  If
>>> you don't like them then you are a computer, just remove them.
>> 
>> Yes, this is also very stupid and annoying. Does nobody who works for
>> the companies making these sorts of websites ever use their own, or
>> indeed anyone else's, website?
>
> Gotta wonder for sure.  It could also be the case of programmers 
> depending on user input but the users insist on living with the bugs 
> and/or working around them.  We made crash reporting dead simple to 
> report on and still users didn't bother.  We would get the traceback and 
> have to guess what the user was doing.

That was another thing that I used to find ridiculous, but seems to have
improved somewhat in recent years - website error pages that said "please
contact us to let us know about this error". I'm sorry, what? You want
me to contact you to tell you about what your own website is doing? How
does that make any sense? Websites should be self-reporting problems.

(Not least because, as you say, people are absolutely terrible at
reporting problems, with almost all bug reports reading effectively as
"I was doing something that I'm not going to tell you and I as expecting
something to happen which I'm not going to tell you, but instead
something else happened, which I'm also not going to tell you".)
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Mats Wichmann via Python-list]

On 11/6/23 01:57, Simon Connah via Python-list wrote:

The thing I truly hate is when you have two telephone number fields. One for landline and one for mobile. I mean who in hell has a landline these days? 


People who live in places with spotty, or no, mobile coverage. We do exist.
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[rbowman via Python-list]

On Sun, 5 Nov 2023 19:22:49 -0600, D'Arcy Cain wrote:

> Gotta wonder for sure.  It could also be the case of programmers
> depending on user input but the users insist on living with the bugs
> and/or working around them.  We made crash reporting dead simple to
> report on and still users didn't bother.  We would get the traceback and
> have to guess what the user was doing.

We've found even if you directly ask the user often the answer is 'I 
dunno' or some mythology they have constructed to explain the problem. We 
had one site that reported if they hit the Enter key hard the query would 
work. It was a rather simple bug where the query would be randomly sent to 
the wrong interface.

There is quite a bit of literature in psychology about intermittent 
reinforcement and the behavioral strategies that are developed. Works for 
rats, works for humans. 
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> I can see how the truley dim-witted might forget that other countries
> have phone numbers with differing lengths and formatting/punctuation,
> but there are tons of sites where it takes multiple tries when
> entering even a bog-standard USA 10-0digit phone nubmer because they
> are completely flummuxed by an area code in parens or hyphens in the
> usual places (or lack of hyhpens in the usual places). This stuff
> isn't that hard, people...

The thing I truly hate is when you have two telephone number fields. One for 
landline and one for mobile. I mean who in hell has a landline these days? And 
not accepting your mobile number in the landline number field is just when I 
give up. Or having a landline only field that does not accept mobile phones.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[D'Arcy Cain via Python-list]

On 2023-11-05 06:48, Jon Ribbens via Python-list wrote:

Sometimes I think that these sorts of stupid, wrong, validation are the
fault of idiot managers. When it's apostrophes though I'm suspicious
that it may be idiot programmers who don't know how to prevent SQL
injection attacks without just saying "ban all apostrophes everywhere".
Or perhaps it's idiot "security consultancies" who make it a tick-box
requirement.


https://xkcd.com/327/


OK, now that I am started, what else?  Oh yah.  Look at your credit
card.  The number has spaces in it.  Why do I have to remove them.  If
you don't like them then you are a computer, just remove them.


Yes, this is also very stupid and annoying. Does nobody who works for
the companies making these sorts of websites ever use their own, or
indeed anyone else's, website?


Gotta wonder for sure.  It could also be the case of programmers 
depending on user input but the users insist on living with the bugs 
and/or working around them.  We made crash reporting dead simple to 
report on and still users didn't bother.  We would get the traceback and 
have to guess what the user was doing.



Honestly I don't understand why every web application platform doesn't
automatically strip all leading and trailing whitespace on user input
by default. It's surely incredibly rare that it's sensible to preserve
it. (I see Django eventually got around to this in version 1.9.)


Yes, I have done that forever.  Never had a complaint about it dropping 
characters.


--
D'Arcy J.M. Cain
Vybe Networks Inc.
http://www.VybeNetworks.com/
IM:da...@vex.net VoIP: sip:da...@vybenetworks.com

--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Jon Ribbens via Python-list]

On 2023-11-05, Grant Edwards  wrote:
> On 2023-11-05, D'Arcy Cain via Python-list  wrote:
>> On 2023-11-05 00:39, Grant Edwards via Python-list wrote:
>>> Definitely. Syntactic e-mail address "validation" is one of the most
>>> useless and widely broken things on the Interwebs.  People who do
>>> anything other than require an '@' (and optionally make you enter the
>>> same @-containing string twice) are deluding themselves.
>>
>> And don't get me started on phone number validation.
>
> I can see how the truley dim-witted might forget that other countries
> have phone numbers with differing lengths and formatting/punctuation,
> but there are tons of sites where it takes multiple tries when
> entering even a bog-standard USA 10-0digit phone nubmer because they
> are completely flummuxed by an area code in parens or hyphens in the
> usual places (or lack of hyhpens in the usual places). This stuff
> isn't that hard, people...

Indeed - you just do "pip install phonenumbers" :-)
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Mats Wichmann via Python-list]

On 11/5/23 10:34, Grant Edwards via Python-list wrote:


Indeed. There is a tiny but brightly burning kernel of hate in my
heart for web sites (and their developers) that refuse to accept
credit card numbers entered with spaces _as_they_are_shown_on_the_card_!

I've concluded that using PHP causes debilitating and irreversible
brain damage.


I think it's the attitude that speed of deployment is more important 
than any other factor, rather than just PHP :-)  Plus a bunch of that 
stuff is also coded in the front end (aka Javascript).


Phone numbers.
Credit card numbers.
Names (in my case - my wife has a hypenated surname which is almost as 
deadly as non-alpha characters in a name which was already mentioned in 
this diverging thread)


and addresses.  living rurally we have two addresses: a post office 
rural route box for USPS and a "street address" for anyone else.  The 
former looks like "{locationID} Box {number}".  The single word "Box" 
often triggers "we don't deliver to P.O. Boxes" - it's not a PO Box, and 
it's the only address USPS will deliver to, so get over yourself.  Or 
triggers fraud detection alerts, because "billing address" != "shipping 
address".


it's astonishing how bad so many websites are at what should be a 
fundamental function: taking in user-supplied data in order to do 
something valuable with it.



--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Jon Ribbens via Python-list]

On 2023-11-05, D'Arcy Cain  wrote:
> On 2023-11-05 00:39, Grant Edwards via Python-list wrote:
>> Definitely. Syntactic e-mail address "validation" is one of the most
>> useless and widely broken things on the Interwebs.  People who do
>> anything other than require an '@' (and optionally make you enter the
>> same @-containing string twice) are deluding themselves.
>
> And don't get me started on phone number validation.  The most annoying 
> thing to me, though, is sites that reject names that have an apostrophe 
> in them.  I hate being told that my name, that I have been using for 
> over seventy years, is invalid.

Sometimes I think that these sorts of stupid, wrong, validation are the
fault of idiot managers. When it's apostrophes though I'm suspicious
that it may be idiot programmers who don't know how to prevent SQL
injection attacks without just saying "ban all apostrophes everywhere".
Or perhaps it's idiot "security consultancies" who make it a tick-box
requirement.

> OK, now that I am started, what else?  Oh yah.  Look at your credit 
> card.  The number has spaces in it.  Why do I have to remove them.  If 
> you don't like them then you are a computer, just remove them.

Yes, this is also very stupid and annoying. Does nobody who works for
the companies making these sorts of websites ever use their own, or
indeed anyone else's, website?

Another one that's become popular recently is the sort of annoying
website that insists on "email 2FA", i.e. you try to login and then
they send you an email with a 6-digit code in that you have to enter
to authenticate yourself. So you go to your mail client and double-click
on the number to select it, and stupid thing (A) happens: for no sane
reason, the computer selects the digits *and also an invisible space
after them*. Then you copy the digits into the web form, then invisible
space tags along for the ride, and stupid thing (B) happens: the web
server rejects the code because of the trailing space.

Honestly I don't understand why every web application platform doesn't
automatically strip all leading and trailing whitespace on user input
by default. It's surely incredibly rare that it's sensible to preserve
it. (I see Django eventually got around to this in version 1.9.)
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Grant Edwards via Python-list]

On 2023-11-05, D'Arcy Cain via Python-list  wrote:
> On 2023-11-05 00:39, Grant Edwards via Python-list wrote:
>> Definitely. Syntactic e-mail address "validation" is one of the most
>> useless and widely broken things on the Interwebs.  People who do
>> anything other than require an '@' (and optionally make you enter the
>> same @-containing string twice) are deluding themselves.
>
> And don't get me started on phone number validation.

I can see how the truley dim-witted might forget that other countries
have phone numbers with differing lengths and formatting/punctuation,
but there are tons of sites where it takes multiple tries when
entering even a bog-standard USA 10-0digit phone nubmer because they
are completely flummuxed by an area code in parens or hyphens in the
usual places (or lack of hyhpens in the usual places). This stuff
isn't that hard, people...

> The most annoying thing to me, though, is sites that reject names
> that have an apostrophe in them.  I hate being told that my name,
> that I have been using for over seventy years, is invalid.
>
> OK, now that I am started, what else?  Oh yah.  Look at your credit 
> card.  The number has spaces in it.  Why do I have to remove them.  If 
> you don't like them then you are a computer, just remove them.

Indeed. There is a tiny but brightly burning kernel of hate in my
heart for web sites (and their developers) that refuse to accept
credit card numbers entered with spaces _as_they_are_shown_on_the_card_!

I've concluded that using PHP causes debilitating and irreversible
brain damage.

> When do we stop working for computers and have the computers start 
> working for us?

--
Grant

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[gene heskett via Python-list]

On 11/5/23 05:32, D'Arcy Cain via Python-list wrote:

On 2023-11-05 00:39, Grant Edwards via Python-list wrote:

Definitely. Syntactic e-mail address "validation" is one of the most
useless and widely broken things on the Interwebs.  People who do
anything other than require an '@' (and optionally make you enter the
same @-containing string twice) are deluding themselves.


And don't get me started on phone number validation.  The most annoying 
thing to me, though, is sites that reject names that have an apostrophe 
in them.  I hate being told that my name, that I have been using for 
over seventy years, is invalid.


OK, now that I am started, what else?  Oh yah.  Look at your credit 
card.  The number has spaces in it.  Why do I have to remove them.  If 
you don't like them then you are a computer, just remove them.


When do we stop working for computers and have the computers start 
working for us?


If this is being voted on, pretend you are in Georgia, vote often and 
early. Best question of the century.


Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis

--
https://mail.python.org/mailman/listinfo/python-list

RE: Checking if email is valid

[AVI GROSS via Python-list]

Grant (and others),

I am asking about the overall programming process of dealing with email
addresses beyond checking the string for some validity.

You mentioned requiring you type in your email twice as one example. I
generally do a copy/paste to avoid typing or have my browser fill it in.
Rarely the code is set to force me to actually type it in. And I note sites
that force me to do too much typing of any kind or make me jump through
hoops like having to get an email or text with a secondary number to type in
or make me look at pictures and find the right ones and so on, encourage me
to not use them much. There is a price for taking away convenience even if
you see it as some form of security. Yes, there are tradeoffs.

It really may be important to know what you want from your email addresses.
If I sign YOU up for something like the Word of the day in a dozen languages
by supplying your valid email address, then checking if it looks valid is
less useful than sending an email to that address and asking the recipient
to opt-in and verify they legitimately want it. If you want to ensure that
your newsletter is still wanted, you may do something similar every year or
so to everyone, or perhaps just those that have not had activity. If a
mailbox starts rejecting messages, perhaps you send messages to their
secondary contact info or just remove them.

There are many such strategies and some may be way harder to implement than
a simple and perhaps simplistic syntax check.

I do wonder how much it sometimes matters when we see real-world scenarios
where people who died a decade ago remain on voter registration rolls. If my
mailing list has a few hundred bad emails on it, the costs of sending may be
small albeit dealing with rejection messages may clog my logs.

As for fake email addresses, there are many ways to play that game that are
unlikely to be caught. Will they realize there is nobody at
erew...@gmail.com? If you want to know if someone is going to sell your
hello.th...@gmail.com address could you supply hell.othe...@gmail.com and
then monitor mail that you will still receive as it seems google ignores
periods in your email name? And, since others generally see the above as
distinct, you can even use such a method to sign up for something multiple
times.

Complexity leaves room for loopholes.

Still, obviously there are good reasons to do what you can to do some
validation at many points along the way and especially when it may be
critical. Asking someone to type in a new password twice when they cannot
easily see what they are typing, is obviously useful as the consequence of
losing it is high. Are getting the email addresses right as important?

I know my wife registered a fairly common name of the jane@gmail.com
variety that is now useless as it keeps receiving messages someone provided
or typed in wrong that were supposed to go to janedoe@ or doe.jane@ or
janedoe123@ or j.doe@ and so on. These include receipts, subscriptions to
newsletters and much more.  Some are inadvertent but the reality is she
stopped using that email as it is now mostly full of SPAM as the others ...








-Original Message-
From: Python-list  On
Behalf Of Grant Edwards via Python-list
Sent: Sunday, November 5, 2023 12:39 AM
To: python-list@python.org
Subject: Re: Checking if email is valid

On 2023-11-04, Michael Torrie via Python-list 
wrote:
> On 11/4/23 02:51, Simon Connah via Python-list wrote:
>
>> Wow. I'm half tempted to make a weird email address to see how many
>> websites get it wrong.

In my experience, they don't have to be very weird at all.

>> Thank you for the link.
>
> Nearly all websites seem to reject simple correct email addresses
> such as myemail+sometext@example.domain.  I like to use this kind of
> email address when I can to help me filter out the inevitable spam
> that comes from companies selling off my address even after claiming
> they won't.

I've always suspected that's intentional. They refuse those sorts of
e-mail addresses because they know that's what they are used for. If
they allowed "plus suffixed" e-mail addresses, then all the crap they
want to send to you would go into /dev/null where it belongs -- and we
can't have that!

> So I suspect that nearly all websites are going to reject other
> kinds of weird email addresses you can create that are actually
> correct.

Definitely. Syntactic e-mail address "validation" is one of the most
useless and widely broken things on the Interwebs.  People who do
anything other than require an '@' (and optionally make you enter the
same @-containing string twice) are deluding themselves.

--
Grant
-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[D'Arcy Cain via Python-list]

On 2023-11-05 00:39, Grant Edwards via Python-list wrote:

Definitely. Syntactic e-mail address "validation" is one of the most
useless and widely broken things on the Interwebs.  People who do
anything other than require an '@' (and optionally make you enter the
same @-containing string twice) are deluding themselves.


And don't get me started on phone number validation.  The most annoying 
thing to me, though, is sites that reject names that have an apostrophe 
in them.  I hate being told that my name, that I have been using for 
over seventy years, is invalid.


OK, now that I am started, what else?  Oh yah.  Look at your credit 
card.  The number has spaces in it.  Why do I have to remove them.  If 
you don't like them then you are a computer, just remove them.


When do we stop working for computers and have the computers start 
working for us?


--
D'Arcy J.M. Cain
Vybe Networks Inc.
http://www.VybeNetworks.com/
IM:da...@vex.net VoIP: sip:da...@vybenetworks.com

--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Grant Edwards via Python-list]

On 2023-11-04, Michael Torrie via Python-list  wrote:
> On 11/4/23 02:51, Simon Connah via Python-list wrote:
>
>> Wow. I'm half tempted to make a weird email address to see how many
>> websites get it wrong.

In my experience, they don't have to be very weird at all.

>> Thank you for the link.
>
> Nearly all websites seem to reject simple correct email addresses
> such as myemail+sometext@example.domain.  I like to use this kind of
> email address when I can to help me filter out the inevitable spam
> that comes from companies selling off my address even after claiming
> they won't.

I've always suspected that's intentional. They refuse those sorts of
e-mail addresses because they know that's what they are used for. If
they allowed "plus suffixed" e-mail addresses, then all the crap they
want to send to you would go into /dev/null where it belongs -- and we
can't have that!

> So I suspect that nearly all websites are going to reject other
> kinds of weird email addresses you can create that are actually
> correct.

Definitely. Syntactic e-mail address "validation" is one of the most
useless and widely broken things on the Interwebs.  People who do
anything other than require an '@' (and optionally make you enter the
same @-containing string twice) are deluding themselves.

--
Grant
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Michael Torrie via Python-list]

On 11/4/23 02:51, Simon Connah via Python-list wrote:
> Wow. I'm half tempted to make a weird email address to see how many websites 
> get it wrong.
> 
> Thank you for the link.

Nearly all websites seem to reject simple correct email addresses such
as myemail+sometext@example.domain.  I like to use this kind of email
address when I can to help me filter out the inevitable spam that comes
from companies selling off my address even after claiming they won't.

So I suspect that nearly all websites are going to reject other kinds of
weird email addresses you can create that are actually correct.

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> 

> 

> On 2023-11-02, Simon Connah simon.n.con...@protonmail.com wrote:
> 

> > Valid as in conforms to the standard. Although having looked at the
> > standard that might be more difficult than originally planned.
> 

> 

> Yes. Almost nobody actually implements "the standard" as in RFC 2822
> section 3.4.1 (which can contain, for example, non-printable control
> characters, and comments), nor is it particularly clear that they
> should. So while checking against "the spec" might sound right, it's
> highly unlikely that it's what you actually want. Would you really
> want to allow:
> 

> (jam today) "chris @ \"home\""@ (Chris's host.)public.example
> 

> for example? And would you be able to do anything with it if you did?

As I said in another post it would be interesting to see what broke when you 
tried to use an esoteric email address in the wild. Maybe when I'm bored :D.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> 

> On 11/3/2023 6:51 AM, Jon Ribbens via Python-list wrote:
> 

> > On 2023-11-03, Chris Angelico ros...@gmail.com wrote:
> > 

> > > On Fri, 3 Nov 2023 at 12:21, AVI GROSS via Python-list
> > > python-list@python.org wrote:
> > > 

> > > > My guess is that a first test of an email address might be to see if
> > > > a decent module of that kind fills out the object to your
> > > > satisfaction. You can then perhaps test parts of the object, rather
> > > > than everything at once, to see if it is obviously invalid. As an
> > > > example, what does u...@alpha...com with what seems to be lots of
> > > > meaningless periods, get parsed into?
> > > 

> > > What do you mean by "obviously invalid"? Have you read the RFC?
> > 

> > What do you mean by 'What do you mean by "obviously invalid"?'
> > Have you read the RFC?
> 

> 

> About reading the RFC, there's this ... but read the comments too ...
> 

> https://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx/
> 

> 


Wow. I'm half tempted to make a weird email address to see how many websites 
get it wrong.

Thank you for the link.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Thomas Passin via Python-list]

On 11/3/2023 6:51 AM, Jon Ribbens via Python-list wrote:

On 2023-11-03, Chris Angelico  wrote:

On Fri, 3 Nov 2023 at 12:21, AVI GROSS via Python-list
 wrote:

My guess is that a first test of an email address might be to see if
a decent module of that kind fills out the object to your
satisfaction. You can then perhaps test parts of the object, rather
than everything at once, to see if it is obviously invalid. As an
example, what does u...@alpha...com with what seems to be lots of
meaningless periods, get parsed into?


What do you mean by "obviously invalid"? Have you read the RFC?


What do you mean by 'What do you mean by "obviously invalid"?'
Have you read the RFC?


About reading the RFC, there's this ... but read the comments too ...

https://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx/


--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> 

> 

> On 11/2/23 00:42, Simon Connah via Python-list wrote:
> 

> > Basically I'm writing unit tests and one of them passess in a string
> > with an invalid email address. I need to be able to check the string
> > to see if it is a valid email so that the unit test passess.
> 

> 

> If you truly have managed to code an RFC-compliant verifier, I commend you.

Sorry I wasn't clear. I haven't written anything of the sort but I was looking 
to see if there was a third party option but from feedback in this thread it 
appears that way is considered a bad option.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Grant Edwards via Python-list]

On 2023-11-02, Michael Torrie via Python-list  wrote:
> On 11/2/23 00:42, Simon Connah via Python-list wrote:
>
>> Valid as in conforms to the standard. Although having looked at the
>> standard that might be more difficult than originally planned.
>
> You'll have to read the relevant RFCs.  Lots of corner cases!  From what
> I can see virtually no one on the internet gets it right, judging by the
> number of times I have valid email addresses flagged as not valid by
> poor algorithms.

I've wondered if there are addresses that violate the RFC (and would
therefore be "correctly" rejected), but but in practice will work just
fine.  I've never spent enough time looking at the RFC to even propose
test cases for that...

--
Grant
-- 
https://mail.python.org/mailman/listinfo/python-list

RE: Checking if email is valid

[AVI GROSS via Python-list]

Chris,

I don't mean anything specific in the abstract approach I outlined as a
possible alternative to using one complex regular expression.

My suggestion was that some of the work could be done by the module you used
and THEN you may test various parts of the rest. For example, perhaps
another module lets you test if the domain name is registered. I have not
read the RFC and have not worked on email applications in decades and am not
offering specific advice. I am merely suggesting the possible use of
existing software modules that may provide a better approach in weeding out
SOME bad addresses.

-Original Message-
From: Python-list  On
Behalf Of Chris Angelico via Python-list
Sent: Friday, November 3, 2023 1:43 AM
To: python-list@python.org
Subject: Re: Checking if email is valid

On Fri, 3 Nov 2023 at 12:21, AVI GROSS via Python-list
 wrote:
> My guess is that a first test of an email address might be to see if a
decent module of that kind fills out the object to your satisfaction. You
can then perhaps test parts of the object, rather than everything at once,
to see if it is obviously invalid. As an example, what does
u...@alpha...com with what seems to be lots of meaningless periods, get
parsed into?
>

What do you mean by "obviously invalid"? Have you read the RFC?

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Jon Ribbens via Python-list]

On 2023-11-03, Chris Angelico  wrote:
> On Fri, 3 Nov 2023 at 12:21, AVI GROSS via Python-list
> wrote:
>> My guess is that a first test of an email address might be to see if
>> a decent module of that kind fills out the object to your
>> satisfaction. You can then perhaps test parts of the object, rather
>> than everything at once, to see if it is obviously invalid. As an
>> example, what does u...@alpha...com with what seems to be lots of
>> meaningless periods, get parsed into?
>
> What do you mean by "obviously invalid"? Have you read the RFC?

What do you mean by 'What do you mean by "obviously invalid"?'
Have you read the RFC?
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Fri, 3 Nov 2023 at 12:21, AVI GROSS via Python-list
 wrote:
> My guess is that a first test of an email address might be to see if a decent 
> module of that kind fills out the object to your satisfaction. You can then 
> perhaps test parts of the object, rather than everything at once, to see if 
> it is obviously invalid. As an example, what does u...@alpha...com with 
> what seems to be lots of meaningless periods, get parsed into?
>

What do you mean by "obviously invalid"? Have you read the RFC?

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

RE: Checking if email is valid

[AVI GROSS via Python-list]

I have never had a need to check email but in my reading over the years, I am 
aware of modules of multiple kinds you can use to do things like parsing dates, 
URL and email addresses and probably many other such things into some kind of 
object and then you can use aspects of the object to do interesting things and 
perhaps change some and then ask for the object to be placed back into some 
other format such as text.

My guess is that a first test of an email address might be to see if a decent 
module of that kind fills out the object to your satisfaction. You can then 
perhaps test parts of the object, rather than everything at once, to see if it 
is obviously invalid. As an example, what does u...@alpha...com with what 
seems to be lots of meaningless periods, get parsed into?

This may be another approach that reuses what may be well-designed and tested 
shared software.  I wonder if there are also such modules that do quite a bit 
of what is asked which is to reject a large class of badly formed addresses. 
You could, of course, take what survives and run additional screens.

In the end, this is a bit like junkmail where some light-AI algorithms go over 
a corpus of messages that humans have curated as junk or not junk and make some 
statistical decisions that are nonetheless often wrong. In that case, many 
humans nastily declare thinks as SPAM just because they do not want to get such 
messages. If you blasted out email alerts every time a child seems to have been 
kidnapped to everyone in the nation, how long before many such messages would 
become designated as SPAM?

So is there any work where people have taken a decent collection of email 
addresses used in the past that turned out to be syntactically valid or not, 
and trained an algorithm to recognize most of them properly? That trained 
algorithm could be shared and incorporated into your programs either as the 
only method, or one you use in special cases.

-Original Message-
From: Python-list  On 
Behalf Of Mike Dewhirst via Python-list
Sent: Thursday, November 2, 2023 6:31 PM
To: python-list@python.org
Subject: Re: Checking if email is valid

If i wanted an email verifier I would look at open source frameworks and see 
how they do it. Django comes to mind.--(Unsigned mail from my phone)
 Original message From: Michael Torrie via Python-list 
 Date: 3/11/23  07:23  (GMT+10:00) To: 
python-list@python.org Subject: Re: Checking if email is valid On 11/2/23 
00:42, Simon Connah via Python-list wrote:> Basically I'm writing unit tests 
and one of them passess in a string > with an invalid email address. I need to 
be able to check the string > to see if it is a valid email so that the unit 
test passess.If you truly have managed to code an RFC-compliant verifier, I 
commend you.> Valid as in conforms to the standard. Although having looked at 
the> standard that might be more difficult than originally planned.You'll have 
to read the relevant RFCs.  Lots of corner cases!  From whatI can see virtually 
no one on the internet gets it right, judging by thenumber of times I have 
valid email addresses flagged as not valid bypoor algorithms.-- 
https://mail.python.org/mailman/listinfo/python-list
-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Fri, 3 Nov 2023 at 07:17, Jon Ribbens via Python-list
 wrote:
>
> On 2023-11-02, Simon Connah  wrote:
> > Valid as in conforms to the standard. Although having looked at the
> > standard that might be more difficult than originally planned.
>
> Yes. Almost nobody actually implements "the standard" as in RFC 2822
> section 3.4.1 (which can contain, for example, non-printable control
> characters, and comments), nor is it particularly clear that they
> should. So while checking against "the spec" might sound right, it's
> highly unlikely that it's what you actually want. Would you really
> want to allow:
>
> (jam today) "chris @ \"home\""@ (Chris's host.)public.example
>
> for example? And would you be able to do anything with it if you did?

If by checking against the spec you mean "sending an email to it with
a code or magic link", then sure, allow that! It's still short
enough to fit on one line, even. Seems fine to me.

Of course, since that one is in the .example TLD, it's not actually
going to succeed, but now I'm curious whether you could craft a mail
server that mandates the Queen's rule of "jam tomorrow, jam yesterday,
but never jam today". That part is technically a comment, but it's a
clear violation of a royal decree, so that should cause the email to
bounce. It's jam every OTHER day, and today isn't any OTHER day.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Mike Dewhirst via Python-list]

If i wanted an email verifier I would look at open source frameworks and see 
how they do it. Django comes to mind.--(Unsigned mail from my phone)
 Original message From: Michael Torrie via Python-list 
 Date: 3/11/23  07:23  (GMT+10:00) To: 
python-list@python.org Subject: Re: Checking if email is valid On 11/2/23 
00:42, Simon Connah via Python-list wrote:> Basically I'm writing unit tests 
and one of them passess in a string > with an invalid email address. I need to 
be able to check the string > to see if it is a valid email so that the unit 
test passess.If you truly have managed to code an RFC-compliant verifier, I 
commend you.> Valid as in conforms to the standard. Although having looked at 
the> standard that might be more difficult than originally planned.You'll have 
to read the relevant RFCs.  Lots of corner cases!  From whatI can see virtually 
no one on the internet gets it right, judging by thenumber of times I have 
valid email addresses flagged as not valid bypoor algorithms.-- 
https://mail.python.org/mailman/listinfo/python-list
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Michael Torrie via Python-list]

On 11/2/23 00:42, Simon Connah via Python-list wrote:
> Basically I'm writing unit tests and one of them passess in a string 
> with an invalid email address. I need to be able to check the string 
> to see if it is a valid email so that the unit test passess.

If you truly have managed to code an RFC-compliant verifier, I commend you.

> Valid as in conforms to the standard. Although having looked at the
> standard that might be more difficult than originally planned.

You'll have to read the relevant RFCs.  Lots of corner cases!  From what
I can see virtually no one on the internet gets it right, judging by the
number of times I have valid email addresses flagged as not valid by
poor algorithms.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Jon Ribbens via Python-list]

On 2023-11-02, Simon Connah  wrote:
> Valid as in conforms to the standard. Although having looked at the
> standard that might be more difficult than originally planned.

Yes. Almost nobody actually implements "the standard" as in RFC 2822
section 3.4.1 (which can contain, for example, non-printable control
characters, and comments), nor is it particularly clear that they
should. So while checking against "the spec" might sound right, it's
highly unlikely that it's what you actually want. Would you really
want to allow:

(jam today) "chris @ \"home\""@ (Chris's host.)public.example

for example? And would you be able to do anything with it if you did?
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[D'Arcy Cain via Python-list]

On 2023-11-02 00:18, AVI GROSS via Python-list wrote:

Yes, it would be nice if there was a syntax for sending a test message sort
of like an ACK that is not delivered to the recipient but merely results in
some status being sent back such as DELIVERABLE or NO SUCH USER or even
MAILBOX FULL.


It used to do that.  The facility was very quickly turned off.


I note earlier iterations of email had addressed like
mach1!mach2!mach3!ihnp4!mach5!mach6!user or even mach1!mach2!user@mach3 and
I remember tools that analyzed what other machines various machines claimed
to have a direct connection to and tried to figure out a connection from
your source to destination, perhaps a shorter one or maybe a less expensive
one. Hence machines like ihnp4 and various universities that were densely
connected to others got lots of traffic. In that scenario, validity had
another meaning.


Yep.  It's called UUCP.  It still exists.  You can even do UUCP over TCP/IP.

--
D'Arcy J.M. Cain
System Administrator, Vex.Net
http://www.Vex.Net/ IM:da...@vex.net
VoIP: sip:da...@vex.net

--
https://mail.python.org/mailman/listinfo/python-list

RE: Checking if email is valid

[AVI GROSS via Python-list]

Yes, Chris, many things can be used for lesser purposes.

Perhaps this could be like when people automate guessing passwords and one
defense is to stop accepting after N bad guesses till some external method
resets things.

-Original Message-
From: Python-list  On
Behalf Of Chris Angelico via Python-list
Sent: Thursday, November 2, 2023 2:05 AM
To: python-list@python.org
Subject: Re: Checking if email is valid

On Thu, 2 Nov 2023 at 15:20, AVI GROSS via Python-list
 wrote:
>
> Yes, it would be nice if there was a syntax for sending a test message
sort
> of like an ACK that is not delivered to the recipient but merely results
in
> some status being sent back such as DELIVERABLE or NO SUCH USER or even
> MAILBOX FULL.
>

Yes, it would! Spammers would be able to use this syntax to figure out
exactly which addresses actually have real people connected to it. It
would save them so much trouble! Brilliant idea.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> Please re-read.
> Discussion is about "closeness".
> Thus, what you might expect from email servers and Admins, NOT what you
> should do. That part should be quite evident by now!
> 


My apologies for making a mistake.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[D'Arcy Cain via Python-list]

On 2023-11-02 02:04, Chris Angelico via Python-list wrote:

On Thu, 2 Nov 2023 at 15:20, AVI GROSS via Python-list
 wrote:


Yes, it would be nice if there was a syntax for sending a test message sort
of like an ACK that is not delivered to the recipient but merely results in
some status being sent back such as DELIVERABLE or NO SUCH USER or even
MAILBOX FULL.



Yes, it would! Spammers would be able to use this syntax to figure out
exactly which addresses actually have real people connected to it. It
would save them so much trouble! Brilliant idea.


Which is exactly why we stopped doing it.  In fact, mailing software may 
even have a control to turn it back on but definitely it doesn't reply 
to the request as delivered.


--
D'Arcy J.M. Cain
System Administrator, Vex.Net
http://www.Vex.Net/ IM:da...@vex.net
VoIP: sip:da...@vex.net

--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Dan Purgert via Python-list]

On 2023-11-02, dn wrote:
> On 02/11/2023 19.46, Simon Connah via Python-list wrote:
>> [...]
>> My goal is to make a simple mailing list platform. I guess I could
>> just send email to an address and if it bounces then I can remove it
>> from the database. Thing is I'm not sure how close to a real email
>> address an email has to be in order to be bounced. If it was
>> completely wrong it might just swallowed up.
>
> Exactly!
>
> Build a complementary script which inspects the returned/bounced 
> messages, and removes those addresses.
>
> Given that the list of addresses is built from people signing-up in the 
> first place, one has to presume that people know their own addresses and 
> can type - there's no real defence against 'stupid'*. It's not as if you 
> are making-up addresses yourself (in many jurisdictions it is illegal 
> without opt-in).

Isn't opt-in usually to the effect of "send a message with the subject
SUBSCRIBE to listname-reque...@mailinglist.domain.tld " ?  Then the
trick becomes filtering out the spam; but the "is the email valid" check
is somewhat done as a matter of processing that inbound subscribe
message.


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Alan Bawden via Python-list]

Chris Angelico  writes:

   On Thu, 2 Nov 2023 at 15:20, AVI GROSS via Python-list
wrote:

   > Yes, it would be nice if there was a syntax for sending a test
   > message sort of like an ACK that is not delivered to the recipient
   > but merely results in some status being sent back such as
   > DELIVERABLE or NO SUCH USER or even MAILBOX FULL.

   Yes, it would! Spammers would be able to use this syntax to figure out
   exactly which addresses actually have real people connected to it. It
   would save them so much trouble! Brilliant idea.

That sounds like the SMTP "VRFY" command.  And spammers _did_ abuse it
in exactly this manner.  And so pretty much every mail server in the
world disabled VRFY sometime in the 90s.

- Alan
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Jon Ribbens via Python-list]

On 2023-11-02, D'Arcy Cain  wrote:
> On 2023-11-01 17:17, Chris Angelico via Python-list wrote:
>> On Thu, 2 Nov 2023 at 08:09, Grant Edwards via Python-list
>>  wrote:
>>> Make sure it has an '@' in it.  Possibly require at least one '.'
>>> after the '@'.
>> 
>> No guarantee that there'll be a dot after the at. (Technically there's
>> no guarantee of an at sign either, but email addresses without at
>> signs are local-only, so in many contexts, you can assume there needs
>> to be an at.)
>
> druid!darcy - doesn't work any more but not because it is syntactically 
> incorrect.
>
> Remember the good old days when we were able to test if an address 
> existed without sending?  That was before the black hats discovered the 
> Internet.

I remember the good old days when we were able to send email.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[dn via Python-list]

On 02/11/2023 20.28, Simon Connah wrote:


I'm not sure that would be practical. As I'm setting up a mailing list server I 
don't know if someone in the future is going to need to use one of those 
aliases and testing manually would be tedious.


Please re-read.
Discussion is about "closeness".
Thus, what you might expect from email servers and Admins, NOT what you 
should do. That part should be quite evident by now!


--
Regards,
=dn

--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> Agreed.
> 

> However, with names that are frequently misspelled or which are
> commonly-spelled slightly differently, the 'trick' is to anticipate
> problems and set up aliases which forward messages to the correct address*.
> 

> eg Kelvin -> Kevlin
> 

> Niel, Neal, Neale (etc) -> Neil
> 

> 

> (in the same way that GoodLookingGuy@mydomain -> me,
> 

> or (more likely) MailAdmin -> me)
> 

> 

> 

> * however, this can end-up perpetuating the mistake, rather than
> correcting...
> 

> --
> Regards,
> =dn

I'm not sure that would be practical. As I'm setting up a mailing list server I 
don't know if someone in the future is going to need to use one of those 
aliases and testing manually would be tedious.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Grizzy Adams via Python-list]

Thursday, November 02, 2023  at 6:46, Simon Connah via Python-list wrote:
Re: Checking if email is valid (at least in part)

>My goal is to make a simple mailing list platform. I guess I could just send
>email to an address and if it bounces then I can remove it from the database.

That function is "built in" with many email clients, I use a modified version 
to move probably dead addresses to a "bounced" folder, from there I can build a 
Dlist with one click and test again later, even later I add these addresss to a 
larger Dlist to filter for mail from known bad/dead addresses
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[dn via Python-list]

On 02/11/2023 19.56, Chris Angelico via Python-list wrote:

On Thu, 2 Nov 2023 at 17:47, Simon Connah  wrote:


My goal is to make a simple mailing list platform. I guess I could just send 
email to an address and if it bounces then I can remove it from the database. 
Thing is I'm not sure how close to a real email address an email has to be in 
order to be bounced. If it was completely wrong it might just swallowed up.



Every address is completely separate. There is no "closeness". Just
send email to an address.



Agreed.

However, with names that are frequently misspelled or which are 
commonly-spelled slightly differently, the 'trick' is to anticipate 
problems and set up aliases which forward messages to the correct address*.


eg Kelvin -> Kevlin
Niel, Neal, Neale (etc) -> Neil

(in the same way that GoodLookingGuy@mydomain -> me,
or (more likely) MailAdmin -> me)


* however, this can end-up perpetuating the mistake, rather than 
correcting...


--
Regards,
=dn
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> 

> 

> See https://www.linuxjournal.com/article/9585?page=0,0
> 


That looks painful to maintain!

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[dn via Python-list]

On 02/11/2023 19.46, Simon Connah via Python-list wrote:

On Thu, 2 Nov 2023 at 05:21, Simon Connah via Python-list
python-list@python.org wrote:




Could someone push me in the right direction please? I just want to find out if 
a string is a valid email address.









There is only one way to know that a string is a valid email address,
and that's to send an email to it.




What is your goal though? For example, if you're trying to autolink
email addresses in text, you don't really care whether it's valid,
only that it looks like an address.




My goal is to make a simple mailing list platform. I guess I could just send 
email to an address and if it bounces then I can remove it from the database. 
Thing is I'm not sure how close to a real email address an email has to be in 
order to be bounced. If it was completely wrong it might just swallowed up.


Exactly!

Build a complementary script which inspects the returned/bounced 
messages, and removes those addresses.


Given that the list of addresses is built from people signing-up in the 
first place, one has to presume that people know their own addresses and 
can type - there's no real defence against 'stupid'*. It's not as if you 
are making-up addresses yourself (in many jurisdictions it is illegal 
without opt-in).


An email address: account@domain, has to be accurate in two ways:
1 the domain - otherwise the DNS (Domain Name System) won't be able to 
locate the destination email server
2 the account - otherwise the email server won't know to which mail-box 
the message should be delivered.


The (1) is why there was some suggestion of using MX records (but may as 
well just send the message).


The problem with (2) is that some servers will 'bounce' a message, but 
others will let it die silently (not wanting to add to email-spam by 
sending stuff 'back' if the message was spam in the first place!)


The exception to (2) is a "catch-all" address, which accepts every 
message not addressed to a (legal) mail-box. These are sometimes used to 
deal with messages addressed to a staff-member who has left (for 
example). However, are somewhat problematic because they pick-up tons of 
garbage (eg earlier today I received a message to 456...@domain.tld. 
This is not, and never has been, a mail-box on the domain; but would 
drop into a catch-all mail-box.


It would be an unusual MailAdmin inspecting a catch-all address, who 
would return a mis-addressed email to its source. If the message was 
addressed to s...@domain.tld, I'd be more likely to assume it was for 
you, and forward it to you (in the expectation that you'd fix the 
problem with the sender...). However, ...


There are some large businesses doing what you've outlined. They have 
not solved this problem - and not through lack of trying!



* as fast as you make something idiot-proof, the world will show you an 
'improved' class of idiot!

--
Regards,
=dn
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Thu, 2 Nov 2023 at 17:47, Cameron Simpson via Python-list
 wrote:
>
> On 02Nov2023 17:04, Chris Angelico  wrote:
> >On Thu, 2 Nov 2023 at 15:20, AVI GROSS via Python-list
> > wrote:
> >> Yes, it would be nice if there was a syntax for sending a test
> >> message sort
> >> of like an ACK that is not delivered to the recipient but merely results in
> >> some status being sent back such as DELIVERABLE or NO SUCH USER or even
> >> MAILBOX FULL.
> >
> >Yes, it would! Spammers would be able to use this syntax to figure out
> >exactly which addresses actually have real people connected to it. It
> >would save them so much trouble! Brilliant idea.
>
> Hmm. IIRC...
>
> https://datatracker.ietf.org/doc/html/rfc2821#section-4.1.1.6
>
> I think a lot of mail receivers don't honour this one, for exactly the
> reasons above.

Yeah, and it also won't tell you if the mailbox is full, or
unattended, or if the email would be rejected or discarded for any
other reason. Which means it's not even all that useful if it IS
implemented.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Thu, 2 Nov 2023 at 17:47, Simon Connah  wrote:
>
> My goal is to make a simple mailing list platform. I guess I could just send 
> email to an address and if it bounces then I can remove it from the database. 
> Thing is I'm not sure how close to a real email address an email has to be in 
> order to be bounced. If it was completely wrong it might just swallowed up.
>

Every address is completely separate. There is no "closeness". Just
send email to an address.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> 

> On 2023-11-01, Chris Angelico ros...@gmail.com wrote:
> 

> > On Thu, 2 Nov 2023 at 05:21, Simon Connah via Python-list
> > python-list@python.org wrote:
> > 

> > > Could someone push me in the right direction please? I just want to
> > > find out if a string is a valid email address.
> > 

> > There is only one way to know that a string is a valid email address,
> > and that's to send an email to it.
> > 

> > What is your goal though? For example, if you're trying to autolink
> > email addresses in text, you don't really care whether it's valid,
> > only that it looks like an address.
> 

> 

> There's often value in even only partially-effective checks though.
> With an email address you can easily check to see if it has an "@",
> and if the stuff after the "@" is a syntactically valid domain name.
> You can also go a bit further and check to see if the domain has an
> MX record, and if it doesn't then it is extremely unlikely that the
> address is valid.
> --
> https://mail.python.org/mailman/listinfo/python-list

Apparently UTF-8 characters are allowed in email addresses now. That is going 
to lead to a whole new level of pain for determining if an email address is 
correct.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> 

> 

> On Thu, 2 Nov 2023 at 05:21, Simon Connah via Python-list
> python-list@python.org wrote:
> 

> > Could someone push me in the right direction please? I just want to find 
> > out if a string is a valid email address.
> 

> 

> There is only one way to know that a string is a valid email address,
> and that's to send an email to it.
> 

> What is your goal though? For example, if you're trying to autolink
> email addresses in text, you don't really care whether it's valid,
> only that it looks like an address.
> 


My goal is to make a simple mailing list platform. I guess I could just send 
email to an address and if it bounces then I can remove it from the database. 
Thing is I'm not sure how close to a real email address an email has to be in 
order to be bounced. If it was completely wrong it might just swallowed up.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Cameron Simpson via Python-list]

On 02Nov2023 17:04, Chris Angelico  wrote:

On Thu, 2 Nov 2023 at 15:20, AVI GROSS via Python-list
 wrote:
Yes, it would be nice if there was a syntax for sending a test 
message sort

of like an ACK that is not delivered to the recipient but merely results in
some status being sent back such as DELIVERABLE or NO SUCH USER or even
MAILBOX FULL.


Yes, it would! Spammers would be able to use this syntax to figure out
exactly which addresses actually have real people connected to it. It
would save them so much trouble! Brilliant idea.


Hmm. IIRC...

https://datatracker.ietf.org/doc/html/rfc2821#section-4.1.1.6

I think a lot of mail receivers don't honour this one, for exactly the 
reasons above.


Cheers,
Cameron Simpson 
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

> 

> On 2023-11-01, Simon Connah via Python-list python-list@python.org wrote:
> 

> > I'm building a simple project using smtplib and have a
> > question. I've been doing unit testing but I'm not sure how to check
> > if an email message is valid.
> 

> 

> Send an e-mail using it? If the right person gets the e-mail, then
> it's valid?
> 

> > Using regex sounds like a bad idea to me and the other options I
> > found required paying for third party services.
> > 

> > Could someone push me in the right direction please? I just want to
> > find out if a string is a valid email address.
> 


OK. It is going to take me some time to get round to every reply here so please 
bear with me.

Basically I'm writing unit tests and one of them passess in a string with an 
invalid email address. I need to be able to check the string to see if it is a 
valid email so that the unit test passess.

> 

> You'll have to define "valid". Valid syntactically according to
> ? Will be accepted by an SMTP server somewhere? Corresponds to
> 

> a real person?
> 

> Make sure it has an '@' in it. Possibly require at least one '.'
> after the '@'.
> 

> Trying to do anything more than that is just wasting your time and
> annoying the mule.
> 


Valid as in conforms to the standard. Although having looked at the standard 
that might be more difficult than originally planned.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Thu, 2 Nov 2023 at 15:20, AVI GROSS via Python-list
 wrote:
>
> Yes, it would be nice if there was a syntax for sending a test message sort
> of like an ACK that is not delivered to the recipient but merely results in
> some status being sent back such as DELIVERABLE or NO SUCH USER or even
> MAILBOX FULL.
>

Yes, it would! Spammers would be able to use this syntax to figure out
exactly which addresses actually have real people connected to it. It
would save them so much trouble! Brilliant idea.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

RE: Checking if email is valid

[AVI GROSS via Python-list]

Yes, it would be nice if there was a syntax for sending a test message sort
of like an ACK that is not delivered to the recipient but merely results in
some status being sent back such as DELIVERABLE or NO SUCH USER or even
MAILBOX FULL.

An issue with the discussion that may be worth considering is that some
email addresses are not always valid or may not be valid yet but will be
activated later. If I plan on opening a business unit which DNS will later
support as specific.category.mycompany.com.au and we first want to write
some code and test it and roll everything out later, then a test for
u...@specific.category.mycompany.com.au could fail some tests now but may be
fine later. Or what if I turn my machine off on weekends and when it boots,
it sets up to be able to receive mail. Is the address only sometimes valid?

We cannot be sure what rules may change and for all we know, they will
select other UNICODE symbols to replace @ for use by countries not having an
@ on keyboards in the local language or support some syntax like {AT} to be
usable ...

I even wonder about a service along the lines of tinyurl where you register
a potentially long or complex or hard to type name and get a short readable
one instead that is just used to provide a re-direct  or even changed
periodically to dynamically point to where you want them now, such for the
current day of the week. I can easily imagine them making a funny looking
email address such as user@TINYqwerty that may not pas your current test or
one that looks valid to you but maps into an invalid or even null address.

BTW, checking if an email is valid is much wider as a concept than whether
the email address looks like a possible address. A big check sometimes made
if if the headers in the message and various formatting issues look
reasonable or issues about attachments and even if it is passed by SPAM
detectors. This discussion is just about if an email address LOOKS possibly
valid or should not be accepted.

I note earlier iterations of email had addressed like
mach1!mach2!mach3!ihnp4!mach5!mach6!user or even mach1!mach2!user@mach3 and
I remember tools that analyzed what other machines various machines claimed
to have a direct connection to and tried to figure out a connection from
your source to destination, perhaps a shorter one or maybe a less expensive
one. Hence machines like ihnp4 and various universities that were densely
connected to others got lots of traffic. In that scenario, validity had
another meaning. 

-Original Message-
From: Python-list  On
Behalf Of D'Arcy Cain via Python-list
Sent: Wednesday, November 1, 2023 9:57 PM
To: python-list@python.org
Subject: Re: Checking if email is valid

On 2023-11-01 17:17, Chris Angelico via Python-list wrote:
> On Thu, 2 Nov 2023 at 08:09, Grant Edwards via Python-list
>  wrote:
>> Make sure it has an '@' in it.  Possibly require at least one '.'
>> after the '@'.
> 
> No guarantee that there'll be a dot after the at. (Technically there's
> no guarantee of an at sign either, but email addresses without at
> signs are local-only, so in many contexts, you can assume there needs
> to be an at.)

druid!darcy - doesn't work any more but not because it is syntactically 
incorrect.

Remember the good old days when we were able to test if an address 
existed without sending?  That was before the black hats discovered the 
Internet.

-- 
D'Arcy J.M. Cain
System Administrator, Vex.Net
http://www.Vex.Net/ IM:da...@vex.net
VoIP: sip:da...@vex.net

-- 
https://mail.python.org/mailman/listinfo/python-list

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Ian Hobson via Python-list]

See https://www.linuxjournal.com/article/9585?page=0,0

On 01/11/2023 17:09, Simon Connah via Python-list wrote:

Hi,

I'm building a simple project using smtplib and have a question. I've been 
doing unit testing but I'm not sure how to check if an email message is valid. 
Using regex sounds like a bad idea to me and the other options I found required 
paying for third party services.

Could someone push me in the right direction please? I just want to find out if 
a string is a valid email address.

Thank you.

Simon.




--
Ian Hobson
Tel (+66) 626 544 695
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[D'Arcy Cain via Python-list]

On 2023-11-01 17:17, Chris Angelico via Python-list wrote:

On Thu, 2 Nov 2023 at 08:09, Grant Edwards via Python-list
 wrote:

Make sure it has an '@' in it.  Possibly require at least one '.'
after the '@'.


No guarantee that there'll be a dot after the at. (Technically there's
no guarantee of an at sign either, but email addresses without at
signs are local-only, so in many contexts, you can assume there needs
to be an at.)


druid!darcy - doesn't work any more but not because it is syntactically 
incorrect.


Remember the good old days when we were able to test if an address 
existed without sending?  That was before the black hats discovered the 
Internet.


--
D'Arcy J.M. Cain
System Administrator, Vex.Net
http://www.Vex.Net/ IM:da...@vex.net
VoIP: sip:da...@vex.net

--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Cameron Simpson via Python-list]

On 01Nov2023 14:08, Grant Edwards  wrote:

On 2023-11-01, Simon Connah via Python-list  wrote:

I'm building a simple project using smtplib and have a
question. I've been doing unit testing but I'm not sure how to check
if an email message is valid.

[...]

Could someone push me in the right direction please? I just want to
find out if a string is a valid email address.


I confess that I punt "syntactically valid" to email.utils.getaddresses:
https://docs.python.org/3/library/email.utils.html#email.utils.getaddresses

"Deliverable"? I'm prepared to just send to it and hope not to get a 
bounce; delivery of email is, after all, asynchronous. (Even if it were 
going direct to the primary MX, I still hand it to the local mail system 
to deal with.)


"A real person or entity"? A lot of systems do the round trip thing: 
here's a special unique and opaue URL,please visit it to confirm receipt 
of this email (implying email is 'real"). You see this a lot when 
signing up for things. And for plenty of things I generate a random 
throw away address at mailinator.com (looking at you, every "catch up" 
free online TV streaming service who still wants me to log in).


Cheers,
Cameron Simpson 
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Michael Torrie via Python-list]

On 11/1/23 04:09, Simon Connah via Python-list wrote:
> Hi,
> 
> I'm building a simple project using smtplib and have a question. I've been 
> doing unit testing but I'm not sure how to check if an email message is 
> valid. Using regex sounds like a bad idea to me and the other options I found 
> required paying for third party services.
> 
> Could someone push me in the right direction please? I just want to find out 
> if a string is a valid email address.

If I had a nickle for every time a web site claimed my email address
wasn't valid I'd be a rich person.  Seems like most attempts at solving
this little problem fall short!
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Thu, 2 Nov 2023 at 08:52, Grant Edwards via Python-list
 wrote:
>
> On 2023-11-01, Chris Angelico via Python-list  wrote:
> > On Thu, 2 Nov 2023 at 08:09, Grant Edwards via Python-list
> > wrote:
>
> >> Make sure it has an '@' in it.  Possibly require at least one '.'
> >> after the '@'.
> >
> > No guarantee that there'll be a dot after the at.
>
> Ah, I forgot about defaulting to a local domain if one is
> omitted. Will MTAs do that these days?

Yeah they will; but that'll depend on the exact server you send to,
whereas if you have a domain part, all you need is some server that
accepts mail for forwarding.

> > (Technically there's no guarantee of an at sign either, but email
> > addresses without at signs are local-only, so in many contexts, you
> > can assume there needs to be an at.)
> >
> > So the regex to match all valid email addresses that aren't
> > local-only is... drumroll please...
> >
> > r"@"
>
> Unless you want to support UUCP or X400 addresses...
>
> :)

Yyyyeah I think we can assume SMTP these days :)

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Grant Edwards via Python-list]

On 2023-11-01, Chris Angelico via Python-list  wrote:
> On Thu, 2 Nov 2023 at 08:09, Grant Edwards via Python-list
> wrote:

>> Make sure it has an '@' in it.  Possibly require at least one '.'
>> after the '@'.
>
> No guarantee that there'll be a dot after the at.

Ah, I forgot about defaulting to a local domain if one is
omitted. Will MTAs do that these days?

> (Technically there's no guarantee of an at sign either, but email
> addresses without at signs are local-only, so in many contexts, you
> can assume there needs to be an at.)
>
> So the regex to match all valid email addresses that aren't
> local-only is... drumroll please...
>
> r"@"

Unless you want to support UUCP or X400 addresses...

:)




-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Thu, 2 Nov 2023 at 08:09, Grant Edwards via Python-list
 wrote:
> Make sure it has an '@' in it.  Possibly require at least one '.'
> after the '@'.

No guarantee that there'll be a dot after the at. (Technically there's
no guarantee of an at sign either, but email addresses without at
signs are local-only, so in many contexts, you can assume there needs
to be an at.)

So the regex to match all valid email addresses that aren't local-only
is... drumroll please...

r"@"

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Grant Edwards via Python-list]

On 2023-11-01, Simon Connah via Python-list  wrote:

> I'm building a simple project using smtplib and have a
> question. I've been doing unit testing but I'm not sure how to check
> if an email message is valid.

Send an e-mail using it?  If the right person gets the e-mail, then
it's valid?

> Using regex sounds like a bad idea to me and the other options I
> found required paying for third party services.
>
> Could someone push me in the right direction please? I just want to
> find out if a string is a valid email address.

You'll have to define "valid".  Valid syntactically according to
?  Will be accepted by an SMTP server somewhere? Corresponds to
a real person?

Make sure it has an '@' in it.  Possibly require at least one '.'
after the '@'.

Trying to do anything more than that is just wasting your time and
annoying the mule.

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[De ongekruisigde via Python-list]

On 2023-11-01, Mats Wichmann  wrote:
> On 11/1/23 05:35, Simon Connah via Python-list wrote:
>> OK. I've been doing some reading and that you should avoid regex to check 
>> email addresses. So what I was thinking was something like this:
>
> To be a little more specific, Avoid Rolling Your Own RegEx.  It's very 
> tricky, and you will get it subtly wrong.

Use e.g.: https://gitea.ksol.io/karolyi/py3-validate-email

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[dn via Python-list]

On 02/11/2023 00.35, Simon Connah via Python-list wrote:
OK. I've been doing some reading and that you should avoid regex to check email addresses. 


This operation used to be a BIG THING back in the days of 'everyone' 
building PHP web-sites. When there were only a handful of TLDs 
(top-level domain names, eg the country-codes* such as .nz and .uk plus 
the generics such as .com and .net. Accordingly, one could hold the 
entire list for convenience of checking. However when IANA (the outfit 
responsible for the Root Zone Database and especially ICANN realised 
that there was money to be made, they allowed more and more TLDs. 
Keeping-up became a rat-race!


Indeed, I've held another .info domain for twenty years, and used to 
suffer for my 'bleeding edge' daring - quite recently someone (who 
should remain name-less, and a few other less-es) sent me an email 
telling me how to log-in, but their log-in process wouldn't accept the 
'illegal' address. Um...


All together now: "a little bit of knowledge is a dangerous thing"!


So what I was thinking was something like this:


if type(email_recipient) != email.message.Message:

I just don't know why that particular line isn't working.


Will need more context. What is the objective? What is the 
source/pre-processing of these data-items. (etc)




* Left-out .au, (a less important geo-TLD) to wind-up @Chris...

--
Regards,
=dn
--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Mats Wichmann via Python-list]

On 11/1/23 05:35, Simon Connah via Python-list wrote:

OK. I've been doing some reading and that you should avoid regex to check email 
addresses. So what I was thinking was something like this:


To be a little more specific, Avoid Rolling Your Own RegEx.  It's very 
tricky, and you will get it subtly wrong.


All depending, as others have said, on what level of "validation" you're 
after.


--
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Thu, 2 Nov 2023 at 06:02, Jon Ribbens via Python-list
 wrote:
>
> On 2023-11-01, Chris Angelico  wrote:
> > On Thu, 2 Nov 2023 at 05:21, Simon Connah via Python-list
> > wrote:
> >> Could someone push me in the right direction please? I just want to
> >> find out if a string is a valid email address.
> >
> > There is only one way to know that a string is a valid email address,
> > and that's to send an email to it.
> >
> > What is your goal though? For example, if you're trying to autolink
> > email addresses in text, you don't really care whether it's valid,
> > only that it looks like an address.
>
> There's often value in even only partially-effective checks though.
> With an email address you can easily check to see if it has an "@",
> and if the stuff after the "@" is a syntactically valid domain name.
> You can also go a bit further and check to see if the domain has an
> MX record, and if it doesn't then it is extremely unlikely that the
> address is valid.

Yeah, which is why I asked about the goal. (You may also note that I
worded the prior statement very carefully: You cannot know that it IS
valid without sending email to it, but there can be ways to know that
it CANNOT BE valid.)

In the vast majority of contexts, local addresses can be ignored, so
an email address will have to include an at sign. I wouldn't bother
with a syntax check on the domain portion, though; just check for a
couple of possible formats (IP literal), and if it looks like a domain
name, do the MX lookup. That said, though, there are certain contexts
where you can be a LOT more restrictive, such as the autolinking
example I mentioned; it's fine to exclude some unusual email addresses
when all you're doing is offering a small convenience.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Jon Ribbens via Python-list]

On 2023-11-01, Chris Angelico  wrote:
> On Thu, 2 Nov 2023 at 05:21, Simon Connah via Python-list
> wrote:
>> Could someone push me in the right direction please? I just want to
>> find out if a string is a valid email address.
>
> There is only one way to know that a string is a valid email address,
> and that's to send an email to it.
>
> What is your goal though? For example, if you're trying to autolink
> email addresses in text, you don't really care whether it's valid,
> only that it looks like an address.

There's often value in even only partially-effective checks though.
With an email address you can easily check to see if it has an "@",
and if the stuff after the "@" is a syntactically valid domain name.
You can also go a bit further and check to see if the domain has an
MX record, and if it doesn't then it is extremely unlikely that the
address is valid.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Chris Angelico via Python-list]

On Thu, 2 Nov 2023 at 05:21, Simon Connah via Python-list
 wrote:
>
> Could someone push me in the right direction please? I just want to find out 
> if a string is a valid email address.

There is only one way to know that a string is a valid email address,
and that's to send an email to it.

What is your goal though? For example, if you're trying to autolink
email addresses in text, you don't really care whether it's valid,
only that it looks like an address.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Checking if email is valid

[Simon Connah via Python-list]

Hi,

I'm building a simple project using smtplib and have a question. I've been 
doing unit testing but I'm not sure how to check if an email message is valid. 
Using regex sounds like a bad idea to me and the other options I found required 
paying for third party services.

Could someone push me in the right direction please? I just want to find out if 
a string is a valid email address.

Thank you.

Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Checking if email is valid

[Simon Connah via Python-list]

OK. I've been doing some reading and that you should avoid regex to check email 
addresses. So what I was thinking was something like this:

if type(email_recipient) != email.message.Message:

I just don't know why that particular line isn't working.

Thank you!

--- Original Message ---
On Wednesday, 1 November 2023 at 10:09, Simon Connah 
 wrote:


> 

> 

> Hi,
> 

> I'm building a simple project using smtplib and have a question. I've been 
> doing unit testing but I'm not sure how to check if an email message is 
> valid. Using regex sounds like a bad idea to me and the other options I found 
> required paying for third party services.
> 

> Could someone push me in the right direction please? I just want to find out 
> if a string is a valid email address.
> 

> Thank you.
> 

> Simon.

signature.asc
Description: OpenPGP digital signature
-- 
https://mail.python.org/mailman/listinfo/python-list