Back to Community Threads
Reply-to addresses with very long local-part (username) component
Problem reported by Douglas Foster - 4/12/2026 at 11:53 AM
Submitted
D
The IETF specs say that usernames should be no more than 64 characters, and a domain name should be no more than 255 characters.    So when I created database tables for logging email addresses, I used a column size of 320 characters.   Recently, I have discovered that this size is not capturing complete data, because some ads have very long reply-to addresses.   The longest in my archive is 317 characters.   I wonder what SmarterMail would do if someone tried to reply to one of those messages.

I am feeling increasingly hostile toward unsolicited advertising, so I think I will create a filtering rule to discard messages that violate the standard so severely.   Don't know what boundary I will use, probably more than 64 characters, but much less than 317. 
J
J. LaDow Replied
4/12/2026 at 12:51 PM
We search for for the list-unsubscribe header and apply a junk mail score to those by default.  If a user wants that mail, they have to go and trust the sender -- it at least helps keep inbox garbage down...

Plus an auto-clean of 30-90 days depending on what the user prefers for Junk Mail folder...
MailEnable survivor / convert --
D
Douglas Foster Replied
4/13/2026 at 3:25 AM
I have researched these long names a little further.   They are all legitimate companies, and one sequence is about a support case with a vendor.   Although the host names are mostly specific to the company in the email addresses, the IP addresses are all owned by Salesforce.com.

I plan to file abuse reports with these companies, on the argument that an excessively long string because a buffer-overflow attack on all receiving systems, to see if they can get SalesForce to change.   A 64-character username permits more than 10^100 unique values, so it should be sufficient.  A 300 character identifier is ridiculous.

SalesForce.com also uses overly long Return-Path names, but the length is less than half of these examples.
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Configure an EAS Account in Outlook on AndroidSmarterMail > Desktop and Mobile Synchronization
Key Feature and Version Milestones in SmarterMailSmarterMail
Setting Up Two-Factor Authentication (2FA, MFA, etc.)SmarterMail > Desktop and Mobile Synchronization
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
SmarterMail, LDAP, and Active DirectorySmarterMail > Server Configuration and Management