Fixed email address validation to do a bit better in obscure cases.

2 files changed, 7 insertions, 3 deletions

diff --git a/Mailman/Utils.py b/Mailman/Utils.py
index 93e1fba1..0a20423a 100644
--- a/Mailman/Utils.py
+++ b/Mailman/Utils.py
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2011 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2013 by the Free Software Foundation, Inc.
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -223,7 +223,7 @@ def ValidateEmail(s):
     # Pretty minimal, cheesy check.  We could do better...
     if not s or s.count(' ') > 0:
         raise Errors.MMBadEmailError
-    if _badchars.search(s) or s[0] == '-':
+    if _badchars.search(s):
         raise Errors.MMHostileAddress, s
     user, domain_parts = ParseEmail(s)
     # This means local, unqualified addresses, are not allowed
@@ -232,8 +232,9 @@ def ValidateEmail(s):
     if len(domain_parts) < 2:
         raise Errors.MMBadEmailError, s
     # domain parts may only contain ascii letters, digits and hyphen
+    # and must not begin with hyphen.
     for p in domain_parts:
-        if len(_valid_domain.sub('', p)) > 0:
+        if len(p) == 0 or p[0] == '-' or len(_valid_domain.sub('', p)) > 0:
             raise Errors.MMHostileAddress, s
 
 
diff --git a/NEWS b/NEWS
index 170be23a..2a9ba15a 100755
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,9 @@ Here is a history of user visible changes to Mailman.
 
   Bug Fixes and other patches
 
+    - Fixed email address validation to do a bit better in obscure cases.
+      (LP: #1258703)
+
     - Fixed a bug which caused some authentication cookies to expire too soon
       if AUTHENTICATION_COOKIE_LIFETIME is non-zero.  (LP: #1257112)