Incoming SMTP in the year 2017 and absence of DKIM

William Herrin bill at
Thu Nov 30 02:16:43 UTC 2017

On Wed, Nov 29, 2017 at 5:50 PM, John Levine <johnl at> wrote:
> In article <3677d101-3874-b8e4-87b3-37e4dd870325 at> you
> >> Normal lists put their own bounce address in the
> >> envelope so they can handle the bounces, so their own SPF applies.
> >
> >Yep.  V.E.R.P. is a very powerful thing.  (B.A.T.V. is an interesting
> >alternative, but I never messed with it.)
> VERP helps identify the bouncing party, but list bounce handling works
> fine without it.

Not so much, no.

There's no "must" standard for the format of bounce message, deferred
bounces are still a thing and mail gets auto-forwarded to addresses which
bounce (that is, bounce from an address different than the one you sent to).

Without something like VERP to encode the original recipient in the return
address, the percentage of bounces your list successfully processes each
month will slowly but steadily decline.

Broken rDNS is just broken, since there's approximately no reason ever
> to send from a host that doesn't know its own name.  Broken SPF may or
> may not be an issue since there are lots of legit ways to send mail
> that SPF can't describe.


>P.S.  I'm strongly of the opinion that if a MLM alters the message in
> >ANY capacity, that it is actually generating a new message.  Thus the
> >MLM is the new author.  It's just using content strongly based on emails
> >that came into it.  -  But that's a different discussion that lasted
> >days on the mailman mailing list.
> It's an interesting theological argument but it makes little practical
> difference.

I could not disagree with you more. It's relatively easy to design and
implement a system which allows the originating MUA and MTA to offer proof
of authority to act on behalf of a given email address. Though possible,
systems which would allow intermediate mail handlers to generate proof of
authority to handle a message alleged to originate from a particular
address don't especially exist and would be much more complex. Systemic and
computational complexity is a very practical difference between the two

Bill Herrin

William Herrin ................ herrin at  bill at
Dirtside Systems ......... Web: <>

More information about the NANOG mailing list