Incoming SMTP in the year 2017 and absence of DKIM

Grant Taylor gtaylor at
Thu Nov 30 03:23:49 UTC 2017

On 11/29/2017 07:16 PM, William Herrin wrote:
> There's no "must" standard for the format of bounce message, deferred 
> bounces are still a thing and mail gets auto-forwarded to addresses which 
> bounce (that is, bounce from an address different than the one you sent to).

Agreed.  I wish that more software would use the well defined Delivery 
Status Notification and Message Disposition Notifications.  (RFC 6553)

> Without something like VERP to encode the original recipient in the return 
> address, the percentage of bounces your list successfully processes each 
> month will slowly but steadily decline.

I think it's entirely possible to teach MLMs about the most common forms 
of bounces (DSNs).  But it will quickly get into a game of diminishing 
returns.  Especially if the bounce (because it's not going to be the 
well known DNS format) goes out of it's way to hide something.  In that 
case, the only thing that you could count on (that I'm aware of) is 
something like VERP.

I wonder if SMTP's ORCPT parameter to the RCPT command would cross 
forwarders.  (I'm not holding my breath.)

Aside:  I'm quite interested in discussing the the following reply, but 
I suspect it's going to be a bit of a rabbit whole.  Is such a 
discussion appropriate for NANOG?  (I'll assume that a lack of reply 
indicates that the discussion is better had elsewhere.)

> I could not disagree with you more. It's relatively easy to design and 
> implement a system which allows the originating MUA and MTA to offer proof 
> of authority to act on behalf of a given email address. Though possible, 
> systems which would allow intermediate mail handlers to generate proof of 
> authority to handle a message alleged to originate from a particular 
> address don't especially exist and would be much more complex. Systemic and 
> computational complexity is a very practical difference between the two 
> situations.

I feel like SPF & DKIM (at least partially) address the former scenario. 
  -  I think that SPF and DKIM-ATPS can (at least partially) address the 
latter.  With the latter assuming some sort of established business 
relationship between the originating and intermediary parties.

Grant. . . .
unix || die

More information about the NANOG mailing list