Incoming SMTP in the year 2017 and absence of DKIM

John Levine johnl at
Thu Nov 30 18:30:41 UTC 2017

In article <bef74f87-c3b7-b4ae-83c3-6cbbc27b9222 at> you write:
>> Without something like VERP to encode the original recipient in the return 
>> address, the percentage of bounces your list successfully processes each 
>> month will slowly but steadily decline.
>I think it's entirely possible to teach MLMs about the most common forms 
>of bounces (DSNs).  But it will quickly get into a game of diminishing 
>returns.  Especially if the bounce (because it's not going to be the 
>well known DNS format) goes out of it's way to hide something.  In that 
>case, the only thing that you could count on (that I'm aware of) is 
>something like VERP.

If you look at the bounce handling in packages like sympa and mailman,
they have lots of heuristics to try to figure out what bounces mean.
They work OK but I agree they are far from perfect.

>  -  I think that SPF and DKIM-ATPS can (at least partially) address the 
>latter.  With the latter assuming some sort of established business 
>relationship between the originating and intermediary parties.

It's a rathole, it doesn't scale, and it is not a bug that you can
send mail to people who you don't already know.  If identities were a
magic bullet, we'd all be signing with S/MIME.


More information about the NANOG mailing list