On Fri, 4 Apr 2025, Jim Fenton wrote:
They don’t always do that. A “transparent forwarder” (think ~/.forward or
/etc/aliases in *nix) typically leaves the envelope-from address alone. That is
a long-standing behavior that isn’t likely to change.
Keeping the original bounce address, alias forwarding in the SMTP spec, has a
lot of shortcomings. In the event that the alias target suffers a mailbox full
error, the message bounces to someone who can do nothing about it. Worse, if
the forwarder does not check the bounce address, it becomes similar to an open
relay, where anyone can send malicious material to anyone else in the form of
bounces. It is wise to replace bounce addresses.
But that wasn’t the point of my comment. I’m not the operator of a large mail
domain—so correct me if I’m wrong—but don’t some large domains have separate
infrastructure for incoming and outgoing mail? It isn’t a matter of just
sending the message back to the the MTA that sent it, because it may not be set
up to receive mail from outside at all.
The general idea is that the EKIM signature includes the bounce address so
you can trust that it's real and send bounces back to it. (I said general
idea, there's details to work out.)
As I said, large domains probably have ways to solve the problem of associating
the bounce with the bounced message. But I’m wondering if that is a problem
that needs to be acknowledged.
There's a nonce field in the EKIM signature that the signer can use to
decide what to do with the bounce. It might identify the message or in
list or bulk mail, it could be the list and the recipient so they knew
what to prune.
R's,
John
_______________________________________________
Ietf-dkim mailing list -- ietf-dkim@ietf.org
To unsubscribe send an email to ietf-dkim-le...@ietf.org
