draft-ietf-appsawg-mdn-3798bis-06.txt   draft-ietf-appsawg-mdn-3798bis-07.txt 
Network Working Group T. Hansen, Ed. Network Working Group T. Hansen, Ed.
Internet-Draft AT&T Laboratories Internet-Draft AT&T Laboratories
Obsoletes: 3798 (if approved) A. Melnikov, Ed. Obsoletes: 3798 (if approved) A. Melnikov, Ed.
Intended status: Standards Track Isode Ltd Updates: 2046, 3461 (if approved) Isode Ltd
Expires: July 27, 2016 January 24, 2016 Intended status: Standards Track May 1, 2016
Expires: November 2, 2016
Message Disposition Notification Message Disposition Notification
draft-ietf-appsawg-mdn-3798bis-06.txt draft-ietf-appsawg-mdn-3798bis-07.txt
Abstract Abstract
This memo defines a MIME content-type that may be used by a mail user This memo defines a MIME content-type that may be used by a mail user
agent (MUA) or electronic mail gateway to report the disposition of a agent (MUA) or electronic mail gateway to report the disposition of a
message after it has been successfully delivered to a recipient. message after it has been successfully delivered to a recipient.
This content-type is intended to be machine-processable. Additional This content-type is intended to be machine-processable. Additional
message header fields are also defined to permit Message Disposition message header fields are also defined to permit Message Disposition
Notifications (MDNs) to be requested by the sender of a message. The Notifications (MDNs) to be requested by the sender of a message. The
purpose is to extend Internet Mail to support functionality often purpose is to extend Internet Mail to support functionality often
skipping to change at page 2, line 4 skipping to change at page 2, line 6
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 27, 2016.
This Internet-Draft will expire on November 2, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Purposes . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Purposes . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Requirements . . . . . . . . . . . . . . . . . . . . . . 4 1.2. Requirements . . . . . . . . . . . . . . . . . . . . . . 4
1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4
2. Requesting Message Disposition Notifications . . . . . . . . 5 2. Requesting Message Disposition Notifications . . . . . . . . 5
2.1. The Disposition-Notification-To Header . . . . . . . . . 5 2.1. The Disposition-Notification-To Header . . . . . . . . . 5
2.2. The Disposition-Notification-Options Header . . . . . . . 7 2.2. The Disposition-Notification-Options Header . . . . . . . 7
2.3. The Original-Recipient Header Field . . . . . . . . . . . 8 2.3. The Original-Recipient Header Field . . . . . . . . . . . 8
2.4. Use with the Message/Partial Content Type . . . . . . . . 9 2.4. Use with the Message/Partial Media Type . . . . . . . . . 9
3. Format of a Message Disposition Notification . . . . . . . . 9 3. Format of a Message Disposition Notification . . . . . . . . 9
3.1. The message/disposition-notification content-type . . . . 11 3.1. The message/disposition-notification Media Type . . . . . 11
3.2. Message/disposition-notification Fields . . . . . . . . . 13 3.2. Message/disposition-notification Content Fields . . . . . 14
3.3. Extension-fields . . . . . . . . . . . . . . . . . . . . 18 3.3. Extension-fields . . . . . . . . . . . . . . . . . . . . 19
4. Timeline of events . . . . . . . . . . . . . . . . . . . . . 19 4. Timeline of events . . . . . . . . . . . . . . . . . . . . . 20
5. Conformance and Usage Requirements . . . . . . . . . . . . . 20 5. Conformance and Usage Requirements . . . . . . . . . . . . . 21
6. Security Considerations . . . . . . . . . . . . . . . . . . . 20 6. Security Considerations . . . . . . . . . . . . . . . . . . . 22
6.1. Forgery . . . . . . . . . . . . . . . . . . . . . . . . . 21 6.1. Forgery . . . . . . . . . . . . . . . . . . . . . . . . . 22
6.2. Privacy . . . . . . . . . . . . . . . . . . . . . . . . . 21 6.2. Privacy . . . . . . . . . . . . . . . . . . . . . . . . . 22
6.3. Non-Repudiation . . . . . . . . . . . . . . . . . . . . . 22 6.3. Non-Repudiation . . . . . . . . . . . . . . . . . . . . . 23
6.4. Mail Bombing . . . . . . . . . . . . . . . . . . . . . . 22 6.4. Mail Bombing . . . . . . . . . . . . . . . . . . . . . . 23
7. Collected ABNF Grammar . . . . . . . . . . . . . . . . . . . 22 7. Collected ABNF Grammar . . . . . . . . . . . . . . . . . . . 24
8. Guidelines for Gatewaying MDNs . . . . . . . . . . . . . . . 24 8. Guidelines for Gatewaying MDNs . . . . . . . . . . . . . . . 25
8.1. Gatewaying from other mail systems to MDNs . . . . . . . 24 8.1. Gatewaying from other mail systems to MDNs . . . . . . . 26
8.2. Gatewaying from MDNs to other mail systems . . . . . . . 25 8.2. Gatewaying from MDNs to other mail systems . . . . . . . 26
8.3. Gatewaying of MDN-requests to other mail systems . . . . 25 8.3. Gatewaying of MDN-requests to other mail systems . . . . 27
9. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 9. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28
10.1. Disposition-Notification-Options header field 10.1. Disposition-Notification-Options header field
disposition-notification-parameter names . . . . . . . . 28 disposition-notification-parameter names . . . . . . . . 29
10.2. Disposition modifier names . . . . . . . . . . . . . . . 28 10.2. Disposition modifier names . . . . . . . . . . . . . . . 30
10.3. MDN extension field names . . . . . . . . . . . . . . . 28 10.3. MDN extension field names . . . . . . . . . . . . . . . 30
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 29 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 29 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 31
12.1. Normative References . . . . . . . . . . . . . . . . . . 29 12.1. Normative References . . . . . . . . . . . . . . . . . . 31
12.2. Informative References . . . . . . . . . . . . . . . . . 30 12.2. Informative References . . . . . . . . . . . . . . . . . 32
Appendix A. Changes from RFC 3798 . . . . . . . . . . . . . . . 31 Appendix A. Changes from RFC 3798 . . . . . . . . . . . . . . . 32
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 33
1. Introduction 1. Introduction
This memo defines a RFC-MIME-MEDIA [4] content-type for message This memo defines a media type [RFC2046] for message disposition
disposition notifications (MDNs). An MDN can be used to notify the notifications (MDNs). An MDN can be used to notify the sender of a
sender of a message of any of several conditions that may occur after message of any of several conditions that may occur after successful
successful delivery, such as display of the message contents, delivery, such as display of the message contents, printing of the
printing of the message, deletion (without display) of the message, message, deletion (without display) of the message, or the
or the recipient's refusal to provide MDNs. The "message/ recipient's refusal to provide MDNs. The "message/disposition-
disposition-notification" content-type defined herein is intended for notification" content-type defined herein is intended for use within
use within the framework of the "multipart/report" content type the framework of the "multipart/report" content type defined in RFC-
defined in RFC-REPORT [6]. REPORT [RFC3462].
This memo defines the format of the notifications and the RFC-MSGFMT This memo defines the format of the notifications and the RFC-MSGFMT
[2] header fields used to request them. [RFC5322] header fields used to request them.
This memo is an update to RFC 3798 and is intended to be published at This memo is an update to RFC 3798 and is intended to be published at
Internet Standard Level. Internet Standard Level.
This memo is currently marked with the 'pre5378Trust200902' IPR This memo is currently marked with the 'pre5378Trust200902' IPR
statements until a release has been obtained from all previous statements until a release has been obtained from all previous
authors and editors of this text. authors and editors of this text.
1.1. Purposes 1.1. Purposes
skipping to change at page 5, line 9 skipping to change at page 4, line 41
independent of any particular human language or of the independent of any particular human language or of the
terminology of any particular mail system. terminology of any particular mail system.
d. The specification must be extensible in order to accommodate d. The specification must be extensible in order to accommodate
future requirements. future requirements.
1.3. Terminology 1.3. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC-KEYWORDS [9]. document are to be interpreted as described in RFC-KEYWORDS
[RFC2119].
All syntax descriptions use the ABNF specified by RFC-MSGFMT [2], in All syntax descriptions use the ABNF specified by RFC-MSGFMT
which the lexical tokens (used below) are defined: "CRLF", "FWS", [RFC5322], in which the lexical tokens (used below) are defined:
"CFWS", "field-name", "mailbox-list", "msg-id", and "text". The "CRLF", "FWS", "CFWS", "field-name", "mailbox-list", "msg-id", and
following lexical tokens are defined in RFC-SMTP [1]: "atom". "text". The following lexical tokens are defined in RFC-SMTP
[RFC5321]: "atom".
2. Requesting Message Disposition Notifications 2. Requesting Message Disposition Notifications
Message disposition notifications are requested by including a Message disposition notifications are requested by including a
Disposition-Notification-To header field in the message containing Disposition-Notification-To header field in the message containing
one or more addresses specifying where dispositions should be sent. one or more addresses specifying where dispositions should be sent.
Further information to be used by the recipient's MUA in generating Further information to be used by the recipient's Mail User Agent
the MDN may be provided by also including Original-Recipient and/or (MUA) [RFC5598] in generating the MDN may be provided by also
Disposition-Notification-Options header fields in the message. including Original-Recipient and/or Disposition-Notification-Options
header fields in the message.
2.1. The Disposition-Notification-To Header 2.1. The Disposition-Notification-To Header
A request for the receiving user agent to issue message disposition A request for the receiving user agent to issue message disposition
notifications is made by placing a Disposition-Notification-To header notifications is made by placing a Disposition-Notification-To header
field into the message. The syntax of the header field is field into the message. The syntax of the header field is
mdn-request-header = "Disposition-Notification-To" ":" mailbox-list CRLF mdn-request-header = "Disposition-Notification-To" ":" mailbox-list CRLF
A Disposition-Notification-To header field can appear at most once in A Disposition-Notification-To header field can appear at most once in
skipping to change at page 6, line 10 skipping to change at page 5, line 49
performed on the message. However, if a message is forwarded, an MDN performed on the message. However, if a message is forwarded, an MDN
may have been issued for the recipient doing the forwarding and the may have been issued for the recipient doing the forwarding and the
recipient of the forwarded message may also cause an MDN to be recipient of the forwarded message may also cause an MDN to be
generated. generated.
It is also possible that if the same message is being accessed by It is also possible that if the same message is being accessed by
multiple user agents (for example using POP3), then multiple multiple user agents (for example using POP3), then multiple
dispositions might be generated for the same recipient. User agents dispositions might be generated for the same recipient. User agents
SHOULD laverage support in the underlying message access protocol to SHOULD laverage support in the underlying message access protocol to
prevent multiple MDNs from being generated. In particular, when the prevent multiple MDNs from being generated. In particular, when the
user agent is accessing the message using RFC-IMAP [12], it SHOULD user agent is accessing the message using RFC-IMAP [RFC3501], it
implement the procedures specified in RFC-IMAP-MDN [10]. SHOULD implement the procedures specified in RFC-IMAP-MDN [RFC3503].
While Internet standards normally do not specify the behavior of user While Internet standards normally do not specify the behavior of user
interfaces, it is strongly recommended that the user agent obtain the interfaces, it is strongly recommended that the user agent obtain the
user's consent before sending an MDN. This consent could be obtained user's consent before sending an MDN. This consent could be obtained
for each message through some sort of prompt or dialog box, or for each message through some sort of prompt or dialog box, or
globally through the user's setting of a preference. globally through the user's setting of a preference. The purpose of
obtaining user's consent is to protect user's privacy. If user's
consent is obtained through a preference, the default value should be
not to send MDNs.
MDNs SHOULD NOT be sent automatically if the address in the MDNs MUST NOT be sent automatically if the address in the
Disposition-Notification-To header field differs from the address in Disposition-Notification-To header field differs from the address in
the Return-Path header field (see RFC-MSGFMT [2]). In this case, the Return-Path header field (see RFC-MSGFMT [RFC5322]). In this
confirmation from the user SHOULD be obtained, if possible. If case, confirmation from the user MUST be obtained, if possible. If
obtaining consent is not possible (e.g., because the user is not obtaining consent is not possible (e.g., because the user is not
online at the time), then an MDN SHOULD NOT be sent. online at the time or the client is not an interactive email client),
then an MDN MUST NOT be sent.
Confirmation from the user SHOULD be obtained (or no MDN sent) if Confirmation from the user MUST be obtained (or no MDN sent) if there
there is no Return-Path header field in the message, or if there is is no Return-Path header field in the message, or if there is more
more than one distinct address in the Disposition-Notification-To than one distinct address in the Disposition-Notification-To header
header field. field.
The comparison of the addresses should be done using only the addr- The comparison of the addresses is done using only the addr-spec
spec (local-part "@" domain) portion, excluding any angle brackets, (local-part "@" domain) portion, excluding any angle brackets, phrase
phrase and route. The comparison MUST be case-sensitive for the and route. As prescribed by RFC 5322, the comparison MUST be case-
local-part and case-insensitive for the domain part. The local-part sensitive for the local-part and case-insensitive for the domain
comparison SHOULD be done after performing local-part part. The local-part comparison SHOULD be done after performing
canonicalization (i.e. after removing the surrounding double-quote local-part canonicalization (i.e. after removing the surrounding
characters, if any, as well as any escaping "\" characters. (See double-quote characters, if any, as well as any escaping "\"
RFC-MSGFMT [2] for more details.) Implementations MAY treat known characters. (See RFC-MSGFMT [RFC5322] for more details.)
domain aliases as equivalent for the purpose of comparison. Implementations MAY treat known domain aliases as equivalent for the
purpose of comparison.
Note that use of subaddressing (see [13]) can result in a failure to Note that use of subaddressing (see [RFC5233]) can result in a
match two local-parts and thus result in possible suppression of the failure to match two local-parts and thus result in possible
MDN. This document doesn't recommend special handling for this case, suppression of the MDN. This document doesn't recommend special
as the receiving MUA can't reliably know whether or not the sender is handling for this case, as the receiving MUA can't reliably know
using subaddressing. whether or not the sender is using subaddressing.
If the message contains more than one Return-Path header field, the If the message contains more than one Return-Path header field, the
implementation may pick one to use for the comparison, or treat the implementation may pick one to use for the comparison, or treat the
situation as a failure of the comparison. situation as a failure of the comparison.
The reason for not automatically sending an MDN if the comparison The reason for not automatically sending an MDN if the comparison
fails or more than one address is specified is to reduce the fails or more than one address is specified is to reduce the
possibility of mail loops and of MDNs being used for mail bombing. possibility of mail loops and of MDNs being used for mail bombing.
A message that contains a Disposition-Notification-To header field It's especially important that a message that contains a Disposition-
SHOULD also contain a Message-ID header field as specified in RFC- Notification-To header field also contain a Message-ID header field,
MSGFMT [2]. This will permit automatic correlation of MDNs with to permit user agents to automatically correlate MDNs with their
their original messages by user agents. original messages.
If the request for message disposition notifications for some If the request for message disposition notifications for some
recipients and not others is desired, two copies of the message recipients and not others is desired, two copies of the message
should be sent, one with a Disposition-Notification-To header field should be sent, one with a Disposition-Notification-To header field
and one without. Many of the other header fields of the message and one without. Many of the other header fields of the message
(e.g., To, Cc) will be the same in both copies. The recipients in (e.g., To, Cc) will be the same in both copies. The recipients in
the respective message envelopes determine for whom message the respective message envelopes determine from whom message
disposition notifications are requested and for whom they are not. disposition notifications are requested and from whom they are not.
If desired, the Message-ID header field may be the same in both If desired, the Message-ID header field may be the same in both
copies of the message. Note that there are other situations (e.g., copies of the message. Note that there are other situations (e.g.,
Bcc) in which it is necessary to send multiple copies of a message Bcc) in which it is necessary to send multiple copies of a message
with slightly different header fields. The combination of such with slightly different header fields. The combination of such
situations and the need to request MDNs for a subset of all situations and the need to request MDNs for a subset of all
recipients may result in more than two copies of a message being recipients may result in more than two copies of a message being
sent, some with a Disposition-Notification-To header field and some sent, some with a Disposition-Notification-To header field and some
without. without.
Messages posted to newsgroups SHOULD NOT have a Disposition- If it is possible to determine that a recipient is a newsgroup, do
Notification-To header field. not include a Disposition-Notification-To header field for that
recipient.
2.2. The Disposition-Notification-Options Header 2.2. The Disposition-Notification-Options Header
Extensions to this specification may require that information be Extensions to this specification may require that information be
supplied to the recipient's MUA for additional control over how and supplied to the recipient's MUA for additional control over how and
what MDNs are generated. The Disposition-Notification-Options header what MDNs are generated. The Disposition-Notification-Options header
field provides an extensible mechanism for such information. The field provides an extensible mechanism for such information. The
syntax of this header field is as follows: syntax of this header field is as follows:
Disposition-Notification-Options = Disposition-Notification-Options =
skipping to change at page 8, line 29 skipping to change at page 8, line 27
experimental use. disposition-notification-parameter attribute names experimental use. disposition-notification-parameter attribute names
not beginning with "X-" MUST be registered with the Internet Assigned not beginning with "X-" MUST be registered with the Internet Assigned
Numbers Authority (IANA) using "Specification required" registration Numbers Authority (IANA) using "Specification required" registration
policy. policy.
(See Section 10 for a registration form.) (See Section 10 for a registration form.)
2.3. The Original-Recipient Header Field 2.3. The Original-Recipient Header Field
Since electronic mail addresses may be rewritten while the message is Since electronic mail addresses may be rewritten while the message is
in transit, it is useful for the original recipient address to be in transit, it is useful for the original recipient address to be
made available by the delivering MTA. The delivering MTA may be able made available by the delivering Message Transfer Agent (MTA)
to obtain this information from the ORCPT parameter of the SMTP RCPT [RFC5598]. The delivering MTA may be able to obtain this information
TO command, as defined in RFC-SMTP [1] and RFC-DSN-SMTP [7]. from the ORCPT parameter of the SMTP RCPT TO command, as defined in
RFC-SMTP [RFC5321] and RFC-DSN-SMTP [RFC3461].
RFC-DSN-SMTP [7] is amended as follows: If the ORCPT information is RFC-DSN-SMTP [RFC3461] is amended as follows: If the ORCPT
available, the delivering MTA SHOULD insert an Original-Recipient information is available, the delivering MTA SHOULD insert an
header field at the beginning of the message (along with the Return- Original-Recipient header field at the beginning of the message
Path header field). The delivering MTA MAY delete any other (along with the Return-Path header field). The delivering MTA MAY
Original-Recipient header fields that occur in the message. The delete any other Original-Recipient header fields that occur in the
syntax of this header field is as follows: message. The syntax of this header field is as follows:
original-recipient-header = original-recipient-header =
"Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS
OWS = [CFWS] OWS = [CFWS]
; Optional whitespace. ; Optional whitespace.
; MDN generators SHOULD use "*WSP" ; MDN generators SHOULD use "*WSP"
; (typically a single space or nothing. ; (typically a single space or nothing.
; It SHOULD be nothing at the end of a field), ; It SHOULD be nothing at the end of a field),
; unless an RFC 5322 "comment" is required. ; unless an RFC 5322 "comment" is required.
; ;
; MDN parsers MUST parse it as "[CFWS]". ; MDN parsers MUST parse it as "[CFWS]".
The address-type and generic-address token are as specified in the The address-type and generic-address token are as specified in the
description of the Original-Recipient field in Section 3.2.3. description of the Original-Recipient field in Section 3.2.3.
The purpose of carrying the original recipient information and The purpose of carrying the original recipient information and
returning it in the MDN is to permit automatic correlation of MDNs returning it in the MDN is to permit automatic correlation of MDNs
with the original message on a per-recipient basis. with the original message on a per-recipient basis.
2.4. Use with the Message/Partial Content Type 2.4. Use with the Message/Partial Media Type
The use of the header fields Disposition-Notification-To, The use of the header fields Disposition-Notification-To,
Disposition-Notification-Options, and Original-Recipient with the Disposition-Notification-Options, and Original-Recipient with the
MIME message/partial content type (RFC-MIME-MEDIA [4]]) requires MIME message/partial content type (RFC-MIME-MEDIA [RFC2046]])
further definition. requires further definition.
When a message is segmented into two or more message/partial When a message is segmented into two or more message/partial
fragments, the three header fields mentioned in the above paragraph fragments, the three header fields mentioned in the above paragraph
SHOULD be placed in the "inner" or "enclosed" message (using the SHOULD be placed in the "inner" or "enclosed" message (using the
terms of RFC-MIME-MEDIA [4]). These header fields SHOULD NOT be used terms of RFC-MIME-MEDIA [RFC2046]). If these header fields are found
in the header fields of any of the fragments themselves. in the header fields of any of the fragments, they are ignored.
When the multiple message/partial fragments are reassembled, the When the multiple message/partial fragments are reassembled, the
following applies. If these header fields occur along with the other following applies. If these header fields occur along with the other
header fields of a message/partial fragment message, they pertain to header fields of a message/partial fragment message, they pertain to
an MDN that will be generated for the fragment. If these header an MDN that will be generated for the fragment. If these header
fields occur in the header fields of the "inner" or "enclosed" fields occur in the header fields of the "inner" or "enclosed"
message (using the terms of RFC-MIME-MEDIA [4]), they pertain to an message (using the terms of RFC-MIME-MEDIA [RFC2046]), they pertain
MDN that will be generated for the reassembled message. to an MDN that will be generated for the reassembled message.
Section 5.2.2.1 of RFC-MIME-MEDIA [4]) is amended to specify that, in Section 5.2.2.1 of RFC-MIME-MEDIA [RFC2046]) is amended to specify
addition to the header fields specified there, the three header that, in addition to the header fields specified there, the three
fields described in this specification are to be appended, in order, header fields described in this specification are to be appended, in
to the header fields of the reassembled message. Any occurrences of order, to the header fields of the reassembled message. Any
the three header fields defined here in the header fields of the occurrences of the three header fields defined here in the header
initial enclosing message must not be copied to the reassembled fields of the initial enclosing message MUST NOT be copied to the
message. reassembled message.
3. Format of a Message Disposition Notification 3. Format of a Message Disposition Notification
A message disposition notification is a MIME message with a top-level A message disposition notification is a MIME message with a top-level
content-type of multipart/report (defined in RFC-REPORT [6]). When content-type of multipart/report (defined in RFC-REPORT [RFC3462]).
multipart/report content is used to transmit an MDN: When multipart/report content is used to transmit an MDN:
a. The report-type parameter of the multipart/report content is a. The report-type parameter of the multipart/report content is
"disposition-notification". "disposition-notification".
b. The first component of the multipart/report contains a human- b. The first component of the multipart/report contains a human-
readable explanation of the MDN, as described in RFC-REPORT [6]. readable explanation of the MDN, as described in RFC-REPORT
[RFC3462].
c. The second component of the multipart/report is of content-type c. The second component of the multipart/report is of content-type
message/disposition-notification, described in Section 3.1 of message/disposition-notification, described in Section 3.1 of
this document. this document.
d. If the original message or a portion of the message is to be d. If the original message or a portion of the message is to be
returned to the sender, it appears as the third component of the returned to the sender, it appears as the third component of the
multipart/report. The decision of whether or not to return the multipart/report. The decision of whether or not to return the
message or part of the message is up to the MUA generating the message or part of the message is up to the MUA generating the
MDN. However, in the case of encrypted messages requesting MDNs, MDN. However, in the case of encrypted messages requesting MDNs,
encrypted message text MUST be returned, if it is returned at encrypted message text MUST be returned, if it is returned at
all, only in its original encrypted form. all, only in its original encrypted form.
NOTE: For message disposition notifications gatewayed from foreign NOTE: For message disposition notifications gatewayed from foreign
systems, the header fields of the original message may not be systems, the header fields of the original message may not be
available. In this case, the third component of the MDN may be available. In this case, the third component of the MDN may be
omitted, or it may contain "simulated" RFC-MSGFMT [2] header fields omitted, or it may contain "simulated" RFC-MSGFMT [RFC5322] header
that contain equivalent information. In particular, it is very fields that contain equivalent information. In particular, it is
desirable to preserve the subject and date fields from the original very desirable to preserve the subject and date fields from the
message. original message.
The MDN MUST be addressed (in both the message header field and the The MDN MUST be addressed (in both the message header field and the
transport envelope) to the address(es) from the Disposition- transport envelope) to the address(es) from the Disposition-
Notification-To header field from the original message for which the Notification-To header field from the original message for which the
MDN is being generated. MDN is being generated.
The From field of the message header field of the MDN MUST contain The From header field of the MDN MUST contain the address of the
the address of the person for whom the message disposition person for whom the message disposition notification is being issued.
notification is being issued.
The envelope sender address (i.e., SMTP MAIL FROM) of the MDN MUST be The envelope sender address (i.e., SMTP "MAIL FROM") of the MDN MUST
null (<>), specifying that no Delivery Status Notification messages be null (<>), specifying that no Delivery Status Notification
or other messages indicating successful or unsuccessful delivery are messages nor other messages indicating successful or unsuccessful
to be sent in response to an MDN. delivery are to be sent in response to an MDN.
A message disposition notification MUST NOT itself request an MDN. A message disposition notification MUST NOT itself request an MDN.
That is, it MUST NOT contain a Disposition-Notification-To header That is, it MUST NOT contain a Disposition-Notification-To header
field. field.
The Message-ID header field (if present) for an MDN MUST be different The Message-ID header field (if present) for an MDN MUST be different
from the Message-ID of the message for which the MDN is being issued. from the Message-ID of the message for which the MDN is being issued.
A particular MDN describes the disposition of exactly one message for A particular MDN describes the disposition of exactly one message for
exactly one recipient. Multiple MDNs may be generated as a result of exactly one recipient. Multiple MDNs may be generated as a result of
one message submission, one per recipient. However, due to the one message submission, one per recipient. However, due to the
circumstances described in Section 2.1, MDNs may not be generated for circumstances described in Section 2.1, it's possible that some of
some recipients for which MDNs were requested. the recipients for whom MDNs were requested will not generate MDNs.
3.1. The message/disposition-notification content-type 3.1. The message/disposition-notification Media Type
The message/disposition-notification content-type is defined as The message/disposition-notification Media Type is defined as
follows: follows:
MIME type name: message Type name: message
MIME subtype name: disposition-notification Subtype name: disposition-notification
Required parameters: none
Optional parameters: none Optional parameters: none
Encoding considerations: "7bit" encoding is sufficient and MUST be Encoding considerations: "7bit" encoding is sufficient and MUST be
used to maintain readability when viewed by non- used to maintain readability when viewed by non-
MIME mail readers. MIME mail readers.
Security considerations: discussed in Section 6 of this memo. Security considerations: discussed in Section 6 of [RFCXXX].
Interoperability considerations: none
Published specification: [RFCXXX]
Applications that use this media type: Mail Transfer Agents and
email clients that support multipart/report
generation and/or parsing.
Fragment identifier considerations: N/A
Additional information:
Deprecated alias names for this type: N/A
Magic number(s): none
File extension(s): .disposition-notification
Macintosh file type code(s): The 'TEXT' type
code is suggested as files of this type are
typically used for diagnostic purposes and
suitable for analysis in a text editor. A
uniform type identifier (UTI) of "public.utf8-
email-message-header" is suggested. This type
conforms to "public.plain-text".
Person & email address to contact for further information: See the
Authors' Addresses section of [RFCXXXX]
Intended usage: COMMON
Restrictions on usage: This media type contains textual data in the
US-ASCII charset, which is always 7-bit.
Author: See the Authors' Addresses section of [RFCXXXX]
Change controller: IETF
Provisional registration? no
(While the 7bit restriction applies to the message/disposition- (While the 7bit restriction applies to the message/disposition-
notification portion of the multipart/report content, it does not notification portion of the multipart/report content, it does not
apply to the optional third portion of the multipart/report content.) apply to the optional third portion of the multipart/report content.)
The message/disposition-notification report type for use in the The message/disposition-notification report type for use in the
multipart/report is "disposition-notification". multipart/report is "disposition-notification".
The body of a message/disposition-notification consists of one or The body of a message/disposition-notification consists of one or
more "fields" formatted according to the ABNF of RFC-MSGFMT [2] more "fields" formatted according to the ABNF of RFC-MSGFMT [RFC5322]
header "fields". The syntax of the message/disposition-notification header "fields". The syntax of the message/disposition-notification
content is as follows: content is as follows:
disposition-notification-content = [ reporting-ua-field CRLF ] disposition-notification-content = [ reporting-ua-field CRLF ]
[ mdn-gateway-field CRLF ] [ mdn-gateway-field CRLF ]
[ original-recipient-field CRLF ] [ original-recipient-field CRLF ]
final-recipient-field CRLF final-recipient-field CRLF
[ original-message-id-field CRLF ] [ original-message-id-field CRLF ]
disposition-field CRLF disposition-field CRLF
*( failure-field CRLF ) *( failure-field CRLF )
skipping to change at page 12, line 8 skipping to change at page 13, line 23
*( extension-field CRLF ) *( extension-field CRLF )
extension-field = extension-field-name ":" *([FWS] text) extension-field = extension-field-name ":" *([FWS] text)
extension-field-name = field-name extension-field-name = field-name
Note that the order of the above fields is fixed, with the exception Note that the order of the above fields is fixed, with the exception
of the extension fields. of the extension fields.
3.1.1. General conventions for fields 3.1.1. General conventions for fields
Since these fields are defined according to the rules of RFC-MSGFMT Since these fields are defined according to the rules of RFC-MSGFMT
[2], the same conventions for continuation lines and comments apply. [RFC5322], the same conventions for continuation lines and comments
Notification fields may be continued onto multiple lines by beginning apply. Notification fields may be continued onto multiple lines by
each additional line with a SPACE or HTAB. Text that appears in beginning each additional line with a SPACE or HTAB. Text that
parentheses is considered a comment and not part of the contents of appears in parentheses is considered a comment and not part of the
that notification field. Field names are case-insensitive, so the contents of that notification field. Field names are case-
names of notification fields may be spelled in any combination of insensitive, so the names of notification fields may be spelled in
upper and lower case letters. [2] comments in notification fields any combination of upper and lower case letters. [RFC5322] comments
may use the "encoded-word" construct defined in RFC-MIME-HEADER [5]. in notification fields may use the "encoded-word" construct defined
in RFC-MIME-HEADER [RFC2047].
3.1.2. "*-type" subfields 3.1.2. "*-type" subfields
Several fields consist of a "-type" subfield, followed by a semi- Several fields consist of a "-type" subfield, followed by a semi-
colon, followed by "*text". colon, followed by "*text".
For these fields, the keyword used in the address-type or MTA-type For these fields, the keyword used in the address-type or MTA-type
subfield indicates the expected format of the address or MTA-name subfield indicates the expected format of the address or MTA-name
that follows. that follows.
The "-type" subfields are defined as follows: The "-type" subfields are defined as follows:
skipping to change at page 12, line 47 skipping to change at page 14, line 16
mta-name-type = atom mta-name-type = atom
Values for address-type and mta-name-type are case-insensitive. Values for address-type and mta-name-type are case-insensitive.
Thus, address-type values of "RFC822" and "rfc822" are equivalent. Thus, address-type values of "RFC822" and "rfc822" are equivalent.
The Internet Assigned Numbers Authority (IANA) maintains a registry The Internet Assigned Numbers Authority (IANA) maintains a registry
of address-type and mta-name-type values, along with descriptions of of address-type and mta-name-type values, along with descriptions of
the meanings of each, or a reference to one or more specifications the meanings of each, or a reference to one or more specifications
that provide such descriptions. (The "rfc822" address-type is that provide such descriptions. (The "rfc822" address-type is
defined in RFC-DSN-SMTP [7].) Registration forms for address-type defined in RFC-DSN-SMTP [RFC3461].) Registration forms for address-
and mta-name-type appear in RFC-DSN-FORMAT [8]. type and mta-name-type appear in RFC-DSN-FORMAT [RFC3464].
3.2. Message/disposition-notification Fields 3.2. Message/disposition-notification Content Fields
3.2.1. The Reporting-UA field 3.2.1. The Reporting-UA field
reporting-ua-field = "Reporting-UA" ":" OWS ua-name OWS [ ";" OWS ua-product OWS ] reporting-ua-field = "Reporting-UA" ":" OWS ua-name OWS [ ";" OWS ua-product OWS ]
ua-name = *text-no-semi ua-name = *text-no-semi
ua-product = *([FWS] text) ua-product = *([FWS] text)
text-no-semi = %d1-9 / ; "text" characters excluding NUL, CR, text-no-semi = %d1-9 / ; "text" characters excluding NUL, CR,
%d11 / %d12 / %d14-58 / %d60-127 ; LF, or semi-colon %d11 / %d12 / %d14-58 / %d60-127 ; LF, or semi-colon
The Reporting-UA field is defined as follows: The Reporting-UA field is defined as follows:
skipping to change at page 13, line 43 skipping to change at page 15, line 9
The MDN-Gateway field indicates the name of the gateway or MTA that The MDN-Gateway field indicates the name of the gateway or MTA that
translated a foreign (non-Internet) message disposition notification translated a foreign (non-Internet) message disposition notification
into this MDN. This field MUST appear in any MDN that was translated into this MDN. This field MUST appear in any MDN that was translated
by a gateway from a foreign system into MDN format, and MUST NOT by a gateway from a foreign system into MDN format, and MUST NOT
appear otherwise. appear otherwise.
mdn-gateway-field = "MDN-Gateway" ":" OWS mta-name-type OWS ";" OWS mta-name OWS mdn-gateway-field = "MDN-Gateway" ":" OWS mta-name-type OWS ";" OWS mta-name OWS
mta-name = *text mta-name = *text
For gateways into Internet Mail, the MTA-name-type will normally be For gateways into Internet Mail, the MTA-name-type will normally be
"smtp", and the mta-name will be the Internet domain name of the "dns", and the mta-name will be the Internet domain name of the
gateway. gateway.
3.2.3. Original-Recipient field 3.2.3. Original-Recipient field
The Original-Recipient field indicates the original recipient address The Original-Recipient field indicates the original recipient address
as specified by the sender of the message for which the MDN is being as specified by the sender of the message for which the MDN is being
issued. For Internet Mail messages, the value of the Original- issued. For Internet Mail messages, the value of the Original-
Recipient field is obtained from the Original-Recipient header field Recipient field is obtained from the Original-Recipient header field
from the message for which the MDN is being generated. If there is from the message for which the MDN is being generated. If there is
no Original-Recipient header field in the message, then the Original- an Original-Recipient header field in the message, or if information
Recipient field MUST be omitted, unless the same information is about the original recipient is reliably available some other way,
reliably available some other way. If there is an Original-Recipient then the Original-Recipient field MUST be included. Otherwise, the
header field in the original message (or original recipient Original-Recipient field MUST NOT be included. If there is more than
information is reliably available some other way), then the Original- one Original-Recipient header field in the message, the MUA may
Recipient field must be supplied. If there is more than one choose the one to use, or act as if no Original-Recipient header
Original-Recipient header field in the message, the MUA may choose field is present.
the one to use, or act as if no Original-Recipient header field is
present.
original-recipient-field = original-recipient-field =
"Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS
generic-address = *text generic-address = *text
The address-type field indicates the type of the original recipient The address-type field indicates the type of the original recipient
address. If the message originated within the Internet, the address- address. If the message originated within the Internet, the address-
type field will normally be "rfc822", and the address will be type field will normally be "rfc822", and the address will be
according to the syntax specified in RFC-MSGFMT [2]. The value according to the syntax specified in RFC-MSGFMT [RFC5322]. The value
"unknown" should be used if the Reporting MUA cannot determine the "unknown" should be used if the Reporting MUA cannot determine the
type of the original recipient address from the message envelope. type of the original recipient address from the message envelope.
This address is the same as that provided by the sender and can be This address is the same as that provided by the sender and can be
used to automatically correlate MDN reports with original messages on used to automatically correlate MDN reports with original messages on
a per recipient basis. a per recipient basis.
3.2.4. Final-Recipient field 3.2.4. Final-Recipient field
The Final-Recipient field indicates the recipient for which the MDN The Final-Recipient field indicates the recipient for which the MDN
is being issued. This field MUST be present. is being issued. This field MUST be present.
skipping to change at page 15, line 7 skipping to change at page 16, line 19
The Final-Recipient address may differ from the address originally The Final-Recipient address may differ from the address originally
provided by the sender, because it may have been transformed during provided by the sender, because it may have been transformed during
forwarding and gatewaying into a totally unrecognizable mess. forwarding and gatewaying into a totally unrecognizable mess.
However, in the absence of the optional Original-Recipient field, the However, in the absence of the optional Original-Recipient field, the
Final-Recipient field and any returned content may be the only Final-Recipient field and any returned content may be the only
information available with which to correlate the MDN with a information available with which to correlate the MDN with a
particular message recipient. particular message recipient.
The address-type subfield indicates the type of address expected by The address-type subfield indicates the type of address expected by
the reporting MTA in that context. Recipient addresses obtained via the reporting MTA in that context. Recipient addresses obtained via
SMTP will normally be of address-type "rfc822". SMTP will normally be of address-type "rfc822", but can be other
values from the "Address Types" subregistry of the "Delivery Status
Notification (DSN) Types" IANA registry.
Since mailbox addresses (including those used in the Internet) may be Since mailbox addresses (including those used in the Internet) may be
case sensitive, the case of alphabetic characters in the address MUST case sensitive, the case of alphabetic characters in the address MUST
be preserved. be preserved.
3.2.5. Original-Message-ID field 3.2.5. Original-Message-ID field
The Original-Message-ID field indicates the message-ID of the message The Original-Message-ID field indicates the message-ID of the message
for which the MDN is being issued. It is obtained from the Message- for which the MDN is being issued. It is obtained from the Message-
ID header field of the message for which the MDN is issued. This ID header field of the message for which the MDN is issued. This
field MUST be present if the original message contained a Message-ID field MUST be present if and only if the original message contained a
header field. The syntax of the field is as follows: Message-ID header field. The syntax of the field is as follows:
original-message-id-field = original-message-id-field =
"Original-Message-ID" ":" msg-id "Original-Message-ID" ":" msg-id
The msg-id token is as specified in RFC-MSGFMT [2]. The msg-id token is as specified in RFC-MSGFMT [RFC5322].
3.2.6. Disposition field 3.2.6. Disposition field
The Disposition field indicates the action performed by the The Disposition field indicates the action performed by the
Reporting-MUA on behalf of the user. This field MUST be present. Reporting-MUA on behalf of the user. This field MUST be present.
The syntax for the Disposition field is: The syntax for the Disposition field is:
disposition-field = disposition-field =
"Disposition" ":" OWS disposition-mode OWS ";" "Disposition" ":" OWS disposition-mode OWS ";"
skipping to change at page 15, line 46 skipping to change at page 17, line 18
[ OWS "/" OWS disposition-modifier [ OWS "/" OWS disposition-modifier
*( OWS "," OWS disposition-modifier ) ] OWS *( OWS "," OWS disposition-modifier ) ] OWS
disposition-mode = action-mode OWS "/" OWS sending-mode disposition-mode = action-mode OWS "/" OWS sending-mode
action-mode = "manual-action" / "automatic-action" action-mode = "manual-action" / "automatic-action"
sending-mode = "MDN-sent-manually" / "MDN-sent-automatically" sending-mode = "MDN-sent-manually" / "MDN-sent-automatically"
disposition-type = "displayed" / "deleted" / "dispatched" / disposition-type = "displayed" / "deleted" / "dispatched" /
"processed" "processed"
disposition-modifier = "error" / disposition-modifier-extension disposition-modifier = "error" / disposition-modifier-extension
disposition-modifier-extension = atom disposition-modifier-extension = atom
The disposition-mode, disposition-type, and disposition-modifier may The disposition-mode, disposition-type, and disposition-modifier
be spelled in any combination of upper and lower case characters. values may be spelled in any combination of upper and lower case US-
ASCII characters.
3.2.6.1. Disposition modes 3.2.6.1. Disposition modes
The following disposition modes are defined: The following disposition modes are defined:
"manual-action" The disposition described by the disposition type "manual-action" The disposition described by the disposition type
was a result of an explicit instruction by the was a result of an explicit instruction by the
user rather than some sort of automatically user rather than some sort of automatically
performed action. performed action. Unless prescribed otherwise in
a particular mail environment, in order to
preserve user's privacy, this is the default for
MUAs.
"automatic-action" The disposition described by the disposition type "automatic-action" The disposition described by the disposition type
was a result of an automatic action, rather than was a result of an automatic action, rather than
an explicit instruction by the user for this an explicit instruction by the user for this
message. message.
"Manual-action" and "automatic-action" are mutually exclusive. One "Manual-action" and "automatic-action" are mutually exclusive. One
or the other MUST be specified. or the other MUST be specified.
"MDN-sent-manually" The user explicitly gave permission for this "MDN-sent-manually" The user explicitly gave permission for this
skipping to change at page 18, line 18 skipping to change at page 19, line 39
The Failure and Error fields are used to supply additional The Failure and Error fields are used to supply additional
information in the form of text messages when the "failure" information in the form of text messages when the "failure"
disposition type or "error" disposition modifier appear. The syntax disposition type or "error" disposition modifier appear. The syntax
is as follows: is as follows:
failure-field = "Failure" ":" *([FWS] text) failure-field = "Failure" ":" *([FWS] text)
error-field = "Error" ":" *([FWS] text) error-field = "Error" ":" *([FWS] text)
Note that syntax of these header fields doesn't include comments, so Note that syntax of these header fields doesn't include comments, so
"encoded-word" construct defined in RFC-MIME-HEADER [5] can't be used "encoded-word" construct defined in RFC-MIME-HEADER [RFC2047] can't
to convey non ASCII text. Application that need to convey non ASCII be used to convey non ASCII text. Application that need to convey
text in these fields should consider implementing message/global- non ASCII text in these fields should consider implementing message/
disposition-notification media type specified in [15] instead of this global-disposition-notification media type specified in [RFC6533]
specification. instead of this specification.
3.3. Extension-fields 3.3. Extension-fields
Additional MDN fields may be defined in the future by later revisions Additional MDN fields may be defined in the future by later revisions
or extensions to this specification. Extension-field names beginning or extensions to this specification. Extension-field names beginning
with "X-" will never be defined as standard fields; such names are with "X-" will never be defined as standard fields; such names are
reserved for experimental use. MDN field names NOT beginning with reserved for experimental use. MDN field names NOT beginning with
"X-" MUST be registered with the Internet Assigned Numbers Authority "X-" MUST be registered with the Internet Assigned Numbers Authority
(IANA) using "Specification required" registration policy. (See (IANA) using "Specification required" registration policy. (See
Section 10 for a registration form.) MDN Extension-fields may be Section 10 for a registration form.) MDN Extension-fields may be
skipping to change at page 19, line 21 skipping to change at page 20, line 39
-- User tells MUA to send message -- User tells MUA to send message
-- MUA passes message to MTA (original recipient information passed -- MUA passes message to MTA (original recipient information passed
along) along)
-- MTA sends message to next MTA -- MTA sends message to next MTA
-- Final MTA receives message -- Final MTA receives message
-- Final MTA delivers message to MUA (possibly generating a DSN) -- Final MTA delivers message to MUA (possibly generating a Delivery
Status Notification (DSN))
-- MUA performs automatic processing and generates corresponding MDNs -- MUA performs automatic processing and generates corresponding MDNs
("dispatched", "processed" or "deleted" disposition type with ("dispatched", "processed" or "deleted" disposition type with
"automatic-action" and "MDN-sent-automatically" disposition modes) "automatic-action" and "MDN-sent-automatically" disposition modes)
-- MUA displays list of messages to user -- MUA displays list of messages to user
-- User selects a message and requests that some action be performed -- User selects a message and requests that some action be performed
on it. on it.
skipping to change at page 20, line 16 skipping to change at page 21, line 33
An MUA or gateway conforms to this specification if it generates MDNs An MUA or gateway conforms to this specification if it generates MDNs
according to the protocol defined in this memo. It is not necessary according to the protocol defined in this memo. It is not necessary
to be able to generate all of the possible values of the Disposition to be able to generate all of the possible values of the Disposition
field. field.
MUAs and gateways MUST NOT generate the Original-Recipient field of MUAs and gateways MUST NOT generate the Original-Recipient field of
an MDN unless the mail protocols provide the address originally an MDN unless the mail protocols provide the address originally
specified by the sender at the time of submission. Ordinary SMTP specified by the sender at the time of submission. Ordinary SMTP
does not make that guarantee, but the SMTP extension defined in RFC- does not make that guarantee, but the SMTP extension defined in RFC-
DSN-SMTP [7] permits such information to be carried in the envelope DSN-SMTP [RFC3461] permits such information to be carried in the
if it is available. The Original-Recipient header field defined in envelope if it is available. The Original-Recipient header field
this document provides a way for the MTA to pass the original defined in this document provides a way for the MTA to pass the
recipient address to the MUA. original recipient address to the MUA.
Each sender-specified recipient address may result in more than one Each sender-specified recipient address may result in more than one
MDN. If an MDN is requested for a recipient that is forwarded to MDN. If an MDN is requested for a recipient that is forwarded to
multiple recipients of an "alias" (as defined in RFC-DSN-SMTP [7], multiple recipients of an "alias" (as defined in RFC-DSN-SMTP
section 6.2.7.3), each of the recipients may issue an MDN. [RFC3461], section 6.2.7.3), each of the recipients may issue an MDN.
Successful distribution of a message to a mailing list exploder Successful distribution of a message to a mailing list exploder
SHOULD be considered the final disposition of the message. A mailing SHOULD be considered the final disposition of the message. A mailing
list exploder MAY issue an MDN with a disposition type of "processed" list exploder MAY issue an MDN with a disposition type of "processed"
and disposition modes of "automatic-action" and "MDN-sent- and disposition modes of "automatic-action" and "MDN-sent-
automatically" indicating that the message has been forwarded to the automatically" indicating that the message has been forwarded to the
list. In this case, the request for MDNs is not propagated to the list. In this case, the request for MDNs is not propagated to the
members of the list. members of the list.
Alternatively, the mailing list exploder MAY issue no MDN and Alternatively (if successful distribution of a message to a mailing
propagate the request for MDNs to all members of the list. The list exploder is not considered the final disposition of the
latter behavior is not recommended for any but small, closely knit message), the mailing list exploder MAY issue no MDN and propagate
lists, as it might cause large numbers of MDNs to be generated and the request for MDNs to all members of the list. The latter behavior
may cause confidential subscribers to the list to be revealed. The is not recommended for any but small, closely knit lists, as it might
mailing list exploder MAY also direct MDNs to itself, correlate them, cause large numbers of MDNs to be generated and may cause
and produce a report to the original sender of the message. confidential subscribers to the list to be revealed. The mailing
list exploder MAY also direct MDNs to itself, correlate them, and
produce a report to the original sender of the message.
This specification places no restrictions on the processing of MDNs This specification places no restrictions on the processing of MDNs
received by user agents or mailing lists. received by user agents or mailing lists.
6. Security Considerations 6. Security Considerations
The following security considerations apply when using MDNs: The following security considerations apply when using MDNs:
6.1. Forgery 6.1. Forgery
MDNs may be forged as easily as ordinary Internet electronic mail. MDNs can be (and are, in practice) forged as easily as ordinary
User agents and automatic mail handling facilities (such as mail Internet electronic mail. User agents and automatic mail handling
distribution list exploders) that wish to make automatic use of MDNs facilities (such as mail distribution list exploders) that wish to
should take appropriate precautions to minimize the potential damage make automatic use of MDNs should take appropriate precautions to
from denial-of-service attacks. minimize the potential damage from denial-of-service attacks.
Security threats related to forged MDNs include the sending of: Security threats related to forged MDNs include the sending of:
a. A falsified disposition notification when the indicated a. A falsified disposition notification when the indicated
disposition of the message has not actually occurred, disposition of the message has not actually occurred,
b. Unsolicited MDNs b. Unsolicited MDNs
6.2. Privacy 6.2. Privacy
skipping to change at page 22, line 24 skipping to change at page 23, line 43
MDNs do not provide non-repudiation with proof of delivery. Within MDNs do not provide non-repudiation with proof of delivery. Within
the framework of today's Internet Mail, the MDNs defined in this the framework of today's Internet Mail, the MDNs defined in this
document provide valuable information to the mail user; however, MDNs document provide valuable information to the mail user; however, MDNs
cannot be relied upon as a guarantee that a message was or was not cannot be relied upon as a guarantee that a message was or was not
seen by the recipient. Even if MDNs are not actively forged, they seen by the recipient. Even if MDNs are not actively forged, they
may be lost in transit. The recipient may bypass the MDN issuing may be lost in transit. The recipient may bypass the MDN issuing
mechanism in some manner. mechanism in some manner.
One possible solution for this purpose can be found in RFC-SEC- One possible solution for this purpose can be found in RFC-SEC-
SERVICES [11]. SERVICES [RFC2634].
6.4. Mail Bombing 6.4. Mail Bombing
The MDN request mechanism introduces an additional way of mailbombing The MDN request mechanism introduces an additional way of mailbombing
a mailbox. The MDN request notification provides an address to which a mailbox. The MDN request notification provides an address to which
MDN's should be sent. It is possible for an attacking agent to send MDN's should be sent. It is possible for an attacking agent to send
a potentially large set of messages to otherwise unsuspecting third a potentially large set of messages to otherwise unsuspecting third
party recipients with a false "disposition-notification-to:" address. party recipients with a false "disposition-notification-to:" address.
Automatic, or simplistic processing of such requests would result in Automatic, or simplistic processing of such requests would result in
a flood of MDN notifications to the target of the attack. Such an a flood of MDN notifications to the target of the attack. Such an
attack could overrun the capacity of the targeted mailbox and deny attack could overrun the capacity of the targeted mailbox and deny
service. service.
For that reason, MDN's SHOULD NOT be sent automatically where the For that reason, MDN's SHOULD NOT be sent automatically where the
"disposition-notification-to:" address is different from the envelope "disposition-notification-to:" address is different from the SMTP
MAIL FROM address. See Section 2.1 for further discussion. "MAIL FROM" address (which is carried in the Return-Path header
field). See Section 2.1 for further discussion.
7. Collected ABNF Grammar 7. Collected ABNF Grammar
NOTE: The following lexical tokens are defined in RFC-MSGFMT [2]: NOTE: The following lexical tokens are defined in RFC-MSGFMT
CRLF, FWS, CFWS, field-name, mailbox-list, msg-id, text, comment, [RFC5322]: CRLF, FWS, CFWS, field-name, mailbox-list, msg-id, text,
word. The following lexical tokens are defined in RFC-SMTP [1]: comment, word. The following lexical tokens are defined in RFC-SMTP
atom. (Note that RFC-MSGFMT [2] also defines "atom", but the version [RFC5321]: atom. (Note that RFC-MSGFMT [RFC5322] also defines
from RFC-SMTP [1] is more restrictive and this more restrictive "atom", but the version from RFC-SMTP [RFC5321] is more restrictive
version is used in this document.) "encoded-word" construct defined and this more restrictive version is used in this document.)
in RFC-MIME-HEADER [5] is allowed everywhere where RFC-MSGFMT [2] "encoded-word" construct defined in RFC-MIME-HEADER [RFC2047] is
"comment" is used, for example in CFWS. allowed everywhere where RFC-MSGFMT [RFC5322] "comment" is used, for
example in CFWS.
OWS = [CFWS] OWS = [CFWS]
; Optional whitespace. ; Optional whitespace.
; MDN generators SHOULD use "*WSP" ; MDN generators SHOULD use "*WSP"
; (typically a single space or nothing. ; (typically a single space or nothing.
; It SHOULD be nothing at the end of a field), ; It SHOULD be nothing at the end of a field),
; unless an RFC 5322 "comment" is required. ; unless an RFC 5322 "comment" is required.
; ;
; MDN parsers MUST parse it as "[CFWS]". ; MDN parsers MUST parse it as "[CFWS]".
skipping to change at page 27, line 39 skipping to change at page 28, line 39
--RAA14128.773615765/example.com --RAA14128.773615765/example.com
content-type: message/rfc822 content-type: message/rfc822
[original message optionally goes here] [original message optionally goes here]
--RAA14128.773615765/example.com-- --RAA14128.773615765/example.com--
10. IANA Considerations 10. IANA Considerations
There are two actions for IANA:
1. IANA is asked to update the registration template for the
message/disposition-notification media type to the one in
Section 3.1 of this document, and to update the reference for
that media type to point to this document instead of to RFC 3798.
2. The registries specified here already exist, and this section is
updating their documentation. IANA is asked to change the
reference document for the three Message Disposition Notification
Parameters registries to point to this document instead of to RFC
3798.
This document specifies three types of parameters that must be This document specifies three types of parameters that must be
registered with the Internet Assigned Numbers Authority (IANA). All registered with the Internet Assigned Numbers Authority (IANA). All
of them use [14] "Specification required" IANA registration policy. of them use [RFC5226] "Specification required" IANA registration
policy.
The forms below are for use when registering a new disposition- The forms below are for use when registering a new disposition-
notification-parameter name for the Disposition-Notification-Options notification-parameter name for the Disposition-Notification-Options
header field, a new disposition modifier name, or a new MDN extension header field, a new disposition modifier name, or a new MDN extension
field. Each piece of information required by a registration form may field. Each piece of information required by a registration form may
be satisfied either by providing the information on the form itself, be satisfied either by providing the information on the form itself,
or by including a reference to a published, publicly available or by including a reference to a published, publicly available
specification that includes the necessary information. IANA MAY specification that includes the necessary information. IANA MAY
reject registrations because of incomplete registration forms or reject registrations because of incomplete registration forms or
incomplete specifications. incomplete specifications.
skipping to change at page 29, line 21 skipping to change at page 30, line 38
characters from the US-ASCII repertoire, a specification for how characters from the US-ASCII repertoire, a specification for how
they are to be encoded as graphic US-ASCII characters in a they are to be encoded as graphic US-ASCII characters in a
Disposition-Notification-Options header field. Disposition-Notification-Options header field.
d. A reference to a permanent and readily available public d. A reference to a permanent and readily available public
specification that describes the semantics of the extension specification that describes the semantics of the extension
field. field.
11. Acknowledgements 11. Acknowledgements
The contributions of Bruce Lilly, Alfred Hoenes and Pete Resnick are The contributions of Bruce Lilly, Alfred Hoenes, Barry Leiba and Pete
gratefully acknowledged for this revision. Resnick are gratefully acknowledged for this revision.
The contributions of Roger Fajman and Greg Vaudreuil to earlier The contributions of Roger Fajman and Greg Vaudreuil to earlier
versions of this document are also gratefully acknowledged. versions of this document are also gratefully acknowledged.
12. References 12. References
12.1. Normative References 12.1. Normative References
[1] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321,
DOI 10.17487/RFC5321, October 2008, DOI 10.17487/RFC5321, October 2008,
<http://www.rfc-editor.org/info/rfc5321>. <http://www.rfc-editor.org/info/rfc5321>.
[2] Resnick, P., Ed., "Internet Message Format", RFC 5322, [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322,
DOI 10.17487/RFC5322, October 2008, DOI 10.17487/RFC5322, October 2008,
<http://www.rfc-editor.org/info/rfc5322>. <http://www.rfc-editor.org/info/rfc5322>.
[3] Freed, N. and N. Borenstein, "Multipurpose Internet Mail [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
Extensions (MIME) Part One: Format of Internet Message Extensions (MIME) Part One: Format of Internet Message
Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996, Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996,
<http://www.rfc-editor.org/info/rfc2045>. <http://www.rfc-editor.org/info/rfc2045>.
[4] Freed, N. and N. Borenstein, "Multipurpose Internet Mail [RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
Extensions (MIME) Part Two: Media Types", RFC 2046, Extensions (MIME) Part Two: Media Types", RFC 2046,
DOI 10.17487/RFC2046, November 1996, DOI 10.17487/RFC2046, November 1996,
<http://www.rfc-editor.org/info/rfc2046>. <http://www.rfc-editor.org/info/rfc2046>.
[5] Moore, K., "MIME (Multipurpose Internet Mail Extensions) [RFC2047] Moore, K., "MIME (Multipurpose Internet Mail Extensions)
Part Three: Message Header Extensions for Non-ASCII Text", Part Three: Message Header Extensions for Non-ASCII Text",
RFC 2047, DOI 10.17487/RFC2047, November 1996, RFC 2047, DOI 10.17487/RFC2047, November 1996,
<http://www.rfc-editor.org/info/rfc2047>. <http://www.rfc-editor.org/info/rfc2047>.
[6] Vaudreuil, G., "The Multipart/Report Content Type for the [RFC3462] Vaudreuil, G., "The Multipart/Report Content Type for the
Reporting of Mail System Administrative Messages", Reporting of Mail System Administrative Messages",
RFC 3462, DOI 10.17487/RFC3462, January 2003, RFC 3462, DOI 10.17487/RFC3462, January 2003,
<http://www.rfc-editor.org/info/rfc3462>. <http://www.rfc-editor.org/info/rfc3462>.
[7] Moore, K., "Simple Mail Transfer Protocol (SMTP) Service [RFC3461] Moore, K., "Simple Mail Transfer Protocol (SMTP) Service
Extension for Delivery Status Notifications (DSNs)", Extension for Delivery Status Notifications (DSNs)",
RFC 3461, DOI 10.17487/RFC3461, January 2003, RFC 3461, DOI 10.17487/RFC3461, January 2003,
<http://www.rfc-editor.org/info/rfc3461>. <http://www.rfc-editor.org/info/rfc3461>.
[8] Moore, K. and G. Vaudreuil, "An Extensible Message Format [RFC3464] Moore, K. and G. Vaudreuil, "An Extensible Message Format
for Delivery Status Notifications", RFC 3464, for Delivery Status Notifications", RFC 3464,
DOI 10.17487/RFC3464, January 2003, DOI 10.17487/RFC3464, January 2003,
<http://www.rfc-editor.org/info/rfc3464>. <http://www.rfc-editor.org/info/rfc3464>.
[9] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[10] Melnikov, A., "Message Disposition Notification (MDN) [RFC3503] Melnikov, A., "Message Disposition Notification (MDN)
profile for Internet Message Access Protocol (IMAP)", profile for Internet Message Access Protocol (IMAP)",
RFC 3503, DOI 10.17487/RFC3503, March 2003, RFC 3503, DOI 10.17487/RFC3503, March 2003,
<http://www.rfc-editor.org/info/rfc3503>. <http://www.rfc-editor.org/info/rfc3503>.
12.2. Informative References 12.2. Informative References
[11] Hoffman, P., Ed., "Enhanced Security Services for S/MIME", [RFC2634] Hoffman, P., Ed., "Enhanced Security Services for S/MIME",
RFC 2634, DOI 10.17487/RFC2634, June 1999, RFC 2634, DOI 10.17487/RFC2634, June 1999,
<http://www.rfc-editor.org/info/rfc2634>. <http://www.rfc-editor.org/info/rfc2634>.
[12] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003, 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003,
<http://www.rfc-editor.org/info/rfc3501>. <http://www.rfc-editor.org/info/rfc3501>.
[13] Murchison, K., "Sieve Email Filtering: Subaddress [RFC5233] Murchison, K., "Sieve Email Filtering: Subaddress
Extension", RFC 5233, DOI 10.17487/RFC5233, January 2008, Extension", RFC 5233, DOI 10.17487/RFC5233, January 2008,
<http://www.rfc-editor.org/info/rfc5233>. <http://www.rfc-editor.org/info/rfc5233>.
[14] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226, IANA Considerations Section in RFCs", BCP 26, RFC 5226,
DOI 10.17487/RFC5226, May 2008, DOI 10.17487/RFC5226, May 2008,
<http://www.rfc-editor.org/info/rfc5226>. <http://www.rfc-editor.org/info/rfc5226>.
[15] Hansen, T., Ed., Newman, C., and A. Melnikov, [RFC5598] Crocker, D., "Internet Mail Architecture", RFC 5598,
DOI 10.17487/RFC5598, July 2009,
<http://www.rfc-editor.org/info/rfc5598>.
[RFC6533] Hansen, T., Ed., Newman, C., and A. Melnikov,
"Internationalized Delivery Status and Disposition "Internationalized Delivery Status and Disposition
Notifications", RFC 6533, DOI 10.17487/RFC6533, February Notifications", RFC 6533, DOI 10.17487/RFC6533, February
2012, <http://www.rfc-editor.org/info/rfc6533>. 2012, <http://www.rfc-editor.org/info/rfc6533>.
Appendix A. Changes from RFC 3798 Appendix A. Changes from RFC 3798
Changeg IANA registration for different subregistries to Changed IANA registration for different subregistries to
"Specification Required" to match what is already used by IANA. "Specification Required" to match what is already used by IANA.
The values of "dispatched" and "processed" were lost from the ABNF The values of "dispatched" and "processed" were lost from the ABNF
for "disposition-type". for "disposition-type".
Because the warning disposition modifier was previously removed, Because the warning disposition modifier was previously removed,
warning-field has also been removed. warning-field has also been removed.
The ABNF for ua-name and ua-product included semi-colon, which could The ABNF for ua-name and ua-product included semi-colon, which could
not be distinguished from *text in the production. The ua-name was not be distinguished from *text in the production. The ua-name was
restricted to not include semi-colon. Semi-colon can still appear in restricted to not include semi-colon. Semi-colon can still appear in
the ua-product. the ua-product.
The ABNF did not indicate all places that whitespace was allowable, The ABNF did not indicate all places that whitespace was allowable,
in particular folding whitespace, although all implementations allow in particular folding whitespace, although all implementations allow
whitespace and folding in the header fields just like any other whitespace and folding in the header fields just like any other
RFC5322 [2]-formatted header field. There were also a number of RFC5322 [RFC5322]-formatted header field. There were also a number
places in the ABNF that inconsistently permitted comments and of places in the ABNF that inconsistently permitted comments and
whitespace in one leg of the production and not another. The ABNF whitespace in one leg of the production and not another. The ABNF
now specifies FWS and CFWS in several places that should have already now specifies FWS and CFWS in several places that should have already
been specified by the grammar. been specified by the grammar.
Extension-field was defined in the collected grammar but not in the Extension-field was defined in the collected grammar but not in the
main text. main text.
The comparison of mailboxes in Disposition-Notification-To to the The comparison of mailboxes in Disposition-Notification-To to the
Return-Path addr-spec was clarified. Return-Path addr-spec was clarified.
The use of the grammar production "parameter" was confusing with the The use of the grammar production "parameter" was confusing with the
RFC2045 [3] production of the same name, as well as other uses of the RFC2045 [RFC2045] production of the same name, as well as other uses
same term. These have been clarified. of the same term. These have been clarified.
A clarification was added on the extent of the 7bit nature of MDNs. A clarification was added on the extent of the 7bit nature of MDNs.
Uses of the terms "may" and "might" were clarified. Uses of the terms "may" and "might" were clarified.
A clarification was added on the order of the fields in the message/ A clarification was added on the order of the fields in the message/
disposition-notification content. disposition-notification content.
Authors' Addresses Authors' Addresses
 End of changes. 84 change blocks. 
227 lines changed or deleted 297 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/