Sender Rewriting Scheme

Sender Rewriting Scheme

Sender Rewriting Scheme (SRS) is a technique to re-mailan email message so that eventual Delivery Status Notificationscan reach the original message sender. In this context, "re-mailing"is an alternative to Email forwarding, which is not allowed bythe Sender Policy Framework.

Background

Historically all Mail transfer agents (MTAs)added their host name to the "reverse path". Inthe Simple Mail Transfer Protocol (SMTP) this"reverse path" is also known as MAIL FROM, butpaths were also used before and outside of SMTP,e.g. as "bang paths" in UUCP and Usenet(NetNews). All news articles still contain aPath header, example:

Path: news.server.example!other.example!not-for-mail

The same info in an RFC 821 e-mail "envelope" -that is the SMTP info like MAIL FROM - would be:

# MAIL FROM:<not-for-mail@other.example>
# MAIL FROM:<@news.server.example:not-for-mail@other.example>

The 1st step reflects the sender, the 2nd step thenext MTA, etc. In this example let's assume thatthe 2nd MTA forwards the mail to a 3rd MTA, whereit is finally delivered. The final MTA is alsoknown as Mail delivery agent (MDA), puttingthe mail into the mailbox of the recipient. TheMDA transforms the "reverse path" into the knownReturn-Path header field:

Return-Path:<@news.server.example:not-for-mail@other.example>

SMTP uses MX records for its forward routing.Explicit source routes as in...

RCPT TO:<@news.server.example:user@destination.example>

...to route mail from other.examplevia MTA news.server.exampleto MDA destination.example werecumbersome. To make things worse sometimes the"new" (1982) style of addresses was mixed withold UUCP "bang paths" in constructs like...

destination.example!user@news.server.example other.example!not-for-mail@news.server.example

...and various other kludges. SMTP and MX recordsmade all this essentially useless. Thereforesource routing was deprecated 1989 in RFC 1123.

One special case in RFC 1123 are gateways from orto other networks like UUCP and NetNews, where thefirst sending MTA cannot reach the final receiverdirectly with
TCP. It issolved by MX records and if necessary rewritingforeign addresses at the gateway. MX is anacronym for Mail eXchanger.

Another special case are
mailing lists, wherethe list server rewrites all "reverse paths" toits own error handling address for
bounces (error messages) byrecipients. The list server could automaticallyunsubscribe bouncing recipients. This type ofaddress rewriting is known since RFC 821 and stillused today ( RFC 2821 obsoleted the SMTP chapterin RFC 1123 ).

Last but not least forwarding to another addressalways worked by rewriting the address in the"forward path" also known as RCPT TO, if andonly if the forwarding MTA accepted theresponsibility for both forwarding the mail andreturning potential bounce messagesto the sender. RFC 821 and all later SMTPspecifications offer two result codes for thissituation:

251 user not local (attempted forward)
551 user not local (mail rejected)

For privacy reasons these result codes are todayrarely used, they include the forwarded to (251) ornot forwarded to (551) address. But the meaningand the effect of forwarding to third parties isidentical for result code 250 and error code 550respectively.

As noted RFC 1123 deprecated source routing, thatimplicitly also deprecated the reverse routing ofbounces. It was a relativelysmall Internet back in 1989, mail admins(postmasters) often knew each other and fixed problemson the fly. Routing bounce messagesback via any forwarders was a waste of time andbandwidth if the MTA noting a problem (e.g. arejection with a 5xx error code) could send theerror message directly back to the MX of sender.

Since RFC 1123 forwarders to third parties stillrewrote the RCPT TO address, but kept the MAILFROM as is. As a side-effect MTAs wishing toaccept mail from forwarders generally accept anyMAIL FROM address.

More than a decade later spammersstarted to abuse this flaw in post-1123 SMTP,today most mails are spam andmost "reverse paths" are forged. Note that
spammers typically forgeworking "reverse paths", many MTAs reject mailif callback verification or otherplausibility checks fail for the "reverse path".

RFC 2821 states that non-delivery reports( bounces ) must be sent tothe "originator" as"indicated in the reverse path" after an MTAaccepted the responsibility for delivery. This isa paradox in a world where the "indicated"Return-Path is typically forged. One wayto solve it is to reject suspicious mails,accepting responsibility only for mail fromtrustworthy sources.

Open relays and forwarders are in an unluckyposition with regards to this issue, generally they can'tguarantee that the MAIL FROM address indicatesthe "originator", and they also can't guaranteethat final delivery will succeed.

This SMTP problem caused as side-effect ofRFC 1123 is addressed by
SPF, and theexecutive summary is "SPF breaks forwarding" -actually that's not the case, SPF FAIL only asksreceivers to check SPF at their border MTA, notlater.

Receivers can arrange their forwarding in a waythat works with SPF with in essence threestrategies:

# not checking SPF behind their border, e.g. "white list" forwarders
# just reject SPF FAIL, resulting in a bounce (similar to SMTP error 551)
# rewrite the MAIL FROM at the forwarder (as done by mailing lists)

Sender Rewriting Scheme (SRS) is one way forthe third strategy.

See also

* Sender Policy Framework (SPF)
* Bounce message (SMTP non-delivery report)
* Bounce Address Tag Validation (BATV)
* Simple Mail Transfer Protocol (SMTP)

External links

* [http://www.libsrs2.org libsrs2 home page]
* [http://www.libsrs2.org/srs/srs.pdf Paper on SRS] (PDF)
* [http://www.openspf.org/svn/project/specs/drafts/draft-mengwong-sender-rewrite-01.txt Historical SRS draft] by Meng Weng Wong (2003)
* [http://opensource.mco2.net/qmail/srs/ qmail SRS patch]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать реферат

Look at other dictionaries:

  • Sender Rewriting Scheme — Das Sender Rewriting Scheme (kurz SRS) ist eine Methode, um den Absender (genauer: den Envelope Sender) einer E Mail so umzuschreiben, dass Sender Policy Framework (SPF) auch mit Mail Umleitung funktioniert. Bei einer Mail Umleitung werden nicht… …   Deutsch Wikipedia

  • Sender policy framework — (früher Sender Permitted From), kurz SPF, ist eine Technik, die das Fälschen des Absenders einer E Mail auf SMTP Ebene erschweren soll. Inhaltsverzeichnis 1 Funktionsweise 2 Aufbau eines SPF Records …   Deutsch Wikipedia

  • Sender Policy Framework — (früher Sender Permitted From), kurz SPF, ist eine Technik, die das Fälschen des Absenders einer E Mail auf SMTP Ebene erschweren soll. Inhaltsverzeichnis 1 Funktionsweise 2 …   Deutsch Wikipedia

  • Sender Policy Framework — TOC In computing, Sender Policy Framework (SPF) allows software to identify messages that are or are not authorized to use the domain name in the SMTP HELO and MAIL FROM (Return Path) commands, based on information published in a sender policy of …   Wikipedia

  • Bounce Address Tag Validation — In computing, Bounce Address Tag Validation (BATV) is the name of a method, defined in an Internet Draft, for determining whether the bounce address specified in an E mail messageis valid. It is designed to reject backscatter, that is, bounce… …   Wikipedia

  • Non delivery report — In the Internet s standard e mail protocol SMTP, a bounce message, also called a Non Delivery Report/Receipt (NDR), a (failed) Delivery Status Notification (DSN) message, a Non Delivery Notification (NDN) or simply a bounce, is an automated… …   Wikipedia

  • Bounce message — A bounce message, or (failed) Delivery Status Notification (DSN) message, aka Non Delivery Report/Receipt (NDR), Non Delivery Notification (NDN), or simply a bounce is an automated electronic mail message from a mail system informing the sender… …   Wikipedia

  • Email forwarding — consists of the operation of re sending an email message delivered to one email address on to another email address. Users and administrators of email systems use the same term when speaking of both server based and client based forwarding.Email… …   Wikipedia

  • E-mail authentication — is the effort to equip messages of the e mail transport system with enough verifiable information, so that recipients can recognize the nature of each incoming message automatically. It is different from content filtering s fuzzy methods.… …   Wikipedia

  • SRS — may stand for:In science : * Synchrotron Radiation Source, Daresbury Laboratory a facility that uses synchrotron radiation for research purposes * Simple random sampling a sampling method in which a group of subjects is chosen from a larger group …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”