- Bounce message
A bounce message, or (failed) Delivery Status Notification (DSN) message, aka Non-Delivery Report/Receipt (NDR), Non-Delivery Notification (NDN), or simply a bounce is an automated
electronic mailmessage from a mail system informing the sender of another message about a delivery problem. The original message is said to have bounced.
Errors can occur at multiple places in mail delivery. A sender may sometimes receive a bounce message from "the sender's" mail server, and other times from a "recipient's" mail server. That happens because when a server accepts a message for delivery, at the same time it takes the burden to send a DSN in case the delivery fails. With the rise in forged spam and e-mail viruses, users now frequently receive erroneous bounce messages sent in response to messages they never actually sent. Modern servers try hard to ascertain that a message can be delivered "before" they accept it.
Imagine that Jack ("jack@
example.com") sends a message to Jill ("firstname.lastname@example.org") at a different site. (Note that these are two different domains: Jack uses a COM domain while Jill is using an ORG one). Once Jack's mail server has accepted the message, it must either pass it along to Jill's mail server, or else deposit a bounce message in Jack's mailbox.
Let us say that Jack's mail server passes it on to Jill's mail server (at "example.org"), which accepts the message for delivery. However, unfortunately, a moment later the disk on the "example.org" server fills up, and so the mail daemon cannot deposit the message in Jill's mailbox. As an alternative cause of failure, consider that Jill might have instructed the "example.org" server to forward her mail to, say, "email@example.com", and that the latter server refused the message for whatever reason.
The "example.org" mail server then must send a bounce message to "firstname.lastname@example.org", informing Jack that his message to Jill's mailbox could not be delivered.
Had the "example.org" mail server known that the message would be undeliverable (for instance, if Jill had no user account there) then it would "not" have accepted the message in the first place, and therefore would not have sent the bounce. Instead, it would have rejected the message with an SMTP error code. This would leave "Jack's" mail server (at "example.com") the obligation to create and deliver a bounce.
However, problems arise if Jill's mail server receives a message with a forged "From:" field, e.g., if email@example.com sends an unsolicited bulk message claiming to be from "firstname.lastname@example.org." In this case, Jill's mail server would send the bounce message to Jack even though Jack never sent the original message to Jill. This is called "backscatter."
Since "accept-then-bounce" backscatter is a type of "spam," every effort should be made to reject the message during the SMTP session to avoid participating in e-mail abuse of innocent third parties.
Bounces are a special form of
autoresponder. Auto replies are mails sent by a program - as opposed to a human user - in reply to a received mail and sent to the bounce address.
Examples of other auto replies are vacation mails, challenges from
challenge-response spam filtering, and replies from list servers. These other auto replies are discussed in RFC 3834: auto replies should be sent to the Return-Path stated in the received mail which has triggered the auto reply, and this response is typically sent with an empty Return-Path; otherwise auto responders could be trapped in sending auto replies back and forth.
The Return-Path is visible in delivered mail as header field Return-Path inserted by the SMTP
mail delivery agent(MDA) (which is usually combined with a mail transport agent). The MDA simply copies the reverse pathin the SMTP MAIL FROM command into the Return-Path. The MDA also removes bogus Return-Path header fields inserted by other MTAs, this header field is generally guaranteed to reflect the last reverse path seen in the MAIL FROM command.
Today these paths are normally reduced to ordinary e-mail addresses, as the old SMTP source routing was deprecated in 1989; for some historical background info see
Sender Rewriting Scheme. One special form of a path still exists, the empty path MAIL FROM:<>, used for many auto replies and especially all bounces.
In a strict sense, bounces sent with a non-empty Return-Path are incorrect. RFC 3834 offers some heuristics to identify incorrect bounces based on the local part (left hand side before the @) of the address in a non-empty Return-Path, and it even defines a mail header field Auto-Reply to identify auto replies. But the mail header is a part of the mail data (SMTP command DATA), and MTAs typically don't look "into" the mail. They deal with the envelope, that includes the
MAIL FROMaddress (aka return path, envelope-From, reverse path) but not, e.g., the 2822-From in the mail header field From. These details are important for schemes like BATV.
The remaining bounces with an empty Return-Path are non-delivery reports (NDRs) or delivery status notifications (DSNs). DSNs can be explicitly solicited with an SMTP Service Extension (ESMTP), however it is not widely used. Explicit requests for delivery failure details is much more commonly implemented with
variable envelope return path(VERP), while explicit requests for are rarely implemented. [ [http://www.nytimes.com/2008/06/15/technology/15digi.html Digital Domain - In the E-Mail Relay, Not Every Handoff Is Smooth - NYTimes.com ] ]
NDRs are a basic SMTP function. As soon as an MTA has accepted a mail for forwarding or delivery it cannot silently delete (drop) it; it has to create and send a bounce message to the "originator" if forwarding or delivery failed.
Excluding MDAs, all MTAs forward mails to another MTA. This next MTA is free to reject the mail with an SMTP error message like "user unknown", "over quota", etc. At this point the sending MTA has to inform the originator, or as RFC 5321 puts it:
:"If an SMTP server has accepted the task of relaying the mail and later finds that the destination is incorrect or that the mail cannot be delivered for some other reason, then it MUST construct an "undeliverable mail" notification message and send it to the originator of the undeliverable mail (as indicated by the reverse-path).
This rule is essential for SMTP: as the name says, it's a simple protocol, it cannot reliably work if mail silently vanishes in black holes, so bounces are required to spot and fix problems.
Today, however, most email is spam, which usually utilizes forged Return-Paths. It is then often impossible for the MTA to inform the originator, and sending a bounce to the forged Return-Path would hit an innocent third party. This inherent flaw in today's SMTP (without the deprecated source routes) is addressed by various proposals, most directly by BATV and SPF.
Causes of a bounce message
There are many reasons why an e-mail may bounce. One reason is if the recipient address is misspelled, or simply does not exist on the receiving system. This is a "user unknown" condition. Other reasons include resource exhaustion — such as a full disk — or the rejection of the message due to spam filters. In addition, there are MUAs that allow users to bounce a message on demand [cite news |first=William |last=Ray |coauthors=Ray, John |title=Using Internet Applications in Mac OS X Tiger |url=http://www.informit.com/articles/article.aspx?p=401141&seqNum=2 |date=2005-07-15 |accessdate=2008-10-02 |quote=Another method of defeating spam is to bounce mail back to them. This creates the appearance that your account doesn’t exist and, if you’re lucky, results in having your name removed from their lists., and
cite news |first=Christopher |last=Breen |title=Bouncing the creeps |url=http://www.macworld.com/article/49156/2006/01/creepbounce.html/weblogs/www.idgconnect.com |publisher=Macworld |date=2006-01-27 |accessdate=2008-10-02 |quote=As you’re probably aware, using Mail’s Bounce command (Message > Bounce) isn’t effective against spammers because nearly all the spam your receive carries a forged “from” address ] .
Bounce messages in
SMTPare sent with the envelope sender address
<>, known as the "null sender address". They are frequently sent with a
From:header address of
MAILER-DAEMONat the recipient site.
Typically, a bounce message will contain several pieces of information to help the original sender in understanding the reason his message was not delivered:
* The date and time the message was bounced,
* The identity of the mail server that bounced it,
* The reason that it was bounced (e.g. "user unknown" or "mailbox full"),
* The headers of the bounced message, and
* Some or all of the content of the bounced message.
RFC 3463 describes the codes used to indicate the bounce reason. Common codes are 5.1.1 (Unknown user), 5.2.2 (Mailbox full) and 5.7.1 (Rejected by security policy/mail filter).
* Backscatter (Backscatter of email spam)
Bounce Address Tag Validation(BATV)
Sender Policy Framework(SPF)
Sender Rewriting Scheme(SRS)
Simple Mail Transfer Protocol(SMTP)
Variable envelope return path(VERP)
* RFC 3461 - Simple Mail Transfer Protocol (SMTP) Service Extension for Delivery Status Notifications (DSNs)
* RFC 3463 - Enhanced Status Codes for SMTP
* RFC 3464 - An Extensible Message Format for Delivery Status Notifications
* RFC 3834 - Recommendations for Automatic Responses to Electronic Mail
* [http://www.techzoom.net/papers/mail_non_delivery_notice_attacks_2004.pdf Mail DDoS Attacks through Non Delivery Messages]
* [http://support.microsoft.com/?kbid=284204 Microsoft's DSN format for Exchange]
Wikimedia Foundation. 2010.