idnits 2.17.1 draft-ietf-appsawg-mdn-3798bis-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 14 instances of too long lines in the document, the longest one being 16 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). (Using the creation date from RFC2046, updated by this document, for RFC5378 checks: 1995-04-14) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 12, 2016) is 2813 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'FWS' is mentioned on line 1110, but not defined == Missing Reference: 'CFWS' is mentioned on line 375, but not defined == Missing Reference: 'RFCXXXX' is mentioned on line 531, but not defined -- Obsolete informational reference (is this intentional?): RFC 3501 (Obsoleted by RFC 9051) -- Obsolete informational reference (is this intentional?): RFC 5226 (Obsoleted by RFC 8126) Summary: 1 error (**), 0 flaws (~~), 5 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group T. Hansen, Ed. 3 Internet-Draft AT&T Laboratories 4 Obsoletes: 3798 (if approved) A. Melnikov, Ed. 5 Updates: 2046, 3461 (if approved) Isode Ltd 6 Intended status: Standards Track August 12, 2016 7 Expires: February 13, 2017 9 Message Disposition Notification 10 draft-ietf-appsawg-mdn-3798bis-12.txt 12 Abstract 14 This memo defines a MIME content-type that may be used by a mail user 15 agent (MUA) or electronic mail gateway to report the disposition of a 16 message after it has been successfully delivered to a recipient. 17 This content-type is intended to be machine-processable. Additional 18 message header fields are also defined to permit Message Disposition 19 Notifications (MDNs) to be requested by the sender of a message. The 20 purpose is to extend Internet Mail to support functionality often 21 found in other messaging systems, such as X.400 and the proprietary 22 "LAN-based" systems, and often referred to as "read receipts," 23 "acknowledgements", or "receipt notifications." The intention is to 24 do this while respecting privacy concerns, which have often been 25 expressed when such functions have been discussed in the past. 27 Because many messages are sent between the Internet and other 28 messaging systems (such as X.400 or the proprietary "LAN-based" 29 systems), the MDN protocol is designed to be useful in a multi- 30 protocol messaging environment. To this end, the protocol described 31 in this memo provides for the carriage of "foreign" addresses, in 32 addition to those normally used in Internet Mail. Additional 33 attributes may also be defined to support "tunneling" of foreign 34 notifications through Internet Mail. 36 This document obsoletes RFC 3798 and updates RFC 2046 and RFC 3461. 38 Status of This Memo 40 This Internet-Draft is submitted in full conformance with the 41 provisions of BCP 78 and BCP 79. 43 Internet-Drafts are working documents of the Internet Engineering 44 Task Force (IETF). Note that other groups may also distribute 45 working documents as Internet-Drafts. The list of current Internet- 46 Drafts is at http://datatracker.ietf.org/drafts/current/. 48 Internet-Drafts are draft documents valid for a maximum of six months 49 and may be updated, replaced, or obsoleted by other documents at any 50 time. It is inappropriate to use Internet-Drafts as reference 51 material or to cite them other than as "work in progress." 53 This Internet-Draft will expire on February 13, 2017. 55 Copyright Notice 57 Copyright (c) 2016 IETF Trust and the persons identified as the 58 document authors. All rights reserved. 60 This document is subject to BCP 78 and the IETF Trust's Legal 61 Provisions Relating to IETF Documents 62 (http://trustee.ietf.org/license-info) in effect on the date of 63 publication of this document. Please review these documents 64 carefully, as they describe your rights and restrictions with respect 65 to this document. Code Components extracted from this document must 66 include Simplified BSD License text as described in Section 4.e of 67 the Trust Legal Provisions and are provided without warranty as 68 described in the Simplified BSD License. 70 Table of Contents 72 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 73 1.1. Purposes . . . . . . . . . . . . . . . . . . . . . . . . 3 74 1.2. Requirements . . . . . . . . . . . . . . . . . . . . . . 4 75 1.3. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 76 2. Requesting Message Disposition Notifications . . . . . . . . 5 77 2.1. The Disposition-Notification-To Header . . . . . . . . . 5 78 2.2. The Disposition-Notification-Options Header . . . . . . . 7 79 2.3. The Original-Recipient Header Field . . . . . . . . . . . 8 80 2.4. Use with the Message/Partial Media Type . . . . . . . . . 9 81 3. Format of a Message Disposition Notification . . . . . . . . 10 82 3.1. The message/disposition-notification Media Type . . . . . 11 83 3.2. Message/disposition-notification Content Fields . . . . . 14 84 3.3. Extension-fields . . . . . . . . . . . . . . . . . . . . 20 85 4. Timeline of events . . . . . . . . . . . . . . . . . . . . . 21 86 5. Conformance and Usage Requirements . . . . . . . . . . . . . 22 87 6. Security Considerations . . . . . . . . . . . . . . . . . . . 23 88 6.1. Forgery . . . . . . . . . . . . . . . . . . . . . . . . . 23 89 6.2. Privacy . . . . . . . . . . . . . . . . . . . . . . . . . 23 90 6.3. Non-Repudiation . . . . . . . . . . . . . . . . . . . . . 24 91 6.4. Mail Bombing . . . . . . . . . . . . . . . . . . . . . . 24 92 7. Collected ABNF Grammar . . . . . . . . . . . . . . . . . . . 25 93 8. Guidelines for Gatewaying MDNs . . . . . . . . . . . . . . . 27 94 8.1. Gatewaying from other mail systems to MDNs . . . . . . . 27 95 8.2. Gatewaying from MDNs to other mail systems . . . . . . . 28 96 8.3. Gatewaying of MDN-requests to other mail systems . . . . 28 97 9. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 98 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 99 10.1. Disposition-Notification-Options header field 100 disposition-notification-parameter names . . . . . . . . 31 101 10.2. Disposition modifier names . . . . . . . . . . . . . . . 32 102 10.3. MDN extension field names . . . . . . . . . . . . . . . 32 103 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 32 104 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 33 105 12.1. Normative References . . . . . . . . . . . . . . . . . . 33 106 12.2. Informative References . . . . . . . . . . . . . . . . . 34 107 Appendix A. Changes from RFC 3798 . . . . . . . . . . . . . . . 35 108 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 110 1. Introduction 112 This memo defines a media type [RFC2046] for message disposition 113 notifications (MDNs). An MDN can be used to notify the sender of a 114 message of any of several conditions that may occur after successful 115 delivery, such as display of the message contents, printing of the 116 message, deletion (without display) of the message, or the 117 recipient's refusal to provide MDNs. The "message/disposition- 118 notification" content-type defined herein is intended for use within 119 the framework of the "multipart/report" content type defined in RFC- 120 REPORT [RFC6522]. 122 This memo defines the format of the notifications and the RFC-MSGFMT 123 [RFC5322] header fields used to request them. 125 This memo is an update to RFC 3798 and is intended to be published at 126 Internet Standard Level. 128 1.1. Purposes 130 The MDNs defined in this memo are expected to serve several purposes: 132 a. Inform human beings of the disposition of messages after 133 successful delivery, in a manner that is largely independent of 134 human language; 136 b. Allow mail user agents to keep track of the disposition of 137 messages sent, by associating returned MDNs with earlier message 138 transmissions; 140 c. Convey disposition notification requests and disposition 141 notifications between Internet Mail and "foreign" mail systems 142 via a gateway; 144 d. Allow "foreign" notifications to be tunneled through a MIME- 145 capable message system and back into the original messaging 146 system that issued the original notification, or even to a third 147 messaging system; 149 e. Allow language-independent, yet reasonably precise, indications 150 of the disposition of a message to be delivered. 152 1.2. Requirements 154 These purposes place the following constraints on the notification 155 protocol: 157 a. It must be readable by humans, and must be machine-parsable. 159 b. It must provide enough information to allow message senders (or 160 their user agents) to unambiguously associate an MDN with the 161 message that was sent and the original recipient address for 162 which the MDN was issued (if such information is available), even 163 if the message was forwarded to another recipient address. 165 c. It must also be able to describe the disposition of a message 166 independent of any particular human language or of the 167 terminology of any particular mail system. 169 d. The specification must be extensible in order to accommodate 170 future requirements. 172 1.3. Terminology 174 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 175 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 176 document are to be interpreted as described in RFC-KEYWORDS 177 [RFC2119]. 179 All syntax descriptions use the ABNF specified by RFC-MSGFMT 180 [RFC5322], in which the lexical tokens (used below) are defined: 181 "CRLF", "FWS", "CFWS", "field-name", "mailbox-list", "msg-id", and 182 "text". The following lexical tokens are defined in RFC-SMTP 183 [RFC5321]: "atom". 185 2. Requesting Message Disposition Notifications 187 Message disposition notifications are requested by including a 188 Disposition-Notification-To header field in the message containing 189 one or more addresses specifying where dispositions should be sent. 190 Further information to be used by the recipient's Mail User Agent 191 (MUA) [RFC5598] in generating the MDN may be provided by also 192 including Original-Recipient and/or Disposition-Notification-Options 193 header fields in the message. 195 2.1. The Disposition-Notification-To Header 197 A request for the receiving user agent to issue message disposition 198 notifications is made by placing a Disposition-Notification-To header 199 field into the message. The syntax of the header field is 201 mdn-request-header = "Disposition-Notification-To" ":" mailbox-list CRLF 203 A Disposition-Notification-To header field can appear at most once in 204 a message. 206 The presence of a Disposition-Notification-To header field in a 207 message is merely a request for an MDN. The recipients' user agents 208 are always free to silently ignore such a request. 210 An MDN MUST NOT itself have a Disposition-Notification-To header 211 field. An MDN MUST NOT be generated in response to an MDN. 213 A user agent MUST NOT issue more than one MDN on behalf of each 214 particular recipient. That is, once an MDN has been issued on behalf 215 of a recipient, no further MDNs may be issued on behalf of that 216 recipient by the same user agent, even if another disposition is 217 performed on the message. However, if a message is forwarded, an MDN 218 may have been issued for the recipient doing the forwarding and the 219 recipient of the forwarded message may also cause an MDN to be 220 generated. 222 It is also possible that if the same message is being accessed by 223 multiple user agents (for example using POP3), then multiple 224 dispositions might be generated for the same recipient. User agents 225 SHOULD leverage support in the underlying message access protocol to 226 prevent multiple MDNs from being generated. In particular, when the 227 user agent is accessing the message using RFC-IMAP [RFC3501], it 228 SHOULD implement the procedures specified in RFC-IMAP-MDN [RFC3503]. 230 While Internet standards normally do not specify the behavior of user 231 interfaces, it is strongly recommended that the user agent obtain the 232 user's consent before sending an MDN. This consent could be obtained 233 for each message through some sort of prompt or dialog box, or 234 globally through the user's setting of a preference. The purpose of 235 obtaining user's consent is to protect user's privacy. The default 236 value should be not to send MDNs. 238 MDNs MUST NOT be sent automatically if the address in the 239 Disposition-Notification-To header field differs from the address in 240 the Return-Path header field (see RFC-MSGFMT [RFC5322]). In this 241 case, confirmation from the user MUST be obtained, if possible. If 242 obtaining consent is not possible (e.g., because the user is not 243 online at the time or the client is not an interactive email client), 244 then an MDN MUST NOT be sent. 246 Confirmation from the user MUST be obtained (or no MDN sent) if there 247 is no Return-Path header field in the message, or if there is more 248 than one distinct address in the Disposition-Notification-To header 249 field. 251 The comparison of the addresses is done using only the addr-spec 252 (local-part "@" domain) portion, excluding any angle brackets, phrase 253 and route. As prescribed by RFC 5322, the comparison is case- 254 sensitive for the local-part and case-insensitive for the domain 255 part. The local-part comparison SHOULD be done after performing 256 local-part canonicalization (i.e. after removing the surrounding 257 double-quote characters, if any, as well as any escaping "\" 258 characters. (See RFC-MSGFMT [RFC5322] for more details.) 259 Implementations MAY treat known domain aliases as equivalent for the 260 purpose of comparison. 262 Note that use of subaddressing (see [RFC5233]) can result in a 263 failure to match two local-parts and thus result in possible 264 suppression of the MDN. This document doesn't recommend special 265 handling for this case, as the receiving MUA can't reliably know 266 whether or not the sender is using subaddressing. 268 If the message contains more than one Return-Path header field, the 269 implementation may pick one to use for the comparison, or treat the 270 situation as a failure of the comparison. 272 The reason for not automatically sending an MDN if the comparison 273 fails or more than one address is specified is to reduce the 274 possibility of mail loops and of MDNs being used for mail bombing. 276 It's especially important that a message that contains a Disposition- 277 Notification-To header field also contain a Message-ID header field, 278 to permit user agents to automatically correlate MDNs with their 279 original messages. 281 If the request for message disposition notifications for some 282 recipients and not others is desired, two copies of the message 283 should be sent, one with a Disposition-Notification-To header field 284 and one without. Many of the other header fields of the message 285 (e.g., To, Cc) will be the same in both copies. The recipients in 286 the respective message envelopes determine from whom message 287 disposition notifications are requested and from whom they are not. 288 If desired, the Message-ID header field may be the same in both 289 copies of the message. Note that there are other situations (e.g., 290 Bcc) in which it is necessary to send multiple copies of a message 291 with slightly different header fields. The combination of such 292 situations and the need to request MDNs for a subset of all 293 recipients may result in more than two copies of a message being 294 sent, some with a Disposition-Notification-To header field and some 295 without. 297 If it is possible to determine that a recipient is a newsgroup, do 298 not include a Disposition-Notification-To header field for that 299 recipient. Similarly, if an existing message is resent or gatewayed 300 to a newsgroup, the agent doing resending/gatewaying SHOULD strip the 301 Disposition-Notification-To header field. See Section 5 for more 302 discussion. Clients that see an otherwise valid Disposition- 303 Notification-To header field in a newsgroup message SHOULD NOT 304 generate an MDN. 306 2.2. The Disposition-Notification-Options Header 308 Extensions to this specification may require that information be 309 supplied to the recipient's MUA for additional control over how and 310 what MDNs are generated. The Disposition-Notification-Options header 311 field provides an extensible mechanism for such information. The 312 syntax of this header field is as follows: 314 Disposition-Notification-Options = 315 "Disposition-Notification-Options" ":" [FWS] 316 disposition-notification-parameter-list CRLF 318 disposition-notification-parameter-list = 319 disposition-notification-parameter 320 *([FWS] ";" [FWS] disposition-notification-parameter) 322 disposition-notification-parameter = attribute [FWS] "=" 323 [FWS] importance [FWS] "," [FWS] value *([FWS] "," [FWS] value) 325 importance = "required" / "optional" 327 attribute = atom 329 value = word 331 A Disposition-Notification-Options header field can appear at most 332 once in a message. 334 An importance of "required" indicates that interpretation of the 335 disposition-notification-parameter is necessary for proper generation 336 of an MDN in response to this request. An importance of "optional" 337 indicates that an MUA that does not understand the meaning of this 338 disposition-notification-parameter MAY generate an MDN in response 339 anyway, ignoring the value of the disposition-notification-parameter. 341 No disposition-notification-parameter attribute names are defined in 342 this specification. Attribute names may be defined in the future by 343 later revisions or extensions to this specification. disposition- 344 notification-parameter attribute names MUST be registered with the 345 Internet Assigned Numbers Authority (IANA) using "Specification 346 required" registration policy. The "X-" prefix has historically been 347 used to denote unregistered "experimental" protocol elements, that 348 are assumed not to become common use. Deployment experience of this 349 and other protocols have shown that this assumption is often false. 350 This document allows the use of the "X-" prefix primarily to allow 351 the registration of attributes that are already in common use. The 352 prefix has no meaning for new attributes. Its use in substantially 353 new attributes may cause confusion and is therefore discouraged. 354 (See Section 10 for a registration form.) 356 2.3. The Original-Recipient Header Field 358 Since electronic mail addresses may be rewritten while the message is 359 in transit, it is useful for the original recipient address to be 360 made available by the delivering Message Transfer Agent (MTA) 361 [RFC5598]. The delivering MTA may be able to obtain this information 362 from the ORCPT parameter of the SMTP RCPT TO command, as defined in 363 RFC-SMTP [RFC5321] and RFC-DSN-SMTP [RFC3461]. 365 RFC-DSN-SMTP [RFC3461] is amended as follows: If the ORCPT 366 information is available, the delivering MTA SHOULD insert an 367 Original-Recipient header field at the beginning of the message 368 (along with the Return-Path header field). The delivering MTA MAY 369 delete any other Original-Recipient header fields that occur in the 370 message. The syntax of this header field is as follows: 372 original-recipient-header = 373 "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS 375 OWS = [CFWS] 376 ; Optional whitespace. 377 ; MDN generators SHOULD use "*WSP" 378 ; (typically a single space or nothing. 379 ; It SHOULD be nothing at the end of a field), 380 ; unless an RFC 5322 "comment" is required. 381 ; 382 ; MDN parsers MUST parse it as "[CFWS]". 384 The address-type and generic-address token are as specified in the 385 description of the Original-Recipient field in Section 3.2.3. 387 The purpose of carrying the original recipient information and 388 returning it in the MDN is to permit automatic correlation of MDNs 389 with the original message on a per-recipient basis. 391 2.4. Use with the Message/Partial Media Type 393 The use of the header fields Disposition-Notification-To, 394 Disposition-Notification-Options, and Original-Recipient with the 395 MIME message/partial content type (RFC-MIME-MEDIA [RFC2046]]) 396 requires further definition. 398 When a message is segmented into two or more message/partial 399 fragments, the three header fields mentioned in the above paragraph 400 SHOULD be placed in the "inner" or "enclosed" message (using the 401 terms of RFC-MIME-MEDIA [RFC2046]). If these header fields are found 402 in the header fields of any of the fragments, they are ignored. 404 When the multiple message/partial fragments are reassembled, the 405 following applies. If these header fields occur along with the other 406 header fields of a message/partial fragment message, they pertain to 407 an MDN that will be generated for the fragment. If these header 408 fields occur in the header fields of the "inner" or "enclosed" 409 message (using the terms of RFC-MIME-MEDIA [RFC2046]), they pertain 410 to an MDN that will be generated for the reassembled message. 411 Section 5.2.2.1 of RFC-MIME-MEDIA [RFC2046]) is amended to specify 412 that, in addition to the header fields specified there, the three 413 header fields described in this specification are to be appended, in 414 order, to the header fields of the reassembled message. Any 415 occurrences of the three header fields defined here in the header 416 fields of the initial enclosing message MUST NOT be copied to the 417 reassembled message. 419 3. Format of a Message Disposition Notification 421 A message disposition notification is a MIME message with a top-level 422 content-type of multipart/report (defined in RFC-REPORT [RFC6522]). 423 When multipart/report content is used to transmit an MDN: 425 a. The report-type parameter of the multipart/report content is 426 "disposition-notification". 428 b. The first component of the multipart/report contains a human- 429 readable explanation of the MDN, as described in RFC-REPORT 430 [RFC6522]. 432 c. The second component of the multipart/report is of content-type 433 message/disposition-notification, described in Section 3.1 of 434 this document. 436 d. If the original message or a portion of the message is to be 437 returned to the sender, it appears as the third component of the 438 multipart/report. The decision of whether or not to return the 439 message or part of the message is up to the MUA generating the 440 MDN. However, in the case of encrypted messages requesting MDNs, 441 encrypted message text MUST be returned, if it is returned at 442 all, only in its original encrypted form. 444 NOTE: For message disposition notifications gatewayed from foreign 445 systems, the header fields of the original message may not be 446 available. In this case, the third component of the MDN may be 447 omitted, or it may contain "simulated" RFC-MSGFMT [RFC5322] header 448 fields that contain equivalent information. In particular, it is 449 very desirable to preserve the subject and date fields from the 450 original message. 452 The MDN MUST be addressed (in both the message header field and the 453 transport envelope) to the address(es) from the Disposition- 454 Notification-To header field from the original message for which the 455 MDN is being generated. 457 The From header field of the MDN MUST contain the address of the 458 person for whom the message disposition notification is being issued. 460 The envelope sender address (i.e., SMTP "MAIL FROM") of the MDN MUST 461 be null (<>), specifying that no Delivery Status Notification 462 messages nor other messages indicating successful or unsuccessful 463 delivery are to be sent in response to an MDN. 465 A message disposition notification MUST NOT itself request an MDN. 466 That is, it MUST NOT contain a Disposition-Notification-To header 467 field. 469 The Message-ID header field (if present) for an MDN MUST be different 470 from the Message-ID of the message for which the MDN is being issued. 472 A particular MDN describes the disposition of exactly one message for 473 exactly one recipient. Multiple MDNs may be generated as a result of 474 one message submission, one per recipient. However, due to the 475 circumstances described in Section 2.1, it's possible that some of 476 the recipients for whom MDNs were requested will not generate MDNs. 478 3.1. The message/disposition-notification Media Type 480 The message/disposition-notification Media Type is defined as 481 follows: 483 Type name: message 485 Subtype name: disposition-notification 487 Required parameters: none 489 Optional parameters: none 491 Encoding considerations: "7bit" encoding is sufficient and MUST be 492 used to maintain readability when viewed by non- 493 MIME mail readers. 495 Security considerations: discussed in Section 6 of [RFCXXXX]. 497 Interoperability considerations: none 499 Published specification: [RFCXXXX] 501 Applications that use this media type: Mail Transfer Agents and 502 email clients that support multipart/report 503 generation and/or parsing. 505 Fragment identifier considerations: N/A 507 Additional information: 509 Deprecated alias names for this type: N/A 511 Magic number(s): none 513 File extension(s): .disposition-notification 515 Macintosh file type code(s): The 'TEXT' type 516 code is suggested as files of this type are 517 typically used for diagnostic purposes and 518 suitable for analysis in a text editor. A 519 uniform type identifier (UTI) of "public.utf8- 520 email-message-header" is suggested. This type 521 conforms to "public.plain-text". 523 Person & email address to contact for further information: See the 524 Authors' Addresses section of [RFCXXXX] 526 Intended usage: COMMON 528 Restrictions on usage: This media type contains textual data in the 529 US-ASCII charset, which is always 7-bit. 531 Author: See the Authors' Addresses section of [RFCXXXX] 533 Change controller: IETF 535 Provisional registration? no 536 (While the 7bit restriction applies to the message/disposition- 537 notification portion of the multipart/report content, it does not 538 apply to the optional third portion of the multipart/report content.) 540 The message/disposition-notification report type for use in the 541 multipart/report is "disposition-notification". 543 The body of a message/disposition-notification consists of one or 544 more "fields" formatted according to the ABNF of RFC-MSGFMT [RFC5322] 545 header "fields". The syntax of the message/disposition-notification 546 content is as follows: 548 disposition-notification-content = [ reporting-ua-field CRLF ] 549 [ mdn-gateway-field CRLF ] 550 [ original-recipient-field CRLF ] 551 final-recipient-field CRLF 552 [ original-message-id-field CRLF ] 553 disposition-field CRLF 554 *( failure-field CRLF ) 555 *( error-field CRLF ) 556 *( extension-field CRLF ) 558 extension-field = extension-field-name ":" *([FWS] text) 560 extension-field-name = field-name 562 Note that the order of the above fields is recommended, but not 563 fixed. Extension fields can appear anywhere. 565 3.1.1. General conventions for fields 567 Since these fields are defined according to the rules of RFC-MSGFMT 568 [RFC5322], the same conventions for continuation lines and comments 569 apply. Notification fields may be continued onto multiple lines by 570 beginning each additional line with a SPACE or HTAB. Text that 571 appears in parentheses is considered a comment and not part of the 572 contents of that notification field. Field names are case- 573 insensitive, so the names of notification fields may be spelled in 574 any combination of upper and lower case letters. [RFC5322] comments 575 in notification fields may use the "encoded-word" construct defined 576 in RFC-MIME-HEADER [RFC2047]. 578 3.1.2. "*-type" subfields 580 Several fields consist of a "-type" subfield, followed by a semi- 581 colon, followed by "*text". 583 For these fields, the keyword used in the address-type or MTA-type 584 subfield indicates the expected format of the address or MTA-name 585 that follows. 587 The "-type" subfields are defined as follows: 589 a. An "address-type" specifies the format of a mailbox address. For 590 example, Internet Mail addresses use the "rfc822" address-type. 591 Other values can appear in this field as specified in the 592 "Address Types" IANA subregistry established by RFC-DSN-FORMAT 593 [RFC3464]. 595 address-type = atom 597 atom = 599 b. An "MTA-name-type" specifies the format of a mail transfer agent 600 name. For example, for an SMTP server on an Internet host, the 601 MTA name is the domain name of that host, and the "dns" MTA-name- 602 type is used. Other values can appear in this field as specified 603 in the "MTA Name Types" IANA subregistry established by RFC-DSN- 604 FORMAT [RFC3464]. 606 mta-name-type = atom 608 Values for address-type and mta-name-type are case-insensitive. 609 Thus, address-type values of "RFC822" and "rfc822" are equivalent. 611 The Internet Assigned Numbers Authority (IANA) maintains a registry 612 of address-type and mta-name-type values, along with descriptions of 613 the meanings of each, or a reference to one or more specifications 614 that provide such descriptions. (The "rfc822" address-type is 615 defined in RFC-DSN-SMTP [RFC3461].) Registration forms for address- 616 type and mta-name-type appear in RFC-DSN-FORMAT [RFC3464]. 618 3.2. Message/disposition-notification Content Fields 620 3.2.1. The Reporting-UA field 621 reporting-ua-field = "Reporting-UA" ":" OWS ua-name OWS [ ";" OWS ua-product OWS ] 623 ua-name = *text-no-semi 625 ua-product = *([FWS] text) 627 text-no-semi = %d1-9 / ; "text" characters excluding NUL, CR, 628 %d11 / %d12 / %d14-58 / %d60-127 ; LF, or semi-colon 630 The Reporting-UA field is defined as follows: 632 An MDN describes the disposition of a message after it has been 633 delivered to a recipient. In all cases, the Reporting-UA is the MUA 634 that performed the disposition described in the MDN. This field is 635 optional, but recommended. For Internet Mail user agents, it is 636 recommended that this field contain both: the DNS name of the 637 particular instance of the MUA that generated the MDN, and the name 638 of the product. For example, 640 Reporting-UA: pc.example.com; Foomail 97.1 642 If the reporting MUA consists of more than one component (e.g., a 643 base program and plug-ins), this may be indicated by including a list 644 of product names. 646 3.2.2. The MDN-Gateway field 648 The MDN-Gateway field indicates the name of the gateway or MTA that 649 translated a foreign (non-Internet) message disposition notification 650 into this MDN. This field MUST appear in any MDN that was translated 651 by a gateway from a foreign system into MDN format, and MUST NOT 652 appear otherwise. 654 mdn-gateway-field = "MDN-Gateway" ":" OWS mta-name-type OWS ";" OWS mta-name OWS 656 mta-name = *text 658 For gateways into Internet Mail, the MTA-name-type will normally be 659 "dns", and the mta-name will be the Internet domain name of the 660 gateway. 662 3.2.3. Original-Recipient field 664 The Original-Recipient field indicates the original recipient address 665 as specified by the sender of the message for which the MDN is being 666 issued. For Internet Mail messages, the value of the Original- 667 Recipient field is obtained from the Original-Recipient header field 668 from the message for which the MDN is being generated. If there is 669 an Original-Recipient header field in the message, or if information 670 about the original recipient is reliably available some other way, 671 then the Original-Recipient field MUST be included. Otherwise, the 672 Original-Recipient field MUST NOT be included. If there is more than 673 one Original-Recipient header field in the message, the MUA may 674 choose the one to use, or act as if no Original-Recipient header 675 field is present. 677 original-recipient-field = 678 "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS 680 generic-address = *text 682 The address-type field indicates the type of the original recipient 683 address. If the message originated within the Internet, the address- 684 type field will normally be "rfc822", and the address will be 685 according to the syntax specified in RFC-MSGFMT [RFC5322]. The value 686 "unknown" should be used if the Reporting MUA cannot determine the 687 type of the original recipient address from the message envelope. 688 This address is the same as that provided by the sender and can be 689 used to automatically correlate MDN reports with original messages on 690 a per recipient basis. 692 3.2.4. Final-Recipient field 694 The Final-Recipient field indicates the recipient for which the MDN 695 is being issued. This field MUST be present. 697 The syntax of the field is as follows: 699 final-recipient-field = 700 "Final-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS 702 The generic-address subfield of the Final-Recipient field MUST 703 contain the mailbox address of the recipient (from the From header 704 field of the MDN) as it was when the MDN was generated by the MUA. 706 The Final-Recipient address may differ from the address originally 707 provided by the sender, because it may have been transformed during 708 forwarding and gatewaying into a totally unrecognizable mess. 709 However, in the absence of the optional Original-Recipient field, the 710 Final-Recipient field and any returned content may be the only 711 information available with which to correlate the MDN with a 712 particular message recipient. 714 The address-type subfield indicates the type of address expected by 715 the reporting MTA in that context. Recipient addresses obtained via 716 SMTP will normally be of address-type "rfc822", but can be other 717 values from the "Address Types" subregistry of the "Delivery Status 718 Notification (DSN) Types" IANA registry. 720 Since mailbox addresses (including those used in the Internet) may be 721 case sensitive, the case of alphabetic characters in the address MUST 722 be preserved. 724 3.2.5. Original-Message-ID field 726 The Original-Message-ID field indicates the message-ID of the message 727 for which the MDN is being issued. It is obtained from the Message- 728 ID header field of the message for which the MDN is issued. This 729 field MUST be present if and only if the original message contained a 730 Message-ID header field. The syntax of the field is as follows: 732 original-message-id-field = 733 "Original-Message-ID" ":" msg-id 735 The msg-id token is as specified in RFC-MSGFMT [RFC5322]. 737 3.2.6. Disposition field 739 The Disposition field indicates the action performed by the 740 Reporting-MUA on behalf of the user. This field MUST be present. 742 The syntax for the Disposition field is: 744 disposition-field = 745 "Disposition" ":" OWS disposition-mode OWS ";" 746 OWS disposition-type 747 [ OWS "/" OWS disposition-modifier 748 *( OWS "," OWS disposition-modifier ) ] OWS 750 disposition-mode = action-mode OWS "/" OWS sending-mode 752 action-mode = "manual-action" / "automatic-action" 754 sending-mode = "MDN-sent-manually" / "MDN-sent-automatically" 756 disposition-type = "displayed" / "deleted" / "dispatched" / 757 "processed" 759 disposition-modifier = "error" / disposition-modifier-extension 761 disposition-modifier-extension = atom 762 The disposition-mode, disposition-type, and disposition-modifier 763 values may be spelled in any combination of upper and lower case US- 764 ASCII characters. 766 3.2.6.1. Disposition modes 768 Disposition mode consists of 2 parts: action mode and sending mode. 770 The following action modes are defined: 772 "manual-action" The disposition described by the disposition type 773 was a result of an explicit instruction by the 774 user rather than some sort of automatically 775 performed action. (This might include the case 776 when the user has manually configured her MUA to 777 automatically respond to valid MDN requests.) 778 Unless prescribed otherwise in a particular mail 779 environment, in order to preserve user's privacy, 780 this MUST be the default for MUAs. 782 "automatic-action" The disposition described by the disposition type 783 was a result of an automatic action, rather than 784 an explicit instruction by the user for this 785 message. This is typically generated by a Mail 786 Delivery Agent (e.g. MDN generations by Sieve 787 reject action [RFC5429], Fax-over-Email 788 [RFC3249], Voice Messaging System (VPIM) 789 [RFC3801] or upon delivery to a mailing list). 791 "Manual-action" and "automatic-action" are mutually exclusive. One 792 or the other MUST be specified. 794 The following sending modes are defined: 796 "MDN-sent-manually" The user explicitly gave permission for this 797 particular MDN to be sent. Unless prescribed 798 otherwise in a particular mail environment, in 799 order to preserve user's privacy, this MUST be 800 the default for MUAs. 802 "MDN-sent-automatically" The MDN was sent because the MUA had 803 previously been configured to do so 804 automatically. 806 "MDN-sent-manually" and "MDN-sent-automatically" are mutually 807 exclusive. One or the other MUST be specified. 809 3.2.6.2. Disposition types 811 The following disposition-types are defined: 813 "displayed" The message has been displayed by the MUA to 814 someone reading the recipient's mailbox. There 815 is no guarantee that the content has been read or 816 understood. 818 "dispatched" The message has been sent somewhere in some 819 manner (e.g., printed, faxed, forwarded) without 820 necessarily having been previously displayed to 821 the user. The user may or may not see the 822 message later. 824 "processed" The message has been processed in some manner 825 (i.e., by some sort of rules or server) without 826 being displayed to the user. The user may or may 827 not see the message later, or there may not even 828 be a human user associated with the mailbox. 830 "deleted" The message has been deleted. The recipient may 831 or may not have seen the message. The recipient 832 might "undelete" the message at a later time and 833 read the message. 835 3.2.6.3. Disposition modifiers 837 Only the extension disposition modifiers is defined: 839 disposition-modifier-extension 840 Disposition modifiers may be defined in the 841 future by later revisions or extensions to this 842 specification. MDN disposition value names MUST 843 be registered with the Internet Assigned Numbers 844 Authority (IANA) using "Specification required" 845 registration policy. (See Section 10 for a 846 registration form.) MDNs with disposition 847 modifier names not understood by the receiving 848 MUA MAY be silently ignored or placed in the 849 user's mailbox without special interpretation. 850 They MUST NOT cause any error message to be sent 851 to the sender of the MDN. 853 It is not required that an MUA be able to generate all of the 854 possible values of the Disposition field. 856 A user agent MUST NOT issue more than one MDN on behalf of each 857 particular recipient. That is, once an MDN has been issued on behalf 858 of a recipient, no further MDNs may be issued on behalf of that 859 recipient, even if another disposition is performed on the message. 860 However, if a message is forwarded, a "dispatched" MDN MAY be issued 861 for the recipient doing the forwarding and the recipient of the 862 forwarded message may also cause an MDN to be generated. 864 3.2.7. Failure and Error Fields 866 The Failure and Error fields are used to supply additional 867 information in the form of text messages when the "error" disposition 868 modifier appear. The syntax is as follows: 870 failure-field = "Failure" ":" *([FWS] text) 872 error-field = "Error" ":" *([FWS] text) 874 Note that syntax of these header fields doesn't include comments, so 875 "encoded-word" construct defined in RFC-MIME-HEADER [RFC2047] can't 876 be used to convey non ASCII text. Application that need to convey 877 non ASCII text in these fields should consider implementing message/ 878 global-disposition-notification media type specified in [RFC6533] 879 instead of this specification. 881 3.3. Extension-fields 883 Additional MDN fields may be defined in the future by later revisions 884 or extensions to this specification. MDN field names MUST be 885 registered with the Internet Assigned Numbers Authority (IANA) using 886 "Specification required" registration policy. (See Section 10 for a 887 registration form.) MDN Extension-fields may be defined for the 888 following reasons: 890 a. To allow additional information from foreign disposition reports 891 to be tunneled through Internet MDNs. The names of such MDN 892 fields should begin with an indication of the foreign environment 893 name (e.g., X400-Physical-Forwarding-Address). 895 b. To allow transmission of diagnostic information that is specific 896 to a particular mail user agent (MUA). The names of such MDN 897 fields should begin with an indication of the MUA implementation 898 that produced the MDN (e.g., Foomail-information). 900 4. Timeline of events 902 The following timeline shows when various events in the processing of 903 a message and generation of MDNs take place: 905 -- User composes message 907 -- User tells MUA to send message. 909 -- MUA passes message to Mail Submission Agent (MSA), original 910 recipient information passed along. 912 -- MSA sends message to next MTA. 914 -- Final MTA receives message. 916 -- Final MTA delivers message to recipient's mailbox (possibly 917 generating a Delivery Status Notification (DSN)). 919 -- (Recipient's) MUA discovers a new message in recipient's mailbox 920 and decides whether an MDN should be generated. If the MUA has 921 information that an MDN has already been generated for this 922 message, no further MDN processing described below is performed. 923 If MUA decides that no MDN can be generated, no further MDN 924 processing described below is performed. 926 -- MUA performs automatic processing and might generate corresponding 927 MDNs ("dispatched", "processed" or "deleted" disposition type with 928 "automatic-action" and "MDN-sent-automatically" disposition 929 modes). The MUA remembers that an MDN was generated. 931 -- MUA displays list of messages to user. 933 -- User selects a message and requests that some action be performed 934 on it. 936 -- MUA performs requested action; if an automatic MDN has not already 937 been generated, with user's permission, sends an appropriate MDN 938 ("displayed", "dispatched", "processed", or "deleted" disposition 939 type, with "manual-action" and "MDN-sent-manually" or "MDN-sent- 940 automatically" disposition mode). The MUA remembers that an MDN 941 was generated. 943 -- User possibly performs other actions on message, but no further 944 MDNs are generated. 946 5. Conformance and Usage Requirements 948 An MUA or gateway conforms to this specification if it generates MDNs 949 according to the protocol defined in this memo. It is not necessary 950 to be able to generate all of the possible values of the Disposition 951 field. 953 MUAs and gateways MUST NOT generate the Original-Recipient field of 954 an MDN unless the mail protocols provide the address originally 955 specified by the sender at the time of submission. Ordinary SMTP 956 does not make that guarantee, but the SMTP extension defined in RFC- 957 DSN-SMTP [RFC3461] permits such information to be carried in the 958 envelope if it is available. The Original-Recipient header field 959 defined in this document provides a way for the MTA to pass the 960 original recipient address to the MUA. 962 Each sender-specified recipient address may result in more than one 963 MDN. If an MDN is requested for a recipient that is forwarded to 964 multiple recipients of an "alias" (as defined in RFC-DSN-SMTP 965 [RFC3461], section 6.2.7.3), each of the recipients may issue an MDN. 967 Successful distribution of a message to a mailing list exploder or 968 gateway to Usenet newsgroup SHOULD be considered the final 969 disposition of the message. A mailing list exploder MAY issue an MDN 970 with a disposition type of "processed" and disposition modes of 971 "automatic-action" and "MDN-sent-automatically" indicating that the 972 message has been forwarded to the list. In this case, the request 973 for MDNs is not propagated to the members of the list. 975 Alternatively (if successful distribution of a message to a mailing 976 list exploder/Usenet newsgroup is not considered the final 977 disposition of the message), the mailing list exploder can issue no 978 MDN and propagate the request for MDNs to all members of the list. 980 The latter behavior is not recommended for any but small, closely 981 knit lists, as it might cause large numbers of MDNs to be generated 982 and may cause confidential subscribers to the list to be revealed. 983 The mailing list exploder can also direct MDNs to itself, correlate 984 them, and produce a report to the original sender of the message. 986 This specification places no restrictions on the processing of MDNs 987 received by user agents or mailing lists. 989 6. Security Considerations 991 The following security considerations apply when using MDNs: 993 6.1. Forgery 995 MDNs can be (and are, in practice) forged as easily as ordinary 996 Internet electronic mail. User agents and automatic mail handling 997 facilities (such as mail distribution list exploders) that wish to 998 make automatic use of MDNs should take appropriate precautions to 999 minimize the potential damage from denial-of-service attacks. 1001 Security threats related to forged MDNs include the sending of: 1003 a. A falsified disposition notification when the indicated 1004 disposition of the message has not actually occurred, 1006 b. Unsolicited MDNs 1008 6.2. Privacy 1010 Another dimension of security is privacy. There may be cases in 1011 which a message recipient does not wish the disposition of messages 1012 addressed to him to be known, or is concerned that the sending of 1013 MDNs may reveal other sensitive information (e.g., when the message 1014 was read). In this situation, it is acceptable for the MUA to 1015 silently ignore requests for MDNs. 1017 If the Disposition-Notification-To header field is passed on 1018 unmodified when a message is distributed to the subscribers of a 1019 mailing list, the subscribers to the list may be revealed to the 1020 sender of the original message by the generation of MDNs. 1022 Headers of the original message returned in part 3 of the multipart/ 1023 report, as well as content of the message/disposition-notification 1024 part could reveal confidential information about host names and/or 1025 network topology inside a firewall. 1027 Disposition mode (Section 3.2.6.1) can leak information about 1028 recipient's MUA configuration, in particular whether MDNs are 1029 acknowledged manually or automatically. If this is a concern, MUAs 1030 can return "manual-action/MDN-sent-manually" disposition mode in 1031 generated MDNs. 1033 In general, any optional MDN field may be omitted if the Reporting 1034 MUA site or user determines that inclusion of the field would impose 1035 too great a compromise of site confidentiality. The need for such 1036 confidentiality must be balanced against the utility of the omitted 1037 information in MDNs. 1039 In some cases, someone with access to the message stream may use the 1040 MDN request mechanism to monitor the mail reading habits of a target. 1041 If the target is known to generate MDN reports, they could add a 1042 disposition-notification-to field containing the envelope from 1043 address along with a source route. The source route is ignored in 1044 the comparison so the addresses will always match. But if the source 1045 route is honored when the notification is sent, it could direct the 1046 message to some other destination. This risk can be minimized by not 1047 sending MDN's automatically. 1049 6.3. Non-Repudiation 1051 MDNs do not provide non-repudiation with proof of delivery. Within 1052 the framework of today's Internet Mail, the MDNs defined in this 1053 document provide valuable information to the mail user; however, MDNs 1054 cannot be relied upon as a guarantee that a message was or was not 1055 seen by the recipient. Even if MDNs are not actively forged, they 1056 may be lost in transit. The recipient may bypass the MDN issuing 1057 mechanism in some manner. 1059 One possible solution for this purpose can be found in RFC-SEC- 1060 SERVICES [RFC2634]. 1062 6.4. Mail Bombing 1064 The MDN request mechanism introduces an additional way of mailbombing 1065 a mailbox. The MDN request notification provides an address to which 1066 MDN's should be sent. It is possible for an attacking agent to send 1067 a potentially large set of messages to otherwise unsuspecting third 1068 party recipients with a false "disposition-notification-to:" address. 1069 Automatic, or simplistic processing of such requests would result in 1070 a flood of MDN notifications to the target of the attack. Such an 1071 attack could overrun the capacity of the targeted mailbox and deny 1072 service. 1074 For that reason, MDN's SHOULD NOT be sent automatically where the 1075 "disposition-notification-to:" address is different from the SMTP 1076 "MAIL FROM" address (which is carried in the Return-Path header 1077 field). See Section 2.1 for further discussion. 1079 7. Collected ABNF Grammar 1081 NOTE: The following lexical tokens are defined in RFC-MSGFMT 1082 [RFC5322]: CRLF, FWS, CFWS, field-name, mailbox-list, msg-id, text, 1083 comment, word. The following lexical tokens are defined in RFC-SMTP 1084 [RFC5321]: atom. (Note that RFC-MSGFMT [RFC5322] also defines 1085 "atom", but the version from RFC-SMTP [RFC5321] is more restrictive 1086 and this more restrictive version is used in this document.) 1087 "encoded-word" construct defined in RFC-MIME-HEADER [RFC2047] is 1088 allowed everywhere where RFC-MSGFMT [RFC5322] "comment" is used, for 1089 example in CFWS. 1091 OWS = [CFWS] 1092 ; Optional whitespace. 1093 ; MDN generators SHOULD use "*WSP" 1094 ; (typically a single space or nothing. 1095 ; It SHOULD be nothing at the end of a field), 1096 ; unless an RFC 5322 "comment" is required. 1097 ; 1098 ; MDN parsers MUST parse it as "[CFWS]". 1100 Message header fields: 1101 mdn-request-header = 1102 "Disposition-Notification-To" ":" mailbox-list CRLF 1104 Disposition-Notification-Options = 1105 "Disposition-Notification-Options" ":" [FWS] 1106 disposition-notification-parameter-list CRLF 1108 disposition-notification-parameter-list = 1109 disposition-notification-parameter 1110 *([FWS] ";" [FWS] disposition-notification-parameter) 1112 disposition-notification-parameter = attribute [FWS] "=" [FWS] 1113 importance [FWS] "," [FWS] value *([FWS] "," [FWS] value) 1115 importance = "required" / "optional" 1117 attribute = atom 1119 value = word 1121 original-recipient-header = 1122 "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS CRLF 1124 Report content: 1125 disposition-notification-content = 1126 [ reporting-ua-field CRLF ] 1127 [ mdn-gateway-field CRLF ] 1128 [ original-recipient-field CRLF ] 1129 final-recipient-field CRLF 1130 [ original-message-id-field CRLF ] 1131 disposition-field CRLF 1132 *( failure-field CRLF ) 1133 *( error-field CRLF ) 1134 *( extension-field CRLF ) 1136 address-type = atom 1138 mta-name-type = atom 1140 reporting-ua-field = "Reporting-UA" ":" OWS ua-name OWS [ ";" OWS ua-product OWS ] 1142 ua-name = *text-no-semi 1144 ua-product = *([FWS] text) 1146 text-no-semi = %d1-9 / ; "text" characters excluding NUL, CR, 1147 %d11 / %d12 / %d14-58 / %d60-127 ; LF, or semi-colon 1149 mdn-gateway-field = "MDN-Gateway" ":" OWS mta-name-type OWS ";" OWS mta-name 1151 mta-name = *text 1153 original-recipient-field = 1154 "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS 1156 generic-address = *text 1158 final-recipient-field = 1159 "Final-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS 1161 original-message-id-field = "Original-Message-ID" ":" msg-id 1163 disposition-field = 1164 "Disposition" ":" OWS disposition-mode OWS ";" 1165 OWS disposition-type 1166 [ OWS "/" OWS disposition-modifier 1167 *( OWS "," OWS disposition-modifier ) ] OWS 1169 disposition-mode = action-mode OWS "/" OWS sending-mode 1170 action-mode = "manual-action" / "automatic-action" 1172 sending-mode = "MDN-sent-manually" / "MDN-sent-automatically" 1174 disposition-type = "displayed" / "deleted" / "dispatched" / 1175 "processed" 1177 disposition-modifier = "error" / disposition-modifier-extension 1179 disposition-modifier-extension = atom 1181 failure-field = "Failure" ":" *([FWS] text) 1183 error-field = "Error" ":" *([FWS] text) 1185 extension-field = extension-field-name ":" *([FWS] text) 1187 extension-field-name = field-name 1189 8. Guidelines for Gatewaying MDNs 1191 NOTE: This section provides non-binding recommendations for the 1192 construction of mail gateways that wish to provide semi-transparent 1193 disposition notifications between the Internet and another electronic 1194 mail system. Specific MDN gateway requirements for a particular pair 1195 of mail systems may be defined by other documents. 1197 8.1. Gatewaying from other mail systems to MDNs 1199 A mail gateway may issue an MDN to convey the contents of a "foreign" 1200 disposition notification over Internet Mail. When there are 1201 appropriate mappings from the foreign notification elements to MDN 1202 fields, the information may be transmitted in those MDN fields. 1203 Additional information (such as might be needed to tunnel the foreign 1204 notification through the Internet) may be defined in extension MDN 1205 fields. (Such fields should be given names that identify the foreign 1206 mail protocol, e.g., X400-* for X.400 protocol elements). 1208 The gateway must attempt to supply reasonable values for the 1209 Reporting-UA, Final-Recipient, and Disposition fields. These will 1210 normally be obtained by translating the values from the foreign 1211 notification into their Internet-style equivalents. However, some 1212 loss of information is to be expected. 1214 The sender-specified recipient address and the original message-id, 1215 if present in the foreign notification, should be preserved in the 1216 Original-Recipient and Original-Message-ID fields. 1218 The gateway should also attempt to preserve the "final" recipient 1219 address from the foreign system. Whenever possible, foreign protocol 1220 elements should be encoded as meaningful printable ASCII strings. 1222 For MDNs produced from foreign disposition notifications, the name of 1223 the gateway MUST appear in the MDN-Gateway field of the MDN. 1225 8.2. Gatewaying from MDNs to other mail systems 1227 It may be possible to gateway MDNs from the Internet into a foreign 1228 mail system. The primary purpose of such gatewaying is to convey 1229 disposition information in a form that is usable by the destination 1230 system. A secondary purpose is to allow "tunneling" of MDNs through 1231 foreign mail systems in case the MDN may be gatewayed back into the 1232 Internet. 1234 In general, the recipient of the MDN (i.e., the sender of the 1235 original message) will want to know, for each recipient: the closest 1236 available approximation to the original recipient address, and the 1237 disposition (displayed, printed, etc.). 1239 If possible, the gateway should attempt to preserve the Original- 1240 Recipient address and Original-Message-ID (if present) in the 1241 resulting foreign disposition report. 1243 If it is possible to tunnel an MDN through the destination 1244 environment, the gateway specification may define a means of 1245 preserving the MDN information in the disposition reports used by 1246 that environment. 1248 8.3. Gatewaying of MDN-requests to other mail systems 1250 By use of the separate disposition-notification-to request header 1251 field, this specification offers a richer functionality than most, if 1252 not all, other email systems. In most other email systems, the 1253 notification recipient is identical to the message sender as 1254 indicated in the "from" address. There are two interesting cases 1255 when gatewaying into such systems: 1257 1. If the address in the disposition-notification-to header field is 1258 identical to the address in the SMTP "MAIL FROM", the expected 1259 behavior will result, even if the disposition-notification-to 1260 information is lost. Systems should propagate the MDN request. 1262 2. If the address in the disposition-notification-to header field is 1263 different from the address in the SMTP "MAIL FROM", gatewaying 1264 into a foreign system without a separate notification address 1265 will result in unintended behavior. This is especially important 1266 when the message arrives via a mailing list expansion software 1267 that may specifically replace the SMTP "MAIL FROM" address with 1268 an alternate address. In such cases, the MDN request should not 1269 be gatewayed and should be silently dropped. This is consistent 1270 with other forms of non-support for MDN. 1272 9. Example 1274 NOTE: This example is provided as illustration only, and is not 1275 considered part of the MDN protocol specification. If the example 1276 conflicts with the protocol definition above, the example is wrong. 1278 Likewise, the use of *-type subfield names or extension fields in 1279 this example is not to be construed as a definition for those type 1280 names or extension fields. 1282 This is an MDN issued after a message has been displayed to the user 1283 of an Internet Mail user agent. 1285 Date: Wed, 20 Sep 1995 00:19:00 (EDT) -0400 1286 From: Joe Recipient 1287 Message-Id: <199509200019.12345@example.com> 1288 Subject: Disposition notification 1289 To: Jane Sender 1290 MIME-Version: 1.0 1291 Content-Type: multipart/report; report-type=disposition-notification; 1292 boundary="RAA14128.773615765/example.com" 1294 --RAA14128.773615765/example.com 1296 The message sent on 1995 Sep 19 at 13:30:00 (EDT) -0400 to Joe 1297 Recipient with subject "First draft of 1298 report" has been displayed. 1299 This is no guarantee that the message has been read or understood. 1301 --RAA14128.773615765/example.com 1302 content-type: message/disposition-notification 1304 Reporting-UA: joes-pc.cs.example.com; Foomail 97.1 1305 Original-Recipient: rfc822;Joe_Recipient@example.com 1306 Final-Recipient: rfc822;Joe_Recipient@example.com 1307 Original-Message-ID: <199509192301.23456@example.org> 1308 Disposition: manual-action/MDN-sent-manually; displayed 1310 --RAA14128.773615765/example.com 1311 content-type: message/rfc822 1313 [original message optionally goes here] 1315 --RAA14128.773615765/example.com-- 1317 10. IANA Considerations 1319 There are two actions for IANA: 1321 1. IANA is asked to update the registration template for the 1322 message/disposition-notification media type to the one in 1323 Section 3.1 of this document, and to update the reference for 1324 that media type to point to this document instead of to RFC 3798. 1326 2. The registries specified here already exist, and this section is 1327 updating their documentation. IANA is asked to change the 1328 reference document for the three Message Disposition Notification 1329 Parameters registries to point to this document instead of to RFC 1330 3798. 1332 This document specifies three types of parameters that must be 1333 registered with the Internet Assigned Numbers Authority (IANA). All 1334 of them use [RFC5226] "Specification required" IANA registration 1335 policy. 1337 The forms below are for use when registering a new disposition- 1338 notification-parameter name for the Disposition-Notification-Options 1339 header field, a new disposition modifier name, or a new MDN extension 1340 field. Each piece of information required by a registration form may 1341 be satisfied either by providing the information on the form itself, 1342 or by including a reference to a published, publicly available 1343 specification that includes the necessary information. IANA MAY 1344 reject registrations because of incomplete registration forms or 1345 incomplete specifications. 1347 To register, complete the following applicable form and send it via 1348 electronic mail to . 1350 10.1. Disposition-Notification-Options header field disposition- 1351 notification-parameter names 1353 A registration for a Disposition-Notification-Options header field 1354 disposition-notification-parameter name MUST include the following 1355 information: 1357 a. The proposed disposition-notification-parameter name. 1359 b. The syntax for disposition-notification-parameter values, 1360 specified using BNF, ABNF, regular expressions, or other non- 1361 ambiguous language. 1363 c. If disposition-notification-parameter values are not composed 1364 entirely of graphic characters from the US-ASCII repertoire, a 1365 specification for how they are to be encoded as graphic US-ASCII 1366 characters in a Disposition-Notification-Options header field. 1368 d. A reference to a permanent and readily available public 1369 specification that describes the semantics of the disposition- 1370 notification-parameter values. 1372 10.2. Disposition modifier names 1374 A registration for a disposition-modifier name (used in the 1375 Disposition field of a message/disposition-notification) MUST include 1376 the following information: 1378 a. The proposed disposition-modifier name. 1380 b. A reference to a permanent and readily available public 1381 specification that describes the semantics of the disposition 1382 modifier. 1384 10.3. MDN extension field names 1386 A registration for an MDN extension-field name MUST include the 1387 following information: 1389 a. The proposed extension field name. 1391 b. The syntax for extension values, specified using BNF, ABNF, 1392 regular expressions, or other non-ambiguous language. 1394 c. If extension-field values are not composed entirely of graphic 1395 characters from the US-ASCII repertoire, a specification for how 1396 they are to be encoded as graphic US-ASCII characters in a 1397 Disposition-Notification-Options header field. 1399 d. A reference to a permanent and readily available public 1400 specification that describes the semantics of the extension 1401 field. 1403 11. Acknowledgements 1405 The contributions of Bruce Lilly, Alfred Hoenes, Barry Leiba, Ben 1406 Campbell and Pete Resnick are gratefully acknowledged for this 1407 revision. 1409 The contributions of Roger Fajman and Greg Vaudreuil to earlier 1410 versions of this document are also gratefully acknowledged. 1412 12. References 1414 12.1. Normative References 1416 [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 1417 DOI 10.17487/RFC5321, October 2008, 1418 . 1420 [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, 1421 DOI 10.17487/RFC5322, October 2008, 1422 . 1424 [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 1425 Extensions (MIME) Part One: Format of Internet Message 1426 Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996, 1427 . 1429 [RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 1430 Extensions (MIME) Part Two: Media Types", RFC 2046, 1431 DOI 10.17487/RFC2046, November 1996, 1432 . 1434 [RFC2047] Moore, K., "MIME (Multipurpose Internet Mail Extensions) 1435 Part Three: Message Header Extensions for Non-ASCII Text", 1436 RFC 2047, DOI 10.17487/RFC2047, November 1996, 1437 . 1439 [RFC6522] Kucherawy, M., Ed., "The Multipart/Report Media Type for 1440 the Reporting of Mail System Administrative Messages", 1441 STD 73, RFC 6522, DOI 10.17487/RFC6522, January 2012, 1442 . 1444 [RFC3461] Moore, K., "Simple Mail Transfer Protocol (SMTP) Service 1445 Extension for Delivery Status Notifications (DSNs)", 1446 RFC 3461, DOI 10.17487/RFC3461, January 2003, 1447 . 1449 [RFC3464] Moore, K. and G. Vaudreuil, "An Extensible Message Format 1450 for Delivery Status Notifications", RFC 3464, 1451 DOI 10.17487/RFC3464, January 2003, 1452 . 1454 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1455 Requirement Levels", BCP 14, RFC 2119, 1456 DOI 10.17487/RFC2119, March 1997, 1457 . 1459 [RFC3503] Melnikov, A., "Message Disposition Notification (MDN) 1460 profile for Internet Message Access Protocol (IMAP)", 1461 RFC 3503, DOI 10.17487/RFC3503, March 2003, 1462 . 1464 12.2. Informative References 1466 [RFC2634] Hoffman, P., Ed., "Enhanced Security Services for S/MIME", 1467 RFC 2634, DOI 10.17487/RFC2634, June 1999, 1468 . 1470 [RFC3249] Cancio, V., Moldovan, M., Tamura, H., and D. Wing, 1471 "Implementers Guide for Facsimile Using Internet Mail", 1472 RFC 3249, DOI 10.17487/RFC3249, September 2002, 1473 . 1475 [RFC3501] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 1476 4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003, 1477 . 1479 [RFC3801] Vaudreuil, G. and G. Parsons, "Voice Profile for Internet 1480 Mail - version 2 (VPIMv2)", RFC 3801, 1481 DOI 10.17487/RFC3801, June 2004, 1482 . 1484 [RFC5233] Murchison, K., "Sieve Email Filtering: Subaddress 1485 Extension", RFC 5233, DOI 10.17487/RFC5233, January 2008, 1486 . 1488 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an 1489 IANA Considerations Section in RFCs", BCP 26, RFC 5226, 1490 DOI 10.17487/RFC5226, May 2008, 1491 . 1493 [RFC5429] Stone, A., Ed., "Sieve Email Filtering: Reject and 1494 Extended Reject Extensions", RFC 5429, 1495 DOI 10.17487/RFC5429, March 2009, 1496 . 1498 [RFC5598] Crocker, D., "Internet Mail Architecture", RFC 5598, 1499 DOI 10.17487/RFC5598, July 2009, 1500 . 1502 [RFC6533] Hansen, T., Ed., Newman, C., and A. Melnikov, 1503 "Internationalized Delivery Status and Disposition 1504 Notifications", RFC 6533, DOI 10.17487/RFC6533, February 1505 2012, . 1507 Appendix A. Changes from RFC 3798 1509 Changed IANA registration for different subregistries to 1510 "Specification Required" to match what is already used by IANA. 1512 Updated IANA registration template for message/disposition- 1513 notification. 1515 "X-" fields no longer reserved for experimental use and can now be 1516 registered in compliance with RFC 6648. 1518 Fixed the default MTA-name-type used in "MDN-Gateway" to be "dns". 1520 Strengthen requirements on obtaining user consent in order to protect 1521 user privacy. 1523 The values of "dispatched" and "processed" were lost from the ABNF 1524 for "disposition-type". (Erratum #691) 1526 Because the warning disposition modifier was previously removed, 1527 warning-field has also been removed. (Erratum #692) 1529 The ABNF for ua-name and ua-product included semi-colon, which could 1530 not be distinguished from *text in the production. The ua-name was 1531 restricted to not include semi-colon. Semi-colon can still appear in 1532 the ua-product. 1534 The ABNF did not indicate all places that whitespace was allowable, 1535 in particular folding whitespace, although all implementations allow 1536 whitespace and folding in the header fields just like any other 1537 RFC5322 [RFC5322]-formatted header field. There were also a number 1538 of places in the ABNF that inconsistently permitted comments and 1539 whitespace in one leg of the production and not another. The ABNF 1540 now specifies FWS and CFWS in several places that should have already 1541 been specified by the grammar. 1543 Extension-field was defined in the collected grammar but not in the 1544 main text. 1546 The comparison of mailboxes in Disposition-Notification-To to the 1547 Return-Path addr-spec was clarified. 1549 The use of the grammar production "parameter" was confusing with the 1550 RFC2045 [RFC2045] production of the same name, as well as other uses 1551 of the same term. These have been clarified. 1553 A clarification was added on the extent of the 7bit nature of MDNs. 1555 Uses of the terms "may" and "might" were clarified. 1557 A clarification was added on the order of the fields in the message/ 1558 disposition-notification content. 1560 Authors' Addresses 1562 Tony Hansen (editor) 1563 AT&T Laboratories 1564 200 Laurel Ave. South 1565 Middletown, NJ 07748 1566 USA 1568 Email: tony@att.com 1570 Alexey Melnikov (editor) 1571 Isode Ltd 1572 14 Castle Mews 1573 Hampton, Middlesex TW12 2NP 1574 UK 1576 Email: Alexey.Melnikov@isode.com