idnits 2.17.1 draft-melnikov-eai-rfc5337bis-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 18. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 779. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 790. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 797. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 803. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document obsoletes RFC5337, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document updates RFC3798, but the abstract doesn't seem to directly say this. It does mention RFC3798 though, so this could be OK. -- The draft header indicates that this document updates RFC3461, but the abstract doesn't seem to directly say this. It does mention RFC3461 though, so this could be OK. -- The draft header indicates that this document updates RFC3462, but the abstract doesn't seem to directly say this. It does mention RFC3462 though, so this could be OK. -- The draft header indicates that this document updates RFC3464, but the abstract doesn't seem to directly say this. It does mention RFC3464 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year (Using the creation date from RFC3461, updated by this document, for RFC5378 checks: 2001-06-21) (Using the creation date from RFC3462, updated by this document, for RFC5378 checks: 2001-06-19) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (December 15, 2008) is 5611 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 3462 (Obsoleted by RFC 6522) ** Obsolete normative reference: RFC 3798 (Obsoleted by RFC 8098) == Outdated reference: A later version (-12) exists of draft-ietf-eai-utf8headers-08 == Outdated reference: A later version (-13) exists of draft-ietf-eai-smtpext-10 ** Obsolete normative reference: RFC 4646 (ref. 'LANGTAGS') (Obsoleted by RFC 5646) == Outdated reference: A later version (-12) exists of draft-ietf-eai-downgrade-05 Summary: 4 errors (**), 0 flaws (~~), 4 warnings (==), 12 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group C. Newman 3 Internet-Draft Sun Microsystems 4 Obsoletes: 5337 (if approved) A. Melnikov, Ed. 5 Updates: 3461,3462,3464,3798 Isode Ltd 6 (if approved) December 15, 2008 7 Intended status: Experimental 8 Expires: June 18, 2009 10 Internationalized Delivery Status and Disposition Notifications 11 draft-melnikov-eai-rfc5337bis-00.txt 13 Status of this Memo 15 By submitting this Internet-Draft, each author represents that any 16 applicable patent or other IPR claims of which he or she is aware 17 have been or will be disclosed, and any of which he or she becomes 18 aware will be disclosed, in accordance with Section 6 of BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that 22 other groups may also distribute working documents as Internet- 23 Drafts. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 The list of current Internet-Drafts can be accessed at 31 http://www.ietf.org/ietf/1id-abstracts.txt. 33 The list of Internet-Draft Shadow Directories can be accessed at 34 http://www.ietf.org/shadow.html. 36 This Internet-Draft will expire on June 18, 2009. 38 Abstract 40 Delivery status notifications (DSNs) are critical to the correct 41 operation of an email system. However, the existing Draft Standards 42 (RFC 3461, RFC 3462, RFC 3464) are presently limited to US-ASCII text 43 in the machine-readable portions of the protocol. This specification 44 adds a new address type for international email addresses so an 45 original recipient address with non-US-ASCII characters can be 46 correctly preserved even after downgrading. This also provides 47 updated content return media types for delivery status notifications 48 and message disposition notifications to support use of the new 49 address type. 51 This document experimentally extends RFC 3461, RFC 3464, and RFC 52 3798. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 2. Conventions Used in This Document . . . . . . . . . . . . . . 3 58 3. UTF-8 Address Type . . . . . . . . . . . . . . . . . . . . . . 3 59 4. UTF-8 Delivery Status Notifications . . . . . . . . . . . . . 6 60 4.1. Additional Requirements on SMTP Servers . . . . . . . . . 8 61 5. UTF-8 Message Disposition Notifications . . . . . . . . . . . 8 62 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 63 6.1. UTF-8 Mail Address Type Registration . . . . . . . . . . . 10 64 6.2. Update to 'smtp' Diagnostic Type Registration . . . . . . 11 65 6.3. message/global-headers . . . . . . . . . . . . . . . . . . 11 66 6.4. message/global-delivery-status . . . . . . . . . . . . . . 12 67 6.5. message/global-disposition-notification . . . . . . . . . 13 68 7. Security Considerations . . . . . . . . . . . . . . . . . . . 14 69 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15 70 8.1. Normative References . . . . . . . . . . . . . . . . . . . 15 71 8.2. Informative References . . . . . . . . . . . . . . . . . . 16 72 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 17 73 Appendix B. Changes from RFC 5337 . . . . . . . . . . . . . . . . 17 74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 17 75 Intellectual Property and Copyright Statements . . . . . . . . . . 18 77 1. Introduction 79 When an email message is transmitted using the UTF8SMTP 80 [I-D.ietf-eai-smtpext] extension and Internationalized Email Headers 81 [I-D.ietf-eai-utf8headers], it is sometimes necessary to return that 82 message or generate a Message Disposition Notification (MDN) 83 [RFC3798]. As a message sent to multiple recipients can generate a 84 status and disposition notification for each recipient, it is helpful 85 if a client can correlate these notifications based on the recipient 86 address it provided; thus, preservation of the original recipient is 87 important. This specification describes how to preserve the original 88 recipient and updates the MDN and DSN formats to support the new 89 address types. 91 2. Conventions Used in This Document 93 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 94 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 95 document are to be interpreted as described in [RFC2119]. 97 The formal syntax use the Augmented Backus-Naur Form (ABNF) [RFC5234] 98 notation including the core rules defined in Appendix B of RFC 5234 99 [RFC5234] and the UTF-8 syntax rules in Section 4 of [RFC3629]. 101 3. UTF-8 Address Type 103 An Extensible Message Format for Delivery Status Notifications 104 [RFC3464] defines the concept of an address type. The address format 105 introduced in Internationalized Email Headers 106 [I-D.ietf-eai-utf8headers] is a new address type. The syntax for the 107 new address type in the context of status notifications is specified 108 at the end of this section. 110 An SMTP [RFC5321] server that advertises both the UTF8SMTP extension 111 [I-D.ietf-eai-smtpext] and the DSN extension [RFC3461] MUST accept a 112 UTF-8 address type in the ORCPT parameter including 8-bit UTF-8 113 characters. This address type also includes a 7-bit encoding 114 suitable for use in a message/delivery-status body part or an ORCPT 115 parameter sent to an SMTP server that does not advertise UTF8SMTP. 117 This address type has 3 forms: utf-8-addr-xtext, utf-8-addr-unitext, 118 and utf-8-address. Only the first form is 7-bit safe. 120 The utf-8-address form is only suitable for use in newly defined 121 protocols capable of native representation of 8-bit characters. That 122 is, the utf-8-address form MUST NOT be used in the ORCPT parameter 123 when the SMTP server doesn't advertise support for UTF8SMTP, or the 124 SMTP server supports UTF8SMTP, but the address contains US-ASCII 125 characters not permitted in the ORCPT parameter (e.g., the ORCPT 126 parameter forbids unencoded SP and the = character), or in a 7-bit 127 transport environment including a message/delivery-status Original- 128 Recipient or Final-Recipient field. In the first and the third case 129 the utf-8-addr-xtext form (see below) MUST be used instead; in the 130 second case the utf-8-addr-unitext (or the utf-8-addr-xtext) form 131 MUST be used. The utf-8-address form MAY be used in the ORCPT 132 parameter when the SMTP server also advertises support for UTF8SMTP 133 and the address doesn't contain any US-ASCII characters not permitted 134 in the ORCPT parameter. It SHOULD be used in a message/ 135 global-delivery-status Original-Recipient or Final-Recipient DSN 136 field, or in an Original-Recipient header field [RFC3798] if the 137 message is a UTF8SMTP message. 139 In addition, the utf-8-addr-unitext form can be used anywhere where 140 the utf-8-address form is allowed. 142 When using in the ORCPT parameter, the UTF-8 address type requires 143 that US-ASCII CTLs, SP, \, +, and = be encoded using 'unitext' 144 encoding (see below). This is described by the utf-8-addr-xtext and 145 utf-8-addr-unitext forms in the ABNF below. The 'unitext' encoding 146 uses "\x{HEXPOINT}" syntax (EmbeddedUnicodeChar in the ABNF below) 147 for encoding any Unicode character outside of US-ASCII range, as well 148 as for encoding CTLs, SP, \, +, and =. HEXPOINT is 2 to 6 149 hexadecimal digits. This encoding avoids the need to use the xtext 150 encoding described in [RFC3461], as any US-ASCII characters that 151 needs to be escaped using xtext encoding never appear in any unitext 152 encoded string. When sending data to a UTF8SMTP capable server, 153 native UTF-8 characters SHOULD be used instead of the 154 EmbeddedUnicodeChar syntax described in details below. When sending 155 data to an SMTP server which does not advertise UTF8SMTP, then the 156 EmbeddedUnicodeChar syntax MUST be used instead of UTF-8. 158 When the ORCPT parameter is placed in a message/ 159 global-delivery-status Original-Recipient field, the utf-8-addr-xtext 160 form of the UTF-8 address type SHOULD be converted to the 'utf-8- 161 address' form (see the ABNF below) by removing the 'unitext' 162 encoding. However, if an address is labeled with the UTF-8 address 163 type but does not conform to utf-8 syntax, then it MUST be copied 164 into the message/global-delivery-status field without alteration. 166 The ability to encode characters with the EmbeddedUnicodeChar 167 encodings should be viewed as a transitional mechanism. It is hoped 168 that as systems lacking support for UTF8SMTP become less common over 169 time, these encodings can eventually be phased out. 171 In the ABNF below, all productions not defined in this document are 172 defined in Appendix B of [RFC5234], in Section 4 of [RFC3629], or in 173 [RFC3464]. 175 utf-8-type-addr = "utf-8;" utf-8-enc-addr 177 utf-8-address = uMailbox [ 1*WSP "<" Mailbox ">" ] 178 ; 'uMailbox' is defined in [I-D.ietf-eai-smtpext]. 179 ; 'Mailbox' is defined in [RFC5321]. 181 utf-8-enc-addr = utf-8-addr-xtext / 182 utf-8-addr-unitext / 183 utf-8-address 185 utf-8-addr-xtext = 1*(QCHAR / EmbeddedUnicodeChar) 186 ; 7bit form of utf-8-addr-unitext. 187 ; Safe for using in the ORCPT [RFC3461] 188 ; parameter even when UTF8SMTP SMTP 189 ; extension is not advertised. 191 utf-8-addr-unitext = 1*(QUCHAR / EmbeddedUnicodeChar) 192 ; MUST follow 'utf-8-address' ABNF when 193 ; dequoted. 194 ; Safe for using in the ORCPT [RFC3461] 195 ; parameter when UTF8SMTP SMTP extension 196 ; is also advertised. 198 QCHAR = %x21-2a / %x2c-3c / %x3e-5b / %x5d-7e 199 ; US-ASCII printable characters except 200 ; CTLs, SP, '\', '+', '='. 202 QUCHAR = QCHAR / UTF8-2 / UTF8-3 / UTF8-4 203 ; US-ASCII printable characters except 204 ; CTLs, SP, '\', '+' and '=', 205 ; plus other Unicode characters 206 ; encoded in UTF-8 208 EmbeddedUnicodeChar = %x5C.78 "{" HEXPOINT "}" 209 ; starts with "\x" 211 HEXPOINT = ( ( "0"/"1" ) %x31-39 ) / "10" / "20" / 212 "2B" / "3D" / "7F" / ;; all xtext-specials 213 "5C" / (HEXDIG8 HEXDIG) / ; 2 digit forms 214 ( NZHEXDIG 2(HEXDIG) ) / ; 3 digit forms 215 ( NZDHEXDIG 3(HEXDIG) ) / 216 ( "D" %x30-37 2(HEXDIG) ) / 217 ; 4 digit forms excluding surrogate 218 ( NZHEXDIG 4(HEXDIG) ) / ; 5 digit forms 219 ( "10" 4*HEXDIG ) ; 6 digit forms 220 ; represents either "\" or a Unicode code point outside the 221 ; US-ASCII repertoire 223 HEXDIG8 = %x38-39 / "A" / "B" / "C" / "D" / "E" / "F" 224 ; HEXDIG excluding 0-7 225 NZHEXDIG = %x31-39 / "A" / "B" / "C" / "D" / "E" / "F" 226 ; HEXDIG excluding "0" 227 NZDHEXDIG = %x31-39 / "A" / "B" / "C" / "E" / "F" 228 ; HEXDIG excluding "0" and "D" 230 4. UTF-8 Delivery Status Notifications 232 A traditional delivery status notification [RFC3464] comes in a 233 three-part multipart/report [RFC3462] container, where the first part 234 is human-readable text describing the error, the second part is a 235 7-bit-only message/delivery-status, and the optional third part is 236 used for content (message/rfc822) or header (text/rfc822-headers) 237 return. As the present DSN format does not permit returning of 238 undeliverable UTF8SMTP messages, three new media types are needed. 240 The first type, message/global-delivery-status, has the syntax of 241 message/delivery-status with three modifications. First, the charset 242 for message/global-delivery-status is UTF-8, and thus any field MAY 243 contain UTF-8 characters when appropriate (see the ABNF below). In 244 particular, the Diagnostic-Code field MAY contain UTF-8 as described 245 in UTF8SMTP [I-D.ietf-eai-smtpext]; the Diagnostic-Code field SHOULD 246 be in i-default language [DEFAULTLANG]. Second, systems generating a 247 message/global-delivery-status body part SHOULD use the utf-8-address 248 form of the UTF-8 address type for all addresses containing 249 characters outside the US-ASCII repertoire. These systems SHOULD up- 250 convert the utf-8-addr-xtext or the utf-8-addr-unitext form of a 251 UTF-8 address type in the ORCPT parameter to the utf-8-address form 252 of a UTF-8 address type in the Original-Recipient field. Third, a 253 new optional field called Localized-Diagnostic is added. Each 254 instance includes a language tag [LANGTAGS] and contains text in the 255 specified language. This is equivalent to the text part of the 256 Diagnostic-Code field. All instances of Localized-Diagnostic MUST 257 use different language tags. The ABNF for message/ 258 global-delivery-status is specified below. 260 In the ABNF below, all productions not defined in this document are 261 defined in Appendix B of [RFC5234], in Section 4 of [RFC3629], or in 262 [RFC3464]. 264 utf-8-delivery-status-content = per-message-fields 265 1*( CRLF utf-8-per-recipient-fields ) 267 ; "per-message-fields" remains unchanged from the definition 268 ; in RFC 3464, except for the "extension-field" 269 ; which is updated below. 271 utf-8-per-recipient-fields = 272 [ original-recipient-field CRLF ] 273 final-recipient-field CRLF 274 action-field CRLF 275 status-field CRLF 276 [ remote-mta-field CRLF ] 277 [ diagnostic-code-field CRLF 278 *(localized-diagnostic-text-field CRLF) ] 279 [ last-attempt-date-field CRLF ] 280 [ will-retry-until-field CRLF ] 281 *( extension-field CRLF ) 282 ; All fields except for "original-recipient-field", 283 ; "final-recipient-field", "diagnostic-code-field" 284 ; and "extension-field" remain unchanged from 285 ; the definition in RFC 3464. 287 generic-address =/ utf-8-enc-addr 288 ; Only allowed with the "utf-8" address-type. 289 ; 290 ; This indirectly updates "original-recipient-field" 291 ; and "final-recipient-field" 293 diagnostic-code-field = 294 "Diagnostic-Code" ":" diagnostic-type ";" *text-fixed 296 localized-diagnostic-text-field = 297 "Localized-Diagnostic" ":" Language-Tag ";" *utf8-text 298 ; "Language-Tag" is a language tag as defined in [LANGTAGS]. 300 extension-field =/ extension-field-name ":" *utf8-text 302 text-fixed = %d1-9 / ; Any US-ASCII character except for NUL, 303 %d11 / ; CR and LF 304 %d12 / 305 %d14-127 306 ; Same as from [RFC5322], but without . 307 ; If/when RFC 2822 is updated to disallow , 308 ; this should become just 309 ; Also, if/when RFC 2822 is updated to disallow control characters 310 ; this should become a reference to RFC 2822upd instead. 312 utf8-text = text-fixed / UTF8-non-ascii 314 UTF8-non-ascii = UTF8-2 / UTF8-3 / UTF8-4 315 The second type, used for returning the content, is message/global 316 which is similar to message/rfc822, except it contains a message with 317 UTF-8 headers. This media type is described in 318 [I-D.ietf-eai-utf8headers]. 320 The third type, used for returning the headers, is message/ 321 global-headers and contains only the UTF-8 header fields of a message 322 (all lines prior to the first blank line in a UTF8SMTP message). 323 Unlike message/global, this body part provides no difficulties for 324 the present infrastructure. 326 Note that as far as multipart/report [RFC3462] container is 327 concerned, message/global-delivery-status, message/global, and 328 message/global-headers MUST be treated as equivalent to message/ 329 delivery-status, message/rfc822, and text/rfc822-headers. That is, 330 implementations processing multipart/report MUST expect any 331 combinations of the 6 media types mentioned above inside a multipart/ 332 report media type. 334 All three new types will typically use the "8bit" Content-Transfer- 335 Encoding. (In the event all content is 7-bit, the equivalent 336 traditional types for delivery status notifications MAY be used. For 337 example, if information in message/global-delivery-status part can be 338 represented without any loss of information as message/ 339 delivery-status, then the message/delivery-status body part may be 340 used.) Note that [I-D.ietf-eai-utf8headers] relaxed restriction from 341 MIME [RFC2046] regarding use of Content-Transfer-Encoding in new 342 "message" subtypes. This specification explicitly allows use of 343 Content-Transfer-Encoding in message/global-headers and message/ 344 global-delivery-status. This is not believed to be problematic as 345 these new media types are intended primarily for use by newer systems 346 with full support for 8-bit MIME and UTF-8 headers. 348 4.1. Additional Requirements on SMTP Servers 350 If an SMTP server that advertises both UTF8SMTP and DSN needs to 351 return an undeliverable UTF8SMTP message, then it MUST NOT downgrade 352 [I-D.ietf-eai-downgrade] the UTF8SMTP message when generating the 353 corresponding multipart/report. If the return path SMTP server does 354 not support UTF8SMTP, then the undeliverable body part and headers 355 MUST be encoded using a 7-bit Content-Transfer-Encoding such as 356 "base64" or "quoted-printable" [RFC2045], as detailed in Section 4. 357 Otherwise, "8bit" Content-Transfer-Encoding can be used. 359 5. UTF-8 Message Disposition Notifications 361 Message Disposition Notifications [RFC3798] have a similar design and 362 structure to DSNs. As a result, they use the same basic return 363 format. When generating an MDN for a UTF-8 header message, the third 364 part of the multipart/report contains the returned content (message/ 365 global) or header (message/global-headers), same as for DSNs. The 366 second part of the multipart/report uses a new media type, message/ 367 global-disposition-notification, which has the syntax of message/ 368 disposition-notification with two modifications. First, the charset 369 for message/global-disposition-notification is UTF-8, and thus any 370 field MAY contain UTF-8 characters when appropriate (see the ABNF 371 below). (In particular, the failure-field, the error-field, and the 372 warning-field MAY contain UTF-8. These fields SHOULD be in i-default 373 language [DEFAULTLANG].) Second, systems generating a message/ 374 global-disposition-notification body part (typically a mail user 375 agent) SHOULD use the UTF-8 address type for all addresses containing 376 characters outside the US-ASCII repertoire. 378 The MDN specification also defines the Original-Recipient header 379 field, which is added with a copy of the contents of ORCPT at 380 delivery time. When generating an Original-Recipient header field, a 381 delivery agent writing a UTF-8 header message in native format SHOULD 382 convert the utf-8-addr-xtext or the utf-8-addr-unitext form of a 383 UTF-8 address type in the ORCPT parameter to the corresponding utf-8- 384 address form. 386 The MDN specification also defines the Disposition-Notification-To 387 header field, which is an address header field and thus follows the 388 same 8-bit rules as other address header fields such as "From" and 389 "To" when used in a UTF-8 header message. 391 ; ABNF for "original-recipient-header", "original-recipient-field", 392 ; and "final-recipient-field" from RFC 3798 is implicitly updated 393 ; as they use the updated "generic-address" as defined in 394 ; Section 4 of this document. 396 failure-field = "Failure" ":" *utf8-text 397 ; "utf8-text" is defined in Section 4 of this document. 399 error-field = "Error" ":" *utf8-text 400 ; "utf8-text" is defined in Section 4 of this document. 402 warning-field = "Warning" ":" *utf8-text 403 ; "utf8-text" is defined in Section 4 of this document. 405 6. IANA Considerations 407 This specification does not create any new IANA registries. However, 408 the following items are registered as a result of this document. 410 6.1. UTF-8 Mail Address Type Registration 412 The mail address type registry was created by RFC 3464. The 413 registration template response follows: 415 (a) The proposed address-type name. 417 UTF-8 419 (b) The syntax for mailbox addresses of this type, specified using 420 BNF, regular expressions, ASN.1, or other non-ambiguous language. 422 See Section 3. 424 (c) If addresses of this type are not composed entirely of graphic 425 characters from the US-ASCII repertoire, a specification for how they 426 are to be encoded as graphic US-ASCII characters in a DSN Original- 427 Recipient or Final-Recipient DSN field. 429 This address type has 3 forms (as defined in Section 3): utf-8-addr- 430 xtext, utf-8-addr-unitext and utf-8-address. Only the first form is 431 7-bit safe. 433 The utf-8-address form MUST NOT be used 435 1. in the ORCPT parameter when the SMTP server doesn't advertise 436 support for UTF8SMTP; 438 2. or the SMTP server supports UTF8SMTP, but the address contains 439 US-ASCII characters not permitted in the ORCPT parameter (e.g., 440 the ORCPT parameter forbids SP and the = characters); 442 3. or in a 7-bit transport environment including a message/ 443 delivery-status Original-Recipient or Final-Recipient field. 445 The utf-8-addr-xtext form MUST be used instead in the first and the 446 third case; the utf-8-addr-unitext form MUST be used in the second 447 case. The utf-8-address form MAY be used in the ORCPT parameter when 448 the SMTP server also advertises support for UTF8SMTP and the address 449 doesn't contain any US-ASCII characters not permitted in the ORCPT 450 parameter; in a message/global-delivery-status Original-Recipient or 451 Final-Recipient DSN field; or in an Original-Recipient header field 452 [RFC3798] if the message is a UTF8SMTP message. 454 In addition, the utf-8-addr-unitext form can be used anywhere where 455 the utf-8-address form is allowed. 457 6.2. Update to 'smtp' Diagnostic Type Registration 459 The mail diagnostic type registry was created by RFC 3464. The 460 registration for the 'smtp' diagnostic type should be updated to 461 reference RFC XXXX in addition to RFC 3464. 463 When the 'smtp' diagnostic type is used in the context of a message/ 464 delivery-status body part, it remains as presently defined. When the 465 'smtp' diagnostic type is used in the context of a message/ 466 global-delivery-status body part, the codes remain the same, but the 467 text portion MAY contain UTF-8 characters. 469 6.3. message/global-headers 471 Type name: message 473 Subtype name: global-headers 475 Required parameters: none 477 Optional parameters: none 479 Encoding considerations: This media type contains Internationalized 480 Email Headers [I-D.ietf-eai-utf8headers] with no message body. 481 Whenever possible, the 8-bit content transfer encoding SHOULD be 482 used. When this media type passes through a 7-bit-only SMTP 483 infrastructure it MAY be encoded with the base64 or quoted- 484 printable content transfer encoding. 486 Security considerations: See Section 7. 488 Interoperability considerations: It is important that this media 489 type is not converted to a charset other than UTF-8. As a result, 490 implementations MUST NOT include a charset parameter with this 491 media type. Although it might be possible to downconvert this 492 media type to the text/rfc822-header media type, such conversion 493 is discouraged as it loses information. 495 Published specification: RFC XXXX 497 Applications that use this media type: UTF8SMTP servers and email 498 clients that support multipart/report generation or parsing. 500 Additional information: 502 Magic number(s): none 504 File extension(s): In the event this is saved to a file, the 505 extension ".u8hdr" is suggested. 507 Macintosh file type code(s): The 'TEXT' type code is suggested as 508 files of this type are typically used for diagnostic purposes and 509 suitable for analysis in a UTF-8 aware text editor. A uniform 510 type identifier (UTI) of "public.utf8-email-message-header" is 511 suggested. This type conforms to "public.utf8-plain-text" and 512 "public.plain-text". 514 Person & email address to contact for further information: See the 515 Authors' Addresses section of this document. 517 Intended usage: COMMON 519 Restrictions on usage: This media type contains textual data in the 520 UTF-8 charset. It typically contains octets with the 8th bit set. 521 As a result, a transfer encoding is required when a 7-bit 522 transport is used. 524 Author: See the Authors' Addresses section of this document. 526 Change controller: IETF Standards Process 528 6.4. message/global-delivery-status 530 Type name: message 532 Subtype name: global-delivery-status 534 Required parameters: none 536 Optional parameters: none 538 Encoding considerations: This media type contains delivery status 539 notification attributes in the UTF-8 charset. The 8-bit content 540 transfer encoding MUST be used with this content-type, unless it 541 is sent over a 7-bit transport environment in which case quoted- 542 printable or base64 may be necessary. 544 Security considerations: See Section 7 545 Interoperability considerations: This media type provides 546 functionality similar to the message/delivery-status content-type 547 for email message return information. Clients of the previous 548 format will need to be upgraded to interpret the new format; 549 however, the new media type makes it simple to identify the 550 difference. 552 Published specification: RFC XXXX 554 Applications that use this media type: SMTP servers and email 555 clients that support delivery status notification generation or 556 parsing. 558 Additional information: 560 Magic number(s): none 562 File extension(s): The extension ".u8dsn" is suggested. 564 Macintosh file type code(s): A uniform type identifier (UTI) of 565 "public.utf8-email-message-delivery-status" is suggested. This 566 type conforms to "public.utf8-plain-text". 568 Person & email address to contact for further information: See the 569 Authors' Addresses section of this document. 571 Intended usage: COMMON 573 Restrictions on usage: This is expected to be the second part of a 574 multipart/report. 576 Author: See the Authors' Addresses section of this document. 578 Change controller: IETF Standards Process 580 6.5. message/global-disposition-notification 582 Type name: message 584 Subtype name: global-disposition-notification 586 Required parameters: none 588 Optional parameters: none 589 Encoding considerations: This media type contains disposition 590 notification attributes in the UTF-8 charset. The 8-bit content 591 transfer encoding MUST be used with this content-type, unless it 592 is sent over a 7-bit transport environment in which case quoted- 593 printable or base64 may be necessary. 595 Security considerations: See Section 7. 597 Interoperability considerations: This media type provides 598 functionality similar to the message/disposition-notification 599 content-type for email message disposition information. Clients 600 of the previous format will need to be upgraded to interpret the 601 new format; however, the new media type makes it simple to 602 identify the difference. 604 Published specification: RFC XXXX 606 Applications that use this media type: Email clients or servers that 607 support message disposition notification generation or parsing. 609 Additional information: 611 Magic number(s): none 613 File extension(s): The extension ".u8mdn" is suggested. 615 Macintosh file type code(s): A uniform type identifier (UTI) of 616 "public.utf8-email-message-disposition-notification" is suggested. 617 This type conforms to "public.utf8-plain-text". 619 Person & email address to contact for further information: See the 620 Authors' Addresses section of this document. 622 Intended usage: COMMON 624 Restrictions on usage: This is expected to be the second part of a 625 multipart/report. 627 Author: See the Authors' Addresses section of this document. 629 Change controller: IETF Standards Process 631 7. Security Considerations 633 Automated use of report types without authentication presents several 634 security issues. Forging negative reports presents the opportunity 635 for denial-of-service attacks when the reports are used for automated 636 maintenance of directories or mailing lists. Forging positive 637 reports may cause the sender to incorrectly believe a message was 638 delivered when it was not. 640 Malicious users can generate report structures designed to trigger 641 coding flaws in report parsers. Report parsers need to use secure 642 coding techniques to avoid the risk of buffer overflow or denial-of- 643 service attacks against parser coding mistakes. Code reviews of such 644 parsers are also recommended. 646 Malicious users of the email system regularly send messages with 647 forged envelope return paths, and these messages trigger delivery 648 status reports that result in a large amount of unwanted traffic on 649 the Internet. Many users choose to ignore delivery status 650 notifications because they are usually the result of "blowback" from 651 forged messages and thus never notice when messages they sent go 652 undelivered. As a result, support for correlation of delivery status 653 and message disposition notification messages with sent-messages has 654 become a critical feature of mail clients and possibly mail stores if 655 the email infrastructure is to remain reliable. In the short term, 656 simply correlating message-IDs may be sufficient to distinguish true 657 status notifications from those resulting from forged originator 658 addresses. But in the longer term, including cryptographic signature 659 material that can securely associate the status notification with the 660 original message is advisable. 662 As this specification permits UTF-8 in additional fields, the 663 security considerations of UTF-8 [RFC3629] apply. 665 8. References 667 8.1. Normative References 669 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 670 Requirement Levels", BCP 14, RFC 2119, March 1997. 672 [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 673 October 2008. 675 [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, 676 October 2008. 678 [RFC3461] Moore, K., "Simple Mail Transfer Protocol (SMTP) Service 679 Extension for Delivery Status Notifications (DSNs)", 680 RFC 3461, January 2003. 682 [RFC3462] Vaudreuil, G., "The Multipart/Report Content Type for the 683 Reporting of Mail System Administrative Messages", 684 RFC 3462, January 2003. 686 [RFC3464] Moore, K. and G. Vaudreuil, "An Extensible Message Format 687 for Delivery Status Notifications", RFC 3464, 688 January 2003. 690 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 691 10646", STD 63, RFC 3629, November 2003. 693 [RFC3798] Hansen, T. and G. Vaudreuil, "Message Disposition 694 Notification", RFC 3798, May 2004. 696 [RFC5234] Crocker, D. and P. Overell, "Augmented BNF for Syntax 697 Specifications: ABNF", STD 68, RFC 5234, January 2008. 699 [I-D.ietf-eai-utf8headers] 700 Yang, A., "Internationalized Email Headers", 701 draft-ietf-eai-utf8headers-08 (work in progress), 702 April 2007. 704 [I-D.ietf-eai-smtpext] 705 Yao, J. and W. Mao, "SMTP extension for internationalized 706 email address", draft-ietf-eai-smtpext-10 (work in 707 progress), November 2007. 709 [LANGTAGS] 710 Phillips, A. and M. Davis, "Tags for Identifying 711 Languages", RFC 4646, September 2006. 713 [DEFAULTLANG] 714 Alvestrand, H., "IETF Policy on Character Sets and 715 Languages", RFC 2277, January 1998. 717 8.2. Informative References 719 [RFC2045] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 720 Extensions (MIME) Part One: Format of Internet Message 721 Bodies", RFC 2045, November 1996. 723 [RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 724 Extensions (MIME) Part Two: Media Types", RFC 2046, 725 November 1996. 727 [I-D.ietf-eai-downgrade] 728 Yoneya, Y. and K. Fujiwara, "Downgrading mechanism for 729 Email Address Internationalization (EAI)", 730 draft-ietf-eai-downgrade-05 (work in progress), Mar 2007. 732 Appendix A. Acknowledgements 734 Many thanks for input provided by Pete Resnick, James Galvin, Ned 735 Freed, John Klensin, Harald Alvestrand, Frank Ellermann, SM, Alfred 736 Hoenes, Kazunori Fujiwara and members of the EAI WG to help solidify 737 this proposal. 739 Appendix B. Changes from RFC 5337 741 Applied errata suggested by Alfred Hoenes. 743 Fixed ABNF and description of utf-8-addr-xtext and utf-8-addr- 744 unitext. 746 Authors' Addresses 748 Chris Newman 749 Sun Microsystems 750 800 Royal Oaks 751 Monrovia, CA 91016-6347 752 US 754 Email: chris.newman@sun.com 756 Alexey Melnikov (editor) 757 Isode Ltd 758 5 Castle Business Village 759 36 Station Road 760 Hampton, Middlesex TW12 2BX 761 UK 763 Email: Alexey.Melnikov@isode.com 765 Full Copyright Statement 767 Copyright (C) The IETF Trust (2008). 769 This document is subject to the rights, licenses and restrictions 770 contained in BCP 78, and except as set forth therein, the authors 771 retain all their rights. 773 This document and the information contained herein are provided on an 774 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 775 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 776 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 777 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 778 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 779 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 781 Intellectual Property 783 The IETF takes no position regarding the validity or scope of any 784 Intellectual Property Rights or other rights that might be claimed to 785 pertain to the implementation or use of the technology described in 786 this document or the extent to which any license under such rights 787 might or might not be available; nor does it represent that it has 788 made any independent effort to identify any such rights. Information 789 on the procedures with respect to rights in RFC documents can be 790 found in BCP 78 and BCP 79. 792 Copies of IPR disclosures made to the IETF Secretariat and any 793 assurances of licenses to be made available, or the result of an 794 attempt made to obtain a general license or permission for the use of 795 such proprietary rights by implementers or users of this 796 specification can be obtained from the IETF on-line IPR repository at 797 http://www.ietf.org/ipr. 799 The IETF invites any interested party to bring to its attention any 800 copyrights, patents or patent applications, or other proprietary 801 rights that may cover technology that may be required to implement 802 this standard. Please address the information to the IETF at 803 ietf-ipr@ietf.org.