Re: [exim-dev] Exim's bounces, vs RFC3462

Top Page
Delete this message
Reply to this message
Author: der Mouse
Date:  
To: Philip Hazel, exim-dev
CC: 
Subject: Re: [exim-dev] Exim's bounces, vs RFC3462
>> The story, in brief: I ran into a German site that (a) did
>> accept-and-bounce, (b) didn't do 3462, and (c) rejected my reply to
>> the bounce (ie, mail to the From: address on the bounce) with a
>> message telling me my(!) software was broken.
> Was that an *automatic* reply to the bounce?


My message? No. Well, automatic in the sense of "habitual", maybe;
when I get a bounce that both is in response to a message I didn't send
and makes it to my mailbox, either (a) it's not a 3462 bounce, (b) my
code is broken, or (c) it's one of the rare messages that produces a
false positive from my "did I send this?" test. Case (a) is by far the
commonest, and when I get them I (manually, but almost reflexively)
send a response saying, basically, "please either stop doing
accept-and-bounce or start doing RFC3462 bounces so I can mechanically
identify and process them". (Sites that persist, I block completely.)

> If not, then the German site is not exactly well-managed...


Well, yes. That's why I blocked it.

>> Of course, even if you were to completely agree with me and rush to
>> implement RFC3462 bounces, [...]
> Given [...], I'm afraid that I cannot conclude that there is any
> hurry. :-)


Right. You will note I used the subjunctive. :-)

I was hardly expecting you people to drop everything and rush to
implement multipart/report bounces. And I'm not really surprised to
hear it's already on your wishlist; I was wrote more on the chance that
one more voice might push someone over into actually doing it.

> It would be interesting to know exactly which MTAs support 3462 and
> which do not. I suspect Exim is not alone.


I'm certain it's not alone. Even sendmail, which I use and which does
generate 3462 bounces, can be configured not to.

Not that its being alone or not matters much to me. Widespread bad
behaviour is no less bad behaviour for being widespread. (I hope we
can agree on that much, even though we may differ on exactly what
constitutes bad behaviour!)

Actually, the worst single offender, in terms of volume aimed at me,
qmail, fortunately (from my perspective) also ignores 2822 3.6.4's
dictum that every message SHOULD have a Message-ID:. I call this
fortunate because it means most qmail bounces get refused at the door
and never make it through to my mailbox despite the bounce-of-forgery
code's inability to pick out the bounced message. (I say "most"
because a few qmail sites have configured things so their bounces do
have message-IDs; also, a few get handled by MTAs which add
Message-ID:s to messages they're just passing on.)

/~\ The ASCII                der Mouse
\ / Ribbon Campaign
 X  Against HTML           mouse@???
/ \ Email!         7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B