Bounce Address Tag Validation
Encyclopedia
In computing
, Bounce Address Tag Validation (BATV) is a method, defined in an Internet Draft
, for determining whether the bounce address
specified in an E-mail
message is valid. It is designed to reject backscatter
, that is, bounce message
s to forged return addresses.
BATV replaces an envelope sender like
can fit into this framework.
, which used the same basic idea of putting a hard to forge hash in a message's bounce address.
In late 2004, Goodman et al. proposed a much more complex "Signed Envelope Sender" that included a hash of the message body and was intended to address a wide variety of forgery threats, including bounces from forged mail. Several months later, Levine and Crocker proposed BATV under its current name and close to its current form.
There are also problems that prevent BATV systems from eliminating all backscatter.
Computing
Computing is usually defined as the activity of using and improving computer hardware and software. It is the computer-specific part of information technology...
, Bounce Address Tag Validation (BATV) is a method, defined in an Internet Draft
Internet Draft
Internet Drafts is a series of working documents published by the IETF. Typically, they are drafts for RFCs, but may be other works in progress not intended for publication as RFCs. It is considered inappropriate to rely on Internet Drafts for reference purposes...
, for determining whether the bounce address
Bounce address
A bounce address is an e-mail address to which bounce messages are delivered. There are many variants of the name, none of them used universally, including return path, reverse path, envelope from, envelope sender, MAIL FROM, 5321-FROM, return address, From_, Errors-to, etc...
specified in an E-mail
E-mail
Electronic mail, commonly known as email or e-mail, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks. Some early email systems required that the author and the recipient both be online at the...
message is valid. It is designed to reject backscatter
Backscatter (e-mail)
Backscatter is incorrect automated bounce messages sent by mail servers, typically as a side effect of incoming spam....
, that is, bounce message
Bounce message
In the Internet's standard e-mail protocol SMTP, a bounce message, also called a Non-Delivery Report/Receipt , a Delivery Status Notification message, a Non-Delivery Notification or simply a bounce, is an automated electronic mail message from a mail system informing the sender of another...
s to forged return addresses.
Overview
The basic idea is to send all e-mail with a return address that includes a timestamp and a cryptographic token that cannot be forged. Any e-mail that is returned as a bounce without a valid signature can then be rejected. E-mail that is being bounced back should have an empty (null) return address so that bounces are never created for a bounce and therefore you can't get messages bouncing back and forth forever.BATV replaces an envelope sender like
mailbox@example.com with prvs=tag-value=mailbox@example.com, where prvs, called "Simple Private Signature", is just one of the possible tagging schemes; actually, the only one fully specified in the draft. The BATV draft gives a framework that other possible techniques can fit into. Other types of implementations, such as using public key signatures that can be verified by third parties, are mentioned but left undefined. The overall framework is vague/flexible enough that similar systems such as Sender Rewriting SchemeSender Rewriting Scheme
Sender Rewriting Scheme is a technique to re-mail an email message so that eventual Delivery Status Notifications can reach the original message sender...
can fit into this framework.
History
Dan Oetting proposed an Anti-Bogus Bounce System in 2003 in news.admin.net-abuse.emailNews.admin.net-abuse.email
news.admin.net-abuse.email is a Usenet newsgroup devoted to discussion of the abuse of email systems, specifically through spam and similar attacks...
, which used the same basic idea of putting a hard to forge hash in a message's bounce address.
In late 2004, Goodman et al. proposed a much more complex "Signed Envelope Sender" that included a hash of the message body and was intended to address a wide variety of forgery threats, including bounces from forged mail. Several months later, Levine and Crocker proposed BATV under its current name and close to its current form.
Problems
The draft anticipates some problems running BATV.- Some mailing lists managers (e.g. ezmlmEzmlmezmlm is a software package for managing electronic mailing lists by Daniel J. Bernstein. It is similar to GNU Mailman and Majordomo but only works with the qmail mail transfer agent. It is released into the public domain....
) still key on the bounce address, and will not recognize it after BATV mangling. - GreylistingGreylistingGreylisting is a method of defending e-mail users against spam. A mail transfer agent using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate the originating server will, after a delay, try again and, if sufficient time has elapsed, the...
requires BATV implementations to keep the same tag across retransmissions for a reasonable time. This may also cause each e-mail to be delayed unless the greylisting system ignores the tag, or whitelists sending hosts that successfully retry. - Challenge-response spam filteringChallenge-response spam filteringA challengeāresponse system is a type of spam filter that automatically sends a reply with a challenge to the sender of an incoming e-mail. In this reply, the sender is asked to perform some action to assure delivery of the original message, which would otherwise not be delivered...
and systems that sort mail based on the bounce address (e.g. for removing duplicates) may work less smoothly with BATV-tagged addresses.
There are also problems that prevent BATV systems from eliminating all backscatter.
- Some legitimate e-mail gets sent with empty return address that is not a bounce and therefore will not have the special tokens. For example, the Delivery Status NotificationBounce messageIn the Internet's standard e-mail protocol SMTP, a bounce message, also called a Non-Delivery Report/Receipt , a Delivery Status Notification message, a Non-Delivery Notification or simply a bounce, is an automated electronic mail message from a mail system informing the sender of another...
extension defined in RFC 3461 requires a null return path when sending email with a "NOTIFY=NEVER" option to a non-conforming server. - Some e-mail bounces (incorrectly) get sent not to the return address, but to the e-mail address on the From: header.
- Some mail systems that implement Callback verificationCallback verificationCallback verification, also known as callout verification or Sender Address Verification, is a technique used by SMTP software in order to validate e-mail addresses. The most common target of verification is the sender address from the message envelope...
use "postmaster" instead of the null return address.
See also
- Sender Policy FrameworkSender Policy FrameworkSender Policy Framework is an email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP addresses. SPF allows administrators to specify which hosts are allowed to send mail from a given domain by creating a specific SPF...
(SPF) - Sender Rewriting SchemeSender Rewriting SchemeSender Rewriting Scheme is a technique to re-mail an email message so that eventual Delivery Status Notifications can reach the original message sender...
(SRS) - Simple Mail Transfer ProtocolSimple Mail Transfer ProtocolSimple Mail Transfer Protocol is an Internet standard for electronic mail transmission across Internet Protocol networks. SMTP was first defined by RFC 821 , and last updated by RFC 5321 which includes the extended SMTP additions, and is the protocol in widespread use today...
(SMTP) - Variable envelope return pathVariable envelope return pathVariable envelope return path is a technique used by some electronic mailing list software to enable automatic detection and removal of undeliverable e-mail addresses...
(VERP)
External links
- BATV draft
- BATV web page
- E-mail Bouncebacks? You've Been Backscattered. mentions BATV as a way to reduce the problem.
- Greylisting & BATV Implemention of BATV (with a BATV tester) for qmailQmailqmail is a mail transfer agent that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program...
/ netqmail