In
computing
Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes, and development of both hardware and software. Computing has scientific, ...
, Bounce Address Tag Validation (BATV) is a method, defined in an
Internet Draft
An Internet Draft (I-D) is a document published by the Internet Engineering Task Force (IETF) containing preliminary technical specifications, results of networking-related research, or other technical information. Often, Internet Drafts are int ...
, for determining whether the
bounce address specified in an
E-mail
Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic ( digital) version of, or counterpart to, mail, at a time when "mail" mean ...
message is valid. It is designed to reject
backscatter
In physics, backscatter (or backscattering) is the reflection of waves, particles, or signals back to the direction from which they came. It is usually a diffuse reflection due to scattering, as opposed to specular reflection as from a mirror, ...
, that is,
bounce message
A bounce message or just "bounce" is an automated message from an email system, informing the sender of a previous message that the message has not been delivered (or some other delivery problem occurred). The original message is said to have "boun ...
s to forged return addresses.
Overview
The basic idea is to send all e-mail with a return address that includes a timestamp and a cryptographic token that cannot be forged. Any e-mail that is returned as a bounce without a valid signature can then be rejected. E-mail that is being bounced back should have an empty (null) return address so that bounces are never created for a bounce and therefore preventing messages from bouncing back and forth forever.
BATV replaces an envelope sender like
[email protected] with
prvs=''tag-value''[email protected], where
prvs, called "Simple Private Signature", is just one of the possible tagging schemes; actually, the only one fully specified in the draft. The BATV draft gives a framework that other possible techniques can fit into. Other types of implementations, such as using public key signatures that can be verified by third parties, are mentioned but left undefined. The overall framework is vague/flexible enough that similar systems such as
Sender Rewriting Scheme can fit into this framework.
History
Sami Farin proposed an Anti-Bogus Bounce System in 2003 in
news.admin.net-abuse.email, which used the same basic idea of putting a hard to forge hash in a message's bounce address.
In late 2004, Goodman et al. proposed a much more complex "Signed Envelope Sender"
Microsoft Word - Working_SES_Format_Definition_16.doc
/ref> that included a hash of the message body and was intended to address a wide variety of forgery threats, including bounces from forged mail. Several months later, Levine and Crocker proposed BATV under its current name and close to its current form.
Problems
The draft anticipates some problems running BATV.
* Some mailing lists managers (e.g. ezmlm
ezmlm is mailing list management software (MLM) by Daniel J. Bernstein. It is similar to GNU Mailman and Majordomo but only works with the qmail mail transfer agent. It is released into the public domain. The latest version, 0.53, came out i ...
) still key on the bounce address, and will not recognize it after BATV mangling.
* Greylisting requires BATV implementations to keep the same tag across retransmissions for a reasonable time. This may also cause each e-mail to be delayed unless the greylisting system ignores the tag, or whitelists sending hosts that successfully retry.
* Challenge-response spam filtering and systems that sort mail based on the bounce address (e.g. for removing duplicates) may work less smoothly with BATV-tagged addresses.
There are also problems that prevent BATV systems from eliminating all backscatter.
* Some legitimate e-mail gets sent with empty return address that is not a bounce and therefore will not have the special tokens. For example, the Delivery Status Notification
A bounce message or just "bounce" is an automated message from an email system, informing the sender of a previous message that the message has not been delivered (or some other delivery problem occurred). The original message is said to have "boun ...
extension defined in requires a null return path when sending email with a "NOTIFY=NEVER" option to a non-conforming server.
* Some e-mail bounces (incorrectly) get sent not to the return address, but to the e-mail address on the From: header.
* Some mail systems that implement Callback verification use "postmaster" instead of the null return address.
See also
* Sender Policy Framework
Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF alone, though, is limited to detecting a forged sender claim in the envelope of the email, which i ...
(SPF)
* Sender Rewriting Scheme (SRS)
* Simple Mail Transfer Protocol
The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typic ...
(SMTP)
* Variable envelope return path (VERP)
References
External links
BATV draft
BATV web page
Greylisting and BATV
{{Webarchive, url=https://web.archive.org/web/20100323014624/http://www.gossamer-threads.com/lists/qmail/users/136776 , date=2010-03-23 Implementation of BATV (with a BATV tester) for qmail
qmail is a mail transfer agent (MTA) that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program. Originally license-free software, qmail's source code ...
/ netqmail
Email authentication