Internet DRAFT - draft-ietf-appsawg-mdn-3798bis

draft-ietf-appsawg-mdn-3798bis







Network Working Group                                     T. Hansen, Ed.
Internet-Draft                                         AT&T Laboratories
Obsoletes: 3798 (if approved)                           A. Melnikov, Ed.
Updates: 2046, 3461 (if approved)                              Isode Ltd
Intended status: Standards Track                        December 1, 2016
Expires: June 4, 2017


                    Message Disposition Notification
                 draft-ietf-appsawg-mdn-3798bis-16.txt

Abstract

   This memo defines a MIME content-type that may be used by a mail user
   agent (MUA) or electronic mail gateway to report the disposition of a
   message after it has been successfully delivered to a recipient.
   This content-type is intended to be machine-processable.  Additional
   message header fields are also defined to permit Message Disposition
   Notifications (MDNs) to be requested by the sender of a message.  The
   purpose is to extend Internet Mail to support functionality often
   found in other messaging systems, such as X.400 and the proprietary
   "LAN-based" systems, and often referred to as "read receipts,"
   "acknowledgements", or "receipt notifications."  The intention is to
   do this while respecting privacy concerns, which have often been
   expressed when such functions have been discussed in the past.

   Because many messages are sent between the Internet and other
   messaging systems (such as X.400 or the proprietary "LAN-based"
   systems), the MDN protocol is designed to be useful in a multi-
   protocol messaging environment.  To this end, the protocol described
   in this memo provides for the carriage of "foreign" addresses, in
   addition to those normally used in Internet Mail.  Additional
   attributes may also be defined to support "tunneling" of foreign
   notifications through Internet Mail.

   This document obsoletes RFC 3798, moving it to Internet Standard.  It
   also updates RFC 2046 (message/partial Media Type handling) and RFC
   3461 (Original-Recipient header field generation requirement).

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.



Hansen & Melnikov         Expires June 4, 2017                  [Page 1]

Internet-Draft                     MDN                     December 2016


   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on June 4, 2017.

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Purposes  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.2.  Requirements  . . . . . . . . . . . . . . . . . . . . . .   4
     1.3.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   4
   2.  Requesting Message Disposition Notifications  . . . . . . . .   5
     2.1.  The Disposition-Notification-To Header  . . . . . . . . .   5
     2.2.  The Disposition-Notification-Options Header . . . . . . .   7
     2.3.  The Original-Recipient Header Field . . . . . . . . . . .   8
     2.4.  Use with the Message/Partial Media Type . . . . . . . . .   9
   3.  Format of a Message Disposition Notification  . . . . . . . .  10
     3.1.  The message/disposition-notification Media Type . . . . .  11
     3.2.  Message/disposition-notification Content Fields . . . . .  14
     3.3.  Extension-fields  . . . . . . . . . . . . . . . . . . . .  21
   4.  Timeline of events  . . . . . . . . . . . . . . . . . . . . .  21
   5.  Conformance and Usage Requirements  . . . . . . . . . . . . .  22
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  23
     6.1.  Forgery . . . . . . . . . . . . . . . . . . . . . . . . .  23
     6.2.  Privacy . . . . . . . . . . . . . . . . . . . . . . . . .  24
       6.2.1.  Disclosure of Product Information . . . . . . . . . .  25
       6.2.2.  MUA Fingerprinting  . . . . . . . . . . . . . . . . .  25
     6.3.  Non-Repudiation . . . . . . . . . . . . . . . . . . . . .  25
     6.4.  Mail Bombing  . . . . . . . . . . . . . . . . . . . . . .  25
   7.  Collected ABNF Grammar  . . . . . . . . . . . . . . . . . . .  26
   8.  Guidelines for Gatewaying MDNs  . . . . . . . . . . . . . . .  28



Hansen & Melnikov         Expires June 4, 2017                  [Page 2]

Internet-Draft                     MDN                     December 2016


     8.1.  Gatewaying from other mail systems to MDNs  . . . . . . .  28
     8.2.  Gatewaying from MDNs to other mail systems  . . . . . . .  29
     8.3.  Gatewaying of MDN-requests to other mail systems  . . . .  29
   9.  Example . . . . . . . . . . . . . . . . . . . . . . . . . . .  30
   10. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  31
     10.1.  Disposition-Notification-Options header field
            disposition-notification-parameter names . . . . . . . .  32
     10.2.  Disposition modifier names . . . . . . . . . . . . . . .  33
     10.3.  MDN extension field names  . . . . . . . . . . . . . . .  33
   11. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  33
   12. References  . . . . . . . . . . . . . . . . . . . . . . . . .  34
     12.1.  Normative References . . . . . . . . . . . . . . . . . .  34
     12.2.  Informative References . . . . . . . . . . . . . . . . .  35
   Appendix A.  Changes from RFC 3798  . . . . . . . . . . . . . . .  36
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  37

1.  Introduction

   This memo defines a media type [RFC2046] for message disposition
   notifications (MDNs).  An MDN can be used to notify the sender of a
   message of any of several conditions that may occur after successful
   delivery, such as display of the message contents, printing of the
   message, deletion (without display) of the message, or the
   recipient's refusal to provide MDNs.  The "message/disposition-
   notification" content-type defined herein is intended for use within
   the framework of the "multipart/report" content type defined in RFC-
   REPORT [RFC6522].

   This memo defines the format of the notifications and the RFC-MSGFMT
   [RFC5322] header fields used to request them.

   This memo is an update to RFC 3798 and is intended to be published at
   Internet Standard Level.

1.1.  Purposes

   The MDNs defined in this memo are expected to serve several purposes:


   a.  Inform human beings of the disposition of messages after
       successful delivery, in a manner that is largely independent of
       human language;


   b.  Allow mail user agents to keep track of the disposition of
       messages sent, by associating returned MDNs with earlier message
       transmissions;




Hansen & Melnikov         Expires June 4, 2017                  [Page 3]

Internet-Draft                     MDN                     December 2016


   c.  Convey disposition notification requests and disposition
       notifications between Internet Mail and "foreign" mail systems
       via a gateway;


   d.  Allow "foreign" notifications to be tunneled through a MIME-
       capable message system and back into the original messaging
       system that issued the original notification, or even to a third
       messaging system;


   e.  Allow language-independent, yet reasonably precise, indications
       of the disposition of a message to be delivered.

1.2.  Requirements

   These purposes place the following constraints on the notification
   protocol:


   a.  It must be readable by humans, and must be machine-parsable.


   b.  It must provide enough information to allow message senders (or
       their user agents) to unambiguously associate an MDN with the
       message that was sent and the original recipient address for
       which the MDN was issued (if such information is available), even
       if the message was forwarded to another recipient address.


   c.  It must also be able to describe the disposition of a message
       independent of any particular human language or of the
       terminology of any particular mail system.


   d.  The specification must be extensible in order to accommodate
       future requirements.

1.3.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-KEYWORDS
   [RFC2119].

   All syntax descriptions use the ABNF specified by RFC-MSGFMT
   [RFC5322], in which the lexical tokens (used below) are defined:
   "CRLF", "FWS", "CFWS", "field-name", "mailbox-list", "msg-id", and



Hansen & Melnikov         Expires June 4, 2017                  [Page 4]

Internet-Draft                     MDN                     December 2016


   "text".  The following lexical tokens are defined in RFC-SMTP
   [RFC5321]: "atom".

2.  Requesting Message Disposition Notifications

   Message disposition notifications are requested by including a
   Disposition-Notification-To header field in the message containing
   one or more addresses specifying where dispositions should be sent.
   Further information to be used by the recipient's Mail User Agent
   (MUA) [RFC5598] in generating the MDN may be provided by also
   including Original-Recipient and/or Disposition-Notification-Options
   header fields in the message.

2.1.  The Disposition-Notification-To Header

   A request for the receiving user agent to issue message disposition
   notifications is made by placing a Disposition-Notification-To header
   field into the message.  The syntax of the header field is

mdn-request-header = "Disposition-Notification-To" ":" mailbox-list CRLF

   A Disposition-Notification-To header field can appear at most once in
   a message.

   The presence of a Disposition-Notification-To header field in a
   message is merely a request for an MDN.  The recipients' user agents
   are always free to silently ignore such a request.

   An MDN MUST NOT itself have a Disposition-Notification-To header
   field.  An MDN MUST NOT be generated in response to an MDN.

   A user agent MUST NOT issue more than one MDN on behalf of each
   particular recipient.  That is, once an MDN has been issued on behalf
   of a recipient, no further MDNs may be issued on behalf of that
   recipient by the same user agent, even if another disposition is
   performed on the message.  However, if a message is forwarded, an MDN
   may have been issued for the recipient doing the forwarding and the
   recipient of the forwarded message may also cause an MDN to be
   generated.

   It is also possible that if the same message is being accessed by
   multiple user agents (for example using POP3), then multiple
   dispositions might be generated for the same recipient.  User agents
   SHOULD leverage support in the underlying message access protocol to
   prevent multiple MDNs from being generated.  In particular, when the
   user agent is accessing the message using RFC-IMAP [RFC3501], it
   SHOULD implement the procedures specified in RFC-IMAP-MDN [RFC3503].




Hansen & Melnikov         Expires June 4, 2017                  [Page 5]

Internet-Draft                     MDN                     December 2016


   While Internet standards normally do not specify the behavior of user
   interfaces, it is strongly recommended that the user agent obtain the
   user's consent before sending an MDN.  This consent could be obtained
   for each message through some sort of prompt or dialog box, or
   globally through the user's setting of a preference.  The user might
   also indicate globally that MDNs are to never be sent.  The purpose
   of obtaining user's consent is to protect user's privacy.  The
   default value should be not to send MDNs.

   MDNs MUST NOT be sent automatically if the address in the
   Disposition-Notification-To header field differs from the address in
   the Return-Path header field (see RFC-MSGFMT [RFC5322]).  In this
   case, confirmation from the user MUST be obtained, if possible.  If
   obtaining consent is not possible (e.g., because the user is not
   online at the time or the client is not an interactive email client),
   then an MDN MUST NOT be sent.

   Confirmation from the user MUST be obtained (or no MDN sent) if there
   is no Return-Path header field in the message, or if there is more
   than one distinct address in the Disposition-Notification-To header
   field.

   The comparison of the addresses is done using only the addr-spec
   (local-part "@" domain) portion, excluding any angle brackets, phrase
   and route.  As prescribed by RFC 5322, the comparison is case-
   sensitive for the local-part and case-insensitive for the domain
   part.  The local-part comparison SHOULD be done after performing
   local-part canonicalization (i.e. after removing the surrounding
   double-quote characters, if any, as well as any escaping "\"
   characters.  (See RFC-MSGFMT [RFC5322] for more details.)
   Implementations MAY treat known domain aliases as equivalent for the
   purpose of comparison.

   Note that use of subaddressing (see [RFC5233]) can result in a
   failure to match two local-parts and thus result in possible
   suppression of the MDN.  This document doesn't recommend special
   handling for this case, as the receiving MUA can't reliably know
   whether or not the sender is using subaddressing.

   If the message contains more than one Return-Path header field, the
   implementation may pick one to use for the comparison, or treat the
   situation as a failure of the comparison.

   The reason for not automatically sending an MDN if the comparison
   fails or more than one address is specified is to reduce the
   possibility of mail loops and of MDNs being used for mail bombing.





Hansen & Melnikov         Expires June 4, 2017                  [Page 6]

Internet-Draft                     MDN                     December 2016


   It's especially important that a message that contains a Disposition-
   Notification-To header field also contain a Message-ID header field,
   to permit user agents to automatically correlate MDNs with their
   original messages.

   If the request for message disposition notifications for some
   recipients and not others is desired, two copies of the message
   should be sent, one with a Disposition-Notification-To header field
   and one without.  Many of the other header fields of the message
   (e.g., To, Cc) will be the same in both copies.  The recipients in
   the respective message envelopes determine from whom message
   disposition notifications are requested and from whom they are not.
   If desired, the Message-ID header field may be the same in both
   copies of the message.  Note that there are other situations (e.g.,
   Bcc) in which it is necessary to send multiple copies of a message
   with slightly different header fields.  The combination of such
   situations and the need to request MDNs for a subset of all
   recipients may result in more than two copies of a message being
   sent, some with a Disposition-Notification-To header field and some
   without.

   If it is possible to determine that a recipient is a newsgroup, do
   not include a Disposition-Notification-To header field for that
   recipient.  Similarly, if an existing message is resent or gatewayed
   to a newsgroup, the agent doing resending/gatewaying SHOULD strip the
   Disposition-Notification-To header field.  See Section 5 for more
   discussion.  Clients that see an otherwise valid Disposition-
   Notification-To header field in a newsgroup message SHOULD NOT
   generate an MDN.

2.2.  The Disposition-Notification-Options Header

   Extensions to this specification may require that information be
   supplied to the recipient's MUA for additional control over how and
   what MDNs are generated.  The Disposition-Notification-Options header
   field provides an extensible mechanism for such information.  The
   syntax of this header field is as follows:














Hansen & Melnikov         Expires June 4, 2017                  [Page 7]

Internet-Draft                     MDN                     December 2016


Disposition-Notification-Options =
          "Disposition-Notification-Options" ":" [FWS]
                         disposition-notification-parameter-list CRLF

disposition-notification-parameter-list =
          disposition-notification-parameter
          *([FWS] ";" [FWS] disposition-notification-parameter)

disposition-notification-parameter = attribute [FWS] "="
          [FWS] importance [FWS] "," [FWS] value *([FWS] "," [FWS] value)

importance = "required" / "optional"

attribute = atom

value = word

   A Disposition-Notification-Options header field can appear at most
   once in a message.

   An importance of "required" indicates that interpretation of the
   disposition-notification-parameter is necessary for proper generation
   of an MDN in response to this request.  An importance of "optional"
   indicates that an MUA that does not understand the meaning of this
   disposition-notification-parameter MAY generate an MDN in response
   anyway, ignoring the value of the disposition-notification-parameter.

   No disposition-notification-parameter attribute names are defined in
   this specification.  Attribute names may be defined in the future by
   later revisions or extensions to this specification.  disposition-
   notification-parameter attribute names MUST be registered with the
   Internet Assigned Numbers Authority (IANA) using "Specification
   required" registration policy.  The "X-" prefix has historically been
   used to denote unregistered "experimental" protocol elements, that
   are assumed not to become common use.  Deployment experience of this
   and other protocols have shown that this assumption is often false.
   This document allows the use of the "X-" prefix primarily to allow
   the registration of attributes that are already in common use.  The
   prefix has no meaning for new attributes.  Its use in substantially
   new attributes may cause confusion and is therefore discouraged.
   (See Section 10 for a registration form.)

2.3.  The Original-Recipient Header Field

   Since electronic mail addresses may be rewritten while the message is
   in transit, it is useful for the original recipient address to be
   made available by the delivering Message Transfer Agent (MTA)
   [RFC5598].  The delivering MTA may be able to obtain this information



Hansen & Melnikov         Expires June 4, 2017                  [Page 8]

Internet-Draft                     MDN                     December 2016


   from the ORCPT parameter of the SMTP RCPT TO command, as defined in
   RFC-SMTP [RFC5321] and RFC-DSN-SMTP [RFC3461].

   RFC-DSN-SMTP [RFC3461] is amended as follows: If the ORCPT
   information is available, the delivering MTA SHOULD insert an
   Original-Recipient header field at the beginning of the message
   (along with the Return-Path header field).  The delivering MTA MAY
   delete any other Original-Recipient header fields that occur in the
   message.  The syntax of this header field is as follows:

original-recipient-header =
          "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS

OWS      = [CFWS]
           ; Optional whitespace.
           ; MDN generators SHOULD use "*WSP"
           ; (typically a single space or nothing.
           ; It SHOULD be nothing at the end of a field),
           ; unless an RFC 5322 "comment" is required.
           ;
           ; MDN parsers MUST parse it as "[CFWS]".

   The address-type and generic-address token are as specified in the
   description of the Original-Recipient field in Section 3.2.3.

   The purpose of carrying the original recipient information and
   returning it in the MDN is to permit automatic correlation of MDNs
   with the original message on a per-recipient basis.

2.4.  Use with the Message/Partial Media Type

   The use of the header fields Disposition-Notification-To,
   Disposition-Notification-Options, and Original-Recipient with the
   MIME message/partial content type (RFC-MIME-MEDIA [RFC2046]])
   requires further definition.

   When a message is segmented into two or more message/partial
   fragments, the three header fields mentioned in the above paragraph
   SHOULD be placed in the "inner" or "enclosed" message (using the
   terms of RFC-MIME-MEDIA [RFC2046]).  If these header fields are found
   in the header fields of any of the fragments, they are ignored.

   When the multiple message/partial fragments are reassembled, the
   following applies.  If these header fields occur along with the other
   header fields of a message/partial fragment message, they pertain to
   an MDN that will be generated for the fragment.  If these header
   fields occur in the header fields of the "inner" or "enclosed"
   message (using the terms of RFC-MIME-MEDIA [RFC2046]), they pertain



Hansen & Melnikov         Expires June 4, 2017                  [Page 9]

Internet-Draft                     MDN                     December 2016


   to an MDN that will be generated for the reassembled message.
   Section 5.2.2.1 of RFC-MIME-MEDIA [RFC2046]) is amended to specify
   that, in addition to the header fields specified there, the three
   header fields described in this specification are to be appended, in
   order, to the header fields of the reassembled message.  Any
   occurrences of the three header fields defined here in the header
   fields of the initial enclosing message MUST NOT be copied to the
   reassembled message.

3.  Format of a Message Disposition Notification

   A message disposition notification is a MIME message with a top-level
   content-type of multipart/report (defined in RFC-REPORT [RFC6522]).
   When multipart/report content is used to transmit an MDN:


   a.  The report-type parameter of the multipart/report content is
       "disposition-notification".


   b.  The first component of the multipart/report contains a human-
       readable explanation of the MDN, as described in RFC-REPORT
       [RFC6522].


   c.  The second component of the multipart/report is of content-type
       message/disposition-notification, described in Section 3.1 of
       this document.


   d.  If the original message or a portion of the message is to be
       returned to the sender, it appears as the third component of the
       multipart/report.  The decision of whether or not to return the
       message or part of the message is up to the MUA generating the
       MDN.  However, in the case of encrypted messages requesting MDNs,
       if the original message or a portion thereof is returned, it MUST
       be in its original encrypted form.

   NOTE: For message disposition notifications gatewayed from foreign
   systems, the header fields of the original message may not be
   available.  In this case, the third component of the MDN may be
   omitted, or it may contain "simulated" RFC-MSGFMT [RFC5322] header
   fields that contain equivalent information.  In particular, it is
   very desirable to preserve the subject and date fields from the
   original message.

   The MDN MUST be addressed (in both the message header field and the
   transport envelope) to the address(es) from the Disposition-



Hansen & Melnikov         Expires June 4, 2017                 [Page 10]

Internet-Draft                     MDN                     December 2016


   Notification-To header field from the original message for which the
   MDN is being generated.

   The From header field of the MDN MUST contain the address of the
   person for whom the message disposition notification is being issued.

   The envelope sender address (i.e., SMTP "MAIL FROM") of the MDN MUST
   be null (<>), specifying that no Delivery Status Notification
   messages nor other messages indicating successful or unsuccessful
   delivery are to be sent in response to an MDN.

   A message disposition notification MUST NOT itself request an MDN.
   That is, it MUST NOT contain a Disposition-Notification-To header
   field.

   The Message-ID header field (if present) for an MDN MUST be different
   from the Message-ID of the message for which the MDN is being issued.

   A particular MDN describes the disposition of exactly one message for
   exactly one recipient.  Multiple MDNs may be generated as a result of
   one message submission, one per recipient.  However, due to the
   circumstances described in Section 2.1, it's possible that some of
   the recipients for whom MDNs were requested will not generate MDNs.

3.1.  The message/disposition-notification Media Type

   The message/disposition-notification Media Type is defined as
   follows:


   Type name:          message


   Subtype name:       disposition-notification


   Required parameters:  none


   Optional parameters:  none


   Encoding considerations:  "7bit" encoding is sufficient and MUST be
                       used to maintain readability when viewed by non-
                       MIME mail readers.


   Security considerations:  discussed in Section 6 of [RFCXXXX].



Hansen & Melnikov         Expires June 4, 2017                 [Page 11]

Internet-Draft                     MDN                     December 2016


   Interoperability considerations:  none


   Published specification:  [RFCXXXX]


   Applications that use this media type:  Mail Transfer Agents and
                       email clients that support multipart/report
                       generation and/or parsing.


   Fragment identifier considerations:  N/A


   Additional information:

                          Deprecated alias names for this type: N/A

                          Magic number(s): none

                          File extension(s): .disposition-notification

                          Macintosh file type code(s): The 'TEXT' type
                          code is suggested as files of this type are
                          typically used for diagnostic purposes and
                          suitable for analysis in a text editor.  A
                          uniform type identifier (UTI) of "public.utf8-
                          email-message-header" is suggested.  This type
                          conforms to "public.plain-text".

   Person & email address to contact for further information:  ART Area
                       Mailing List <art@ietf.org>


   Intended usage:     COMMON


   Restrictions on usage:  This media type contains textual data in the
                       US-ASCII charset, which is always 7-bit.


   Author:             See the Authors' Addresses section of [RFCXXXX]


   Change controller:  IETF


   Provisional registration?  no



Hansen & Melnikov         Expires June 4, 2017                 [Page 12]

Internet-Draft                     MDN                     December 2016


   (While the 7bit restriction applies to the message/disposition-
   notification portion of the multipart/report content, it does not
   apply to the optional third portion of the multipart/report content.)

   The message/disposition-notification report type for use in the
   multipart/report is "disposition-notification".

   The body of a message/disposition-notification consists of one or
   more "fields" formatted according to the ABNF of RFC-MSGFMT [RFC5322]
   header "fields".  The syntax of the message/disposition-notification
   content is as follows:

   disposition-notification-content = [ reporting-ua-field CRLF ]
             [ mdn-gateway-field CRLF ]
             [ original-recipient-field CRLF ]
             final-recipient-field CRLF
             [ original-message-id-field CRLF ]
             disposition-field CRLF
             *( error-field CRLF )
             *( extension-field CRLF )

   extension-field = extension-field-name ":" *([FWS] text)

   extension-field-name = field-name

   Note that the order of the above fields is recommended, but not
   fixed.  Extension fields can appear anywhere.

3.1.1.  General conventions for fields

   Since these fields are defined according to the rules of RFC-MSGFMT
   [RFC5322], the same conventions for continuation lines and comments
   apply.  Notification fields may be continued onto multiple lines by
   beginning each additional line with a SPACE or HTAB.  Text that
   appears in parentheses is considered a comment and not part of the
   contents of that notification field.  Field names are case-
   insensitive, so the names of notification fields may be spelled in
   any combination of upper and lower case letters.  [RFC5322] comments
   in notification fields may use the "encoded-word" construct defined
   in RFC-MIME-HEADER [RFC2047].

3.1.2.  "*-type" subfields

   Several fields consist of a "-type" subfield, followed by a semi-
   colon, followed by "*text".
   For these fields, the keyword used in the address-type or MTA-type
   subfield indicates the expected format of the address or MTA-name
   that follows.



Hansen & Melnikov         Expires June 4, 2017                 [Page 13]

Internet-Draft                     MDN                     December 2016


   The "-type" subfields are defined as follows:


   a.  An "address-type" specifies the format of a mailbox address.  For
       example, Internet Mail addresses use the "rfc822" address-type.
       Other values can appear in this field as specified in the
       "Address Types" IANA subregistry established by RFC-DSN-FORMAT
       [RFC3464].

address-type = atom

atom = <The version from RFC 5321 (not from RFC 5322) is used in this document.>


   b.  An "MTA-name-type" specifies the format of a mail transfer agent
       name.  For example, for an SMTP server on an Internet host, the
       MTA name is the domain name of that host, and the "dns" MTA-name-
       type is used.  Other values can appear in this field as specified
       in the "MTA Name Types" IANA subregistry established by RFC-DSN-
       FORMAT [RFC3464].

   mta-name-type = atom

   Values for address-type and mta-name-type are case-insensitive.
   Thus, address-type values of "RFC822" and "rfc822" are equivalent.

   The Internet Assigned Numbers Authority (IANA) maintains a registry
   of address-type and mta-name-type values, along with descriptions of
   the meanings of each, or a reference to one or more specifications
   that provide such descriptions.  (The "rfc822" address-type is
   defined in RFC-DSN-SMTP [RFC3461].)  Registration forms for address-
   type and mta-name-type appear in RFC-DSN-FORMAT [RFC3464].

3.2.  Message/disposition-notification Content Fields

3.2.1.  The Reporting-UA field

reporting-ua-field = "Reporting-UA" ":" OWS ua-name OWS [ ";" OWS ua-product OWS ]

ua-name = *text-no-semi

ua-product = *([FWS] text)

text-no-semi = %d1-9 /         ; "text" characters excluding NUL, CR,
               %d11 / %d12 / %d14-58 / %d60-127  ; LF, or semi-colon

   The Reporting-UA field is defined as follows:




Hansen & Melnikov         Expires June 4, 2017                 [Page 14]

Internet-Draft                     MDN                     December 2016


   An MDN describes the disposition of a message after it has been
   delivered to a recipient.  In all cases, the Reporting-UA is the MUA
   that performed the disposition described in the MDN.

   The "Reporting-UA" field contains information about the MUA that
   generated the MDN, which is often used by servers to help identify
   the scope of reported interoperability problems, to work around or
   tailor responses to avoid particular MUA limitations, and for
   analytics regarding MUA or operating system use.  A MUA SHOULD send a
   "Reporting-UA" field unless specifically configured not to do so.

   If the reporting MUA consists of more than one component (e.g., a
   base program and plug-ins), this may be indicated by including a list
   of product names.

   A reporting MUA SHOULD limit generated product identifiers to what is
   necessary to identify the product; a sender MUST NOT generate
   advertising or other nonessential information within the product
   identifier.

   A reporting MUA SHOULD NOT generate a "Reporting-UA" field containing
   needlessly fine-grained detail and SHOULD limit the addition of
   subproducts by third parties.  Overly long and detailed "Reporting-
   UA" field values increase the risk of a user being identified against
   their wishes ("fingerprinting").

   Likewise, implementations are encouraged not to use the product
   tokens of other implementations in order to declare compatibility
   with them, as this circumvents the purpose of the field.  If a MUA
   masquerades as a different MUA, recipients can assume that the user
   intentionally desires to see responses tailored for that identified
   MUA, even if they might not work as well for the actual MUA being
   used.

   Example:

   Reporting-UA:  Foomail 97.1

3.2.2.  The MDN-Gateway field

   The MDN-Gateway field indicates the name of the gateway or MTA that
   translated a foreign (non-Internet) message disposition notification
   into this MDN.  This field MUST appear in any MDN that was translated
   by a gateway from a foreign system into MDN format, and MUST NOT
   appear otherwise.






Hansen & Melnikov         Expires June 4, 2017                 [Page 15]

Internet-Draft                     MDN                     December 2016


mdn-gateway-field = "MDN-Gateway" ":" OWS mta-name-type OWS ";" OWS mta-name OWS

mta-name = *text

   For gateways into Internet Mail, the MTA-name-type will normally be
   "dns", and the mta-name will be the Internet domain name of the
   gateway.

3.2.3.  Original-Recipient field

   The Original-Recipient field indicates the original recipient address
   as specified by the sender of the message for which the MDN is being
   issued.  For Internet Mail messages, the value of the Original-
   Recipient field is obtained from the Original-Recipient header field
   from the message for which the MDN is being generated.  If there is
   an Original-Recipient header field in the message, or if information
   about the original recipient is reliably available some other way,
   then the Original-Recipient field MUST be included.  Otherwise, the
   Original-Recipient field MUST NOT be included.  If there is more than
   one Original-Recipient header field in the message, the MUA may
   choose the one to use, or act as if no Original-Recipient header
   field is present.

original-recipient-field =
          "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS

generic-address = *text

   The address-type field indicates the type of the original recipient
   address.  If the message originated within the Internet, the address-
   type field will normally be "rfc822", and the address will be
   according to the syntax specified in RFC-MSGFMT [RFC5322].  The value
   "unknown" should be used if the Reporting MUA cannot determine the
   type of the original recipient address from the message envelope.
   This address is the same as that provided by the sender and can be
   used to automatically correlate MDN reports with original messages on
   a per recipient basis.

3.2.4.  Final-Recipient field

   The Final-Recipient field indicates the recipient for which the MDN
   is being issued.  This field MUST be present.

   The syntax of the field is as follows:

final-recipient-field =
          "Final-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS




Hansen & Melnikov         Expires June 4, 2017                 [Page 16]

Internet-Draft                     MDN                     December 2016


   The generic-address subfield of the Final-Recipient field SHOULD
   contain the mailbox address of the recipient (which will be the same
   as the From header field of the MDN) as it was when the MDN was
   generated by the MUA.

      One example of when this field might not contain the final
      recipient address of the message is when an alias (e.g. "customer-
      support@example.com") forwards mail to a specific personal address
      (e.g. "bob@example.com").  Bob might want to be able to send MDNs,
      but not give away his personal email address.  In this case the
      Final-Recipient field can be "customer-support@example.com"
      instead of "bob@example.com".

   The Final-Recipient address may differ from the address originally
   provided by the sender, because it may have been transformed during
   forwarding and gatewaying into a totally unrecognizable mess.
   However, in the absence of the optional Original-Recipient field, the
   Final-Recipient field and any returned content may be the only
   information available with which to correlate the MDN with a
   particular message recipient.

   The address-type subfield indicates the type of address expected by
   the reporting MTA in that context.  Recipient addresses obtained via
   SMTP will normally be of address-type "rfc822", but can be other
   values from the "Address Types" subregistry of the "Delivery Status
   Notification (DSN) Types" IANA registry.

   Since mailbox addresses (including those used in the Internet) may be
   case sensitive, the case of alphabetic characters in the address MUST
   be preserved.

3.2.5.  Original-Message-ID field

   The Original-Message-ID field indicates the message-ID of the message
   for which the MDN is being issued.  It is obtained from the Message-
   ID header field of the message for which the MDN is issued.  This
   field MUST be present if and only if the original message contained a
   Message-ID header field.  The syntax of the field is as follows:

   original-message-id-field =
             "Original-Message-ID" ":" msg-id

   The msg-id token is as specified in RFC-MSGFMT [RFC5322].








Hansen & Melnikov         Expires June 4, 2017                 [Page 17]

Internet-Draft                     MDN                     December 2016


3.2.6.  Disposition field

   The Disposition field indicates the action performed by the
   Reporting-MUA on behalf of the user.  This field MUST be present.

   The syntax for the Disposition field is:

   disposition-field =
             "Disposition" ":" OWS disposition-mode OWS ";"
             OWS disposition-type
             [ OWS "/" OWS disposition-modifier
             *( OWS "," OWS disposition-modifier ) ] OWS

   disposition-mode = action-mode OWS "/" OWS sending-mode

   action-mode = "manual-action" / "automatic-action"

   sending-mode = "MDN-sent-manually" / "MDN-sent-automatically"

   disposition-type = "displayed" / "deleted" / "dispatched" /
             "processed"

   disposition-modifier = "error" / disposition-modifier-extension

   disposition-modifier-extension = atom

   The disposition-mode, disposition-type, and disposition-modifier
   values may be spelled in any combination of upper and lower case US-
   ASCII characters.

3.2.6.1.  Disposition modes

   Disposition mode consists of 2 parts: action mode and sending mode.

   The following action modes are defined:


   "manual-action"     The disposition described by the disposition type
                       was a result of an explicit instruction by the
                       user rather than some sort of automatically
                       performed action.  (This might include the case
                       when the user has manually configured her MUA to
                       automatically respond to valid MDN requests.)
                       Unless prescribed otherwise in a particular mail
                       environment, in order to preserve user's privacy,
                       this MUST be the default for MUAs.





Hansen & Melnikov         Expires June 4, 2017                 [Page 18]

Internet-Draft                     MDN                     December 2016


   "automatic-action"  The disposition described by the disposition type
                       was a result of an automatic action, rather than
                       an explicit instruction by the user for this
                       message.  This is typically generated by a Mail
                       Delivery Agent (e.g.  MDN generations by Sieve
                       reject action [RFC5429], Fax-over-Email
                       [RFC3249], Voice Messaging System (VPIM)
                       [RFC3801] or upon delivery to a mailing list).

   "Manual-action" and "automatic-action" are mutually exclusive.  One
   or the other MUST be specified.

   The following sending modes are defined:


   "MDN-sent-manually" The user explicitly gave permission for this
                       particular MDN to be sent.  Unless prescribed
                       otherwise in a particular mail environment, in
                       order to preserve user's privacy, this MUST be
                       the default for MUAs.


   "MDN-sent-automatically"  The MDN was sent because the MUA had
                       previously been configured to do so
                       automatically.

   "MDN-sent-manually" and "MDN-sent-automatically" are mutually
   exclusive.  One or the other MUST be specified.

3.2.6.2.  Disposition types

   The following disposition-types are defined:


   "displayed"         The message has been displayed by the MUA to
                       someone reading the recipient's mailbox.  There
                       is no guarantee that the content has been read or
                       understood.


   "dispatched"        The message has been sent somewhere in some
                       manner (e.g., printed, faxed, forwarded) without
                       necessarily having been previously displayed to
                       the user.  The user may or may not see the
                       message later.






Hansen & Melnikov         Expires June 4, 2017                 [Page 19]

Internet-Draft                     MDN                     December 2016


   "processed"         The message has been processed in some manner
                       (i.e., by some sort of rules or server) without
                       being displayed to the user.  The user may or may
                       not see the message later, or there may not even
                       be a human user associated with the mailbox.


   "deleted"           The message has been deleted.  The recipient may
                       or may not have seen the message.  The recipient
                       might "undelete" the message at a later time and
                       read the message.

3.2.6.3.  Disposition modifiers

   Only the extension disposition modifiers is defined:


   disposition-modifier-extension
                       Disposition modifiers may be defined in the
                       future by later revisions or extensions to this
                       specification.  MDN disposition value names MUST
                       be registered with the Internet Assigned Numbers
                       Authority (IANA) using "Specification required"
                       registration policy.  (See Section 10 for a
                       registration form.)  MDNs with disposition
                       modifier names not understood by the receiving
                       MUA MAY be silently ignored or placed in the
                       user's mailbox without special interpretation.
                       They MUST NOT cause any error message to be sent
                       to the sender of the MDN.

   It is not required that an MUA be able to generate all of the
   possible values of the Disposition field.

   A user agent MUST NOT issue more than one MDN on behalf of each
   particular recipient.  That is, once an MDN has been issued on behalf
   of a recipient, no further MDNs may be issued on behalf of that
   recipient, even if another disposition is performed on the message.
   However, if a message is forwarded, a "dispatched" MDN MAY be issued
   for the recipient doing the forwarding and the recipient of the
   forwarded message may also cause an MDN to be generated.

3.2.7.  Error Field

   The Error field is used to supply additional information in the form
   of text messages when the "error" disposition modifier appear.  The
   syntax is as follows:




Hansen & Melnikov         Expires June 4, 2017                 [Page 20]

Internet-Draft                     MDN                     December 2016


   error-field = "Error" ":" *([FWS] text)

   Note that syntax of these header fields doesn't include comments, so
   "encoded-word" construct defined in RFC-MIME-HEADER [RFC2047] can't
   be used to convey non ASCII text.  Application that need to convey
   non ASCII text in these fields should consider implementing message/
   global-disposition-notification media type specified in [RFC6533]
   instead of this specification.

3.3.  Extension-fields

   Additional MDN fields may be defined in the future by later revisions
   or extensions to this specification.  MDN field names MUST be
   registered with the Internet Assigned Numbers Authority (IANA) using
   "Specification required" registration policy.  (See Section 10 for a
   registration form.)  MDN Extension-fields may be defined for the
   following reasons:


   a.  To allow additional information from foreign disposition reports
       to be tunneled through Internet MDNs.  The names of such MDN
       fields should begin with an indication of the foreign environment
       name (e.g., X400-Physical-Forwarding-Address).


   b.  To allow transmission of diagnostic information that is specific
       to a particular mail user agent (MUA).  The names of such MDN
       fields should begin with an indication of the MUA implementation
       that produced the MDN (e.g., Foomail-information).

4.  Timeline of events

   The following timeline shows when various events in the processing of
   a message and generation of MDNs take place:


   -- User composes message


   -- User tells MUA to send message.


   -- MUA passes message to Mail Submission Agent (MSA), original
      recipient information passed along.


   -- MSA sends message to next MTA.




Hansen & Melnikov         Expires June 4, 2017                 [Page 21]

Internet-Draft                     MDN                     December 2016


   -- Final MTA receives message.


   -- Final MTA delivers message to recipient's mailbox (possibly
      generating a Delivery Status Notification (DSN)).


   -- (Recipient's) MUA discovers a new message in recipient's mailbox
      and decides whether an MDN should be generated.  If the MUA has
      information that an MDN has already been generated for this
      message, no further MDN processing described below is performed.
      If MUA decides that no MDN can be generated, no further MDN
      processing described below is performed.


   -- MUA performs automatic processing and might generate corresponding
      MDNs ("dispatched", "processed" or "deleted" disposition type with
      "automatic-action" and "MDN-sent-automatically" disposition
      modes).  The MUA remembers that an MDN was generated.


   -- MUA displays list of messages to user.


   -- User selects a message and requests that some action be performed
      on it.


   -- MUA performs requested action; if an automatic MDN has not already
      been generated, with user's permission, sends an appropriate MDN
      ("displayed", "dispatched", "processed", or "deleted" disposition
      type, with "manual-action" and "MDN-sent-manually" or "MDN-sent-
      automatically" disposition mode).  The MUA remembers that an MDN
      was generated.


   -- User possibly performs other actions on message, but no further
      MDNs are generated.

5.  Conformance and Usage Requirements

   An MUA or gateway conforms to this specification if it generates MDNs
   according to the protocol defined in this memo.  It is not necessary
   to be able to generate all of the possible values of the Disposition
   field.

   MUAs and gateways MUST NOT generate the Original-Recipient field of
   an MDN unless the mail protocols provide the address originally



Hansen & Melnikov         Expires June 4, 2017                 [Page 22]

Internet-Draft                     MDN                     December 2016


   specified by the sender at the time of submission.  Ordinary SMTP
   does not make that guarantee, but the SMTP extension defined in RFC-
   DSN-SMTP [RFC3461] permits such information to be carried in the
   envelope if it is available.  The Original-Recipient header field
   defined in this document provides a way for the MTA to pass the
   original recipient address to the MUA.

   Each sender-specified recipient address may result in more than one
   MDN.  If an MDN is requested for a recipient that is forwarded to
   multiple recipients of an "alias" (as defined in RFC-DSN-SMTP
   [RFC3461], section 6.2.7.3), each of the recipients may issue an MDN.

   Successful distribution of a message to a mailing list exploder or
   gateway to Usenet newsgroup SHOULD be considered the final
   disposition of the message.  A mailing list exploder MAY issue an MDN
   with a disposition type of "processed" and disposition modes of
   "automatic-action" and "MDN-sent-automatically" indicating that the
   message has been forwarded to the list.  In this case, the request
   for MDNs is not propagated to the members of the list.

   Alternatively (if successful distribution of a message to a mailing
   list exploder/Usenet newsgroup is not considered the final
   disposition of the message), the mailing list exploder can issue no
   MDN and propagate the request for MDNs to all members of the list.
   The latter behavior is not recommended for any but small, closely
   knit lists, as it might cause large numbers of MDNs to be generated
   and may cause confidential subscribers to the list to be revealed.
   The mailing list exploder can also direct MDNs to itself, correlate
   them, and produce a report to the original sender of the message.

   This specification places no restrictions on the processing of MDNs
   received by user agents or mailing lists.

6.  Security Considerations

   The following security considerations apply when using MDNs:

6.1.  Forgery

   MDNs can be (and are, in practice) forged as easily as ordinary
   Internet electronic mail.  User agents and automatic mail handling
   facilities (such as mail distribution list exploders) that wish to
   make automatic use of MDNs should take appropriate precautions to
   minimize the potential damage from denial-of-service attacks.

   Security threats related to forged MDNs include the sending of:





Hansen & Melnikov         Expires June 4, 2017                 [Page 23]

Internet-Draft                     MDN                     December 2016


   a.  A falsified disposition notification when the indicated
       disposition of the message has not actually occurred,


   b.  Unsolicited MDNs

   Similarly, a forged spam or phishing email message can contain
   Disposition-Notification-To header field that can trick the recipient
   to send an MDN.  MDN processing should only be invoked once
   authenticity of email message is verified.

6.2.  Privacy

   Another dimension of security is privacy.  There may be cases in
   which a message recipient does not wish the disposition of messages
   addressed to him to be known, or is concerned that the sending of
   MDNs may reveal other sensitive information (e.g., when the message
   was read, using which email client, which OS was used).  In this
   situation, it is acceptable for the MUA to silently ignore requests
   for MDNs.

   If the Disposition-Notification-To header field is passed on
   unmodified when a message is distributed to the subscribers of a
   mailing list, the subscribers to the list may be revealed to the
   sender of the original message by the generation of MDNs.

   Headers of the original message returned in part 3 of the multipart/
   report, as well as content of the message/disposition-notification
   part could reveal confidential information about host names and/or
   network topology inside a firewall.

   Disposition mode (Section 3.2.6.1) can leak information about
   recipient's MUA configuration, in particular whether MDNs are
   acknowledged manually or automatically.  If this is a concern, MUAs
   can return "manual-action/MDN-sent-manually" disposition mode in
   generated MDNs.

   In general, any optional MDN field may be omitted if the Reporting
   MUA site or user determines that inclusion of the field would impose
   too great a compromise of site confidentiality.  The need for such
   confidentiality must be balanced against the utility of the omitted
   information in MDNs.

   In some cases, someone with access to the message stream may use the
   MDN request mechanism to monitor the mail reading habits of a target.
   If the target is known to generate MDN reports, they could add a
   disposition-notification-to field containing the envelope from




Hansen & Melnikov         Expires June 4, 2017                 [Page 24]

Internet-Draft                     MDN                     December 2016


   address.  This risk can be minimized by not sending MDN's
   automatically.

6.2.1.  Disclosure of Product Information

   The "Reporting-UA" field (Section 3.2.1) User-Agent (Section 5.5.3)
   and header fields often reveal information about the respective
   sender's software systems.  In theory, this can make it easier for an
   attacker to exploit known security holes; in practice, attackers tend
   to try all potential holes regardless of the apparent software
   versions being used.  Also note that the "Reporting-UA" field doesn't
   provide any new information in comparison to the "User-Agent" and/or
   (undocumented) "X-Mailer" header fields used by many MUAs.

6.2.2.  MUA Fingerprinting

   The "Reporting-UA" field (Section 3.2.1) might contain enough
   information to uniquely identify a specific device, usually when
   combined with other characteristics, particularly if the user agent
   sends excessive details about the user's system or extensions.  Even
   when the guidance in Section 3.2.1 is followed to avoid
   fingerprinting, other sources of unique information may still be
   present, such as the Accept-Language header fields.

6.3.  Non-Repudiation

   MDNs do not provide non-repudiation with proof of delivery.  Within
   the framework of today's Internet Mail, the MDNs defined in this
   document provide valuable information to the mail user; however, MDNs
   cannot be relied upon as a guarantee that a message was or was not
   seen by the recipient.  Even if MDNs are not actively forged, they
   may be lost in transit.  The recipient may bypass the MDN issuing
   mechanism in some manner.

   One possible solution for this purpose can be found in RFC-SEC-
   SERVICES [RFC2634].

6.4.  Mail Bombing

   The MDN request mechanism introduces an additional way of mailbombing
   a mailbox.  The MDN request notification provides an address to which
   MDN's should be sent.  It is possible for an attacking agent to send
   a potentially large set of messages to otherwise unsuspecting third
   party recipients with a false "disposition-notification-to:" address.
   Automatic, or simplistic processing of such requests would result in
   a flood of MDN notifications to the target of the attack.
   Additionally, as generated MDN notifications can include full content
   of messages that caused them and thus they can be bigger than such



Hansen & Melnikov         Expires June 4, 2017                 [Page 25]

Internet-Draft                     MDN                     December 2016


   messages, they can be used for bandwidth amplification attacks.  Such
   an attack could overrun the storage capacity of the targeted mailbox
   and/or of the mail transport system, and deny service.

   For that reason, MDN's SHOULD NOT be sent automatically where the
   "disposition-notification-to:" address is different from the SMTP
   "MAIL FROM" address (which is carried in the Return-Path header
   field).  See Section 2.1 for further discussion.

7.  Collected ABNF Grammar

   NOTE: The following lexical tokens are defined in RFC-MSGFMT
   [RFC5322]: CRLF, FWS, CFWS, field-name, mailbox-list, msg-id, text,
   comment, word.  The following lexical tokens are defined in RFC-SMTP
   [RFC5321]: atom.  (Note that RFC-MSGFMT [RFC5322] also defines
   "atom", but the version from RFC-SMTP [RFC5321] is more restrictive
   and this more restrictive version is used in this document.)
   "encoded-word" construct defined in RFC-MIME-HEADER [RFC2047] is
   allowed everywhere where RFC-MSGFMT [RFC5322] "comment" is used, for
   example in CFWS.

   OWS          = [CFWS]
                  ; Optional whitespace.
                  ; MDN generators SHOULD use "*WSP"
                  ; (typically a single space or nothing.
                  ; It SHOULD be nothing at the end of a field),
                  ; unless an RFC 5322 "comment" is required.
                  ;
                  ; MDN parsers MUST parse it as "[CFWS]".

Message header fields:
   mdn-request-header =
          "Disposition-Notification-To" ":" mailbox-list CRLF

   Disposition-Notification-Options =
          "Disposition-Notification-Options" ":" [FWS]
                    disposition-notification-parameter-list CRLF

   disposition-notification-parameter-list =
                    disposition-notification-parameter
                    *([FWS] ";" [FWS] disposition-notification-parameter)

   disposition-notification-parameter = attribute [FWS] "=" [FWS]
                    importance [FWS] "," [FWS] value *([FWS] "," [FWS] value)

   importance = "required" / "optional"

   attribute = atom



Hansen & Melnikov         Expires June 4, 2017                 [Page 26]

Internet-Draft                     MDN                     December 2016


   value = word

   original-recipient-header =
          "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS CRLF

Report content:
   disposition-notification-content =
          [ reporting-ua-field CRLF ]
          [ mdn-gateway-field CRLF ]
          [ original-recipient-field CRLF ]
          final-recipient-field CRLF
          [ original-message-id-field CRLF ]
          disposition-field CRLF
          *( error-field CRLF )
          *( extension-field CRLF )

   address-type = atom

   mta-name-type = atom

   reporting-ua-field = "Reporting-UA" ":" OWS ua-name OWS [ ";" OWS ua-product OWS ]

   ua-name = *text-no-semi

   ua-product = *([FWS] text)

   text-no-semi = %d1-9 /        ; "text" characters excluding NUL, CR,
           %d11 / %d12 / %d14-58 / %d60-127      ; LF, or semi-colon

   mdn-gateway-field = "MDN-Gateway" ":" OWS mta-name-type OWS ";" OWS mta-name

   mta-name = *text

   original-recipient-field =
          "Original-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS

   generic-address = *text

   final-recipient-field =
          "Final-Recipient" ":" OWS address-type OWS ";" OWS generic-address OWS

   original-message-id-field = "Original-Message-ID" ":" msg-id

   disposition-field =
          "Disposition" ":" OWS disposition-mode OWS ";"
          OWS disposition-type
          [ OWS "/" OWS disposition-modifier
          *( OWS "," OWS disposition-modifier ) ] OWS



Hansen & Melnikov         Expires June 4, 2017                 [Page 27]

Internet-Draft                     MDN                     December 2016


   disposition-mode = action-mode OWS "/" OWS sending-mode

   action-mode = "manual-action" / "automatic-action"

   sending-mode = "MDN-sent-manually" / "MDN-sent-automatically"

   disposition-type = "displayed" / "deleted" / "dispatched" /
           "processed"

   disposition-modifier = "error" / disposition-modifier-extension

   disposition-modifier-extension = atom

   error-field = "Error" ":" *([FWS] text)

   extension-field = extension-field-name ":" *([FWS] text)

   extension-field-name = field-name

8.  Guidelines for Gatewaying MDNs

   NOTE: This section provides non-binding recommendations for the
   construction of mail gateways that wish to provide semi-transparent
   disposition notifications between the Internet and another electronic
   mail system.  Specific MDN gateway requirements for a particular pair
   of mail systems may be defined by other documents.

8.1.  Gatewaying from other mail systems to MDNs

   A mail gateway may issue an MDN to convey the contents of a "foreign"
   disposition notification over Internet Mail.  When there are
   appropriate mappings from the foreign notification elements to MDN
   fields, the information may be transmitted in those MDN fields.
   Additional information (such as might be needed to tunnel the foreign
   notification through the Internet) may be defined in extension MDN
   fields.  (Such fields should be given names that identify the foreign
   mail protocol, e.g., X400-* for X.400 protocol elements).

   The gateway must attempt to supply reasonable values for the
   Reporting-UA, Final-Recipient, and Disposition fields.  These will
   normally be obtained by translating the values from the foreign
   notification into their Internet-style equivalents.  However, some
   loss of information is to be expected.

   The sender-specified recipient address and the original message-id,
   if present in the foreign notification, should be preserved in the
   Original-Recipient and Original-Message-ID fields.




Hansen & Melnikov         Expires June 4, 2017                 [Page 28]

Internet-Draft                     MDN                     December 2016


   The gateway should also attempt to preserve the "final" recipient
   address from the foreign system.  Whenever possible, foreign protocol
   elements should be encoded as meaningful printable ASCII strings.

   For MDNs produced from foreign disposition notifications, the name of
   the gateway MUST appear in the MDN-Gateway field of the MDN.

8.2.  Gatewaying from MDNs to other mail systems

   It may be possible to gateway MDNs from the Internet into a foreign
   mail system.  The primary purpose of such gatewaying is to convey
   disposition information in a form that is usable by the destination
   system.  A secondary purpose is to allow "tunneling" of MDNs through
   foreign mail systems in case the MDN may be gatewayed back into the
   Internet.

   In general, the recipient of the MDN (i.e., the sender of the
   original message) will want to know, for each recipient: the closest
   available approximation to the original recipient address, and the
   disposition (displayed, printed, etc.).

   If possible, the gateway should attempt to preserve the Original-
   Recipient address and Original-Message-ID (if present) in the
   resulting foreign disposition report.

   If it is possible to tunnel an MDN through the destination
   environment, the gateway specification may define a means of
   preserving the MDN information in the disposition reports used by
   that environment.

8.3.  Gatewaying of MDN-requests to other mail systems

   By use of the separate disposition-notification-to request header
   field, this specification offers a richer functionality than most, if
   not all, other email systems.  In most other email systems, the
   notification recipient is identical to the message sender as
   indicated in the "from" address.  There are two interesting cases
   when gatewaying into such systems:


   1.  If the address in the disposition-notification-to header field is
       identical to the address in the SMTP "MAIL FROM", the expected
       behavior will result, even if the disposition-notification-to
       information is lost.  Systems should propagate the MDN request.


   2.  If the address in the disposition-notification-to header field is
       different from the address in the SMTP "MAIL FROM", gatewaying



Hansen & Melnikov         Expires June 4, 2017                 [Page 29]

Internet-Draft                     MDN                     December 2016


       into a foreign system without a separate notification address
       will result in unintended behavior.  This is especially important
       when the message arrives via a mailing list expansion software
       that may specifically replace the SMTP "MAIL FROM" address with
       an alternate address.  In such cases, the MDN request should not
       be gatewayed and should be silently dropped.  This is consistent
       with other forms of non-support for MDN.

9.  Example

   NOTE: This example is provided as illustration only, and is not
   considered part of the MDN protocol specification.  If the example
   conflicts with the protocol definition above, the example is wrong.

   Likewise, the use of *-type subfield names or extension fields in
   this example is not to be construed as a definition for those type
   names or extension fields.

   This is an MDN issued after a message has been displayed to the user
   of an Internet Mail user agent.































Hansen & Melnikov         Expires June 4, 2017                 [Page 30]

Internet-Draft                     MDN                     December 2016


   Date: Wed, 20 Sep 1995 00:19:00 (EDT) -0400
   From: Joe Recipient <Joe_Recipient@example.com>
   Message-Id: <199509200019.12345@example.com>
   Subject: Disposition notification
   To: Jane Sender <Jane_Sender@example.org>
   MIME-Version: 1.0
   Content-Type: multipart/report; report-type=disposition-notification;
      boundary="RAA14128.773615765/example.com"

   --RAA14128.773615765/example.com

   The message sent on 1995 Sep 19 at 13:30:00 (EDT) -0400 to Joe
   Recipient <Joe_Recipient@example.com> with subject "First draft of
   report" has been displayed.
   This is no guarantee that the message has been read or understood.

   --RAA14128.773615765/example.com
   content-type: message/disposition-notification

   Reporting-UA: joes-pc.cs.example.com; Foomail 97.1
   Original-Recipient: rfc822;Joe_Recipient@example.com
   Final-Recipient: rfc822;Joe_Recipient@example.com
   Original-Message-ID: <199509192301.23456@example.org>
   Disposition: manual-action/MDN-sent-manually; displayed

   --RAA14128.773615765/example.com
   content-type: message/rfc822

   [original message optionally goes here]

   --RAA14128.773615765/example.com--

10.  IANA Considerations

   There are two actions for IANA:

   1.  IANA is asked to update the registration template for the
       message/disposition-notification media type to the one in
       Section 3.1 of this document, and to update the reference for
       that media type to point to this document instead of to RFC 3798.

   2.  The registries specified here already exist, and this section is
       updating their documentation.  IANA is asked to change the
       reference document for the three Message Disposition Notification
       Parameters registries to point to this document instead of to RFC
       3798.





Hansen & Melnikov         Expires June 4, 2017                 [Page 31]

Internet-Draft                     MDN                     December 2016


   This document specifies three types of parameters that must be
   registered with the Internet Assigned Numbers Authority (IANA).  All
   of them use [RFC5226] "Specification required" IANA registration
   policy.

   The forms below are for use when registering a new disposition-
   notification-parameter name for the Disposition-Notification-Options
   header field, a new disposition modifier name, or a new MDN extension
   field.  Each piece of information required by a registration form may
   be satisfied either by providing the information on the form itself,
   or by including a reference to a published, publicly available
   specification that includes the necessary information.  IANA MAY
   reject registrations because of incomplete registration forms or
   incomplete specifications.

   To register, complete the following applicable form and send it via
   electronic mail to <IANA@IANA.ORG>.

10.1.  Disposition-Notification-Options header field disposition-
       notification-parameter names

   A registration for a Disposition-Notification-Options header field
   disposition-notification-parameter name MUST include the following
   information:


   a.  The proposed disposition-notification-parameter name.


   b.  The syntax for disposition-notification-parameter values,
       specified using BNF, ABNF, regular expressions, or other non-
       ambiguous language.


   c.  If disposition-notification-parameter values are not composed
       entirely of graphic characters from the US-ASCII repertoire, a
       specification for how they are to be encoded as graphic US-ASCII
       characters in a Disposition-Notification-Options header field.


   d.  A reference to a permanent and readily available public
       specification that describes the semantics of the disposition-
       notification-parameter values.








Hansen & Melnikov         Expires June 4, 2017                 [Page 32]

Internet-Draft                     MDN                     December 2016


10.2.  Disposition modifier names

   A registration for a disposition-modifier name (used in the
   Disposition field of a message/disposition-notification) MUST include
   the following information:


   a.  The proposed disposition-modifier name.


   b.  A reference to a permanent and readily available public
       specification that describes the semantics of the disposition
       modifier.

10.3.  MDN extension field names

   A registration for an MDN extension-field name MUST include the
   following information:


   a.  The proposed extension field name.


   b.  The syntax for extension values, specified using BNF, ABNF,
       regular expressions, or other non-ambiguous language.


   c.  If extension-field values are not composed entirely of graphic
       characters from the US-ASCII repertoire, a specification for how
       they are to be encoded as graphic US-ASCII characters in a
       Disposition-Notification-Options header field.


   d.  A reference to a permanent and readily available public
       specification that describes the semantics of the extension
       field.

11.  Acknowledgements

   The contributions of Bruce Lilly, Alfred Hoenes, Barry Leiba, Ben
   Campbell, Pete Resnick, Donald Eastlake and Alissa Cooper are
   gratefully acknowledged for this revision.

   The contributions of Roger Fajman and Greg Vaudreuil to earlier
   versions of this document are also gratefully acknowledged.






Hansen & Melnikov         Expires June 4, 2017                 [Page 33]

Internet-Draft                     MDN                     December 2016


12.  References

12.1.  Normative References

   [RFC5321]  Klensin, J., "Simple Mail Transfer Protocol", RFC 5321,
              DOI 10.17487/RFC5321, October 2008,
              <http://www.rfc-editor.org/info/rfc5321>.

   [RFC5322]  Resnick, P., Ed., "Internet Message Format", RFC 5322,
              DOI 10.17487/RFC5322, October 2008,
              <http://www.rfc-editor.org/info/rfc5322>.

   [RFC2045]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
              Extensions (MIME) Part One: Format of Internet Message
              Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996,
              <http://www.rfc-editor.org/info/rfc2045>.

   [RFC2046]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
              Extensions (MIME) Part Two: Media Types", RFC 2046,
              DOI 10.17487/RFC2046, November 1996,
              <http://www.rfc-editor.org/info/rfc2046>.

   [RFC2047]  Moore, K., "MIME (Multipurpose Internet Mail Extensions)
              Part Three: Message Header Extensions for Non-ASCII Text",
              RFC 2047, DOI 10.17487/RFC2047, November 1996,
              <http://www.rfc-editor.org/info/rfc2047>.

   [RFC6522]  Kucherawy, M., Ed., "The Multipart/Report Media Type for
              the Reporting of Mail System Administrative Messages",
              STD 73, RFC 6522, DOI 10.17487/RFC6522, January 2012,
              <http://www.rfc-editor.org/info/rfc6522>.

   [RFC3461]  Moore, K., "Simple Mail Transfer Protocol (SMTP) Service
              Extension for Delivery Status Notifications (DSNs)",
              RFC 3461, DOI 10.17487/RFC3461, January 2003,
              <http://www.rfc-editor.org/info/rfc3461>.

   [RFC3464]  Moore, K. and G. Vaudreuil, "An Extensible Message Format
              for Delivery Status Notifications", RFC 3464,
              DOI 10.17487/RFC3464, January 2003,
              <http://www.rfc-editor.org/info/rfc3464>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.





Hansen & Melnikov         Expires June 4, 2017                 [Page 34]

Internet-Draft                     MDN                     December 2016


   [RFC3503]  Melnikov, A., "Message Disposition Notification (MDN)
              profile for Internet Message Access Protocol (IMAP)",
              RFC 3503, DOI 10.17487/RFC3503, March 2003,
              <http://www.rfc-editor.org/info/rfc3503>.

12.2.  Informative References

   [RFC2634]  Hoffman, P., Ed., "Enhanced Security Services for S/MIME",
              RFC 2634, DOI 10.17487/RFC2634, June 1999,
              <http://www.rfc-editor.org/info/rfc2634>.

   [RFC3249]  Cancio, V., Moldovan, M., Tamura, H., and D. Wing,
              "Implementers Guide for Facsimile Using Internet Mail",
              RFC 3249, DOI 10.17487/RFC3249, September 2002,
              <http://www.rfc-editor.org/info/rfc3249>.

   [RFC3501]  Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
              4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003,
              <http://www.rfc-editor.org/info/rfc3501>.

   [RFC3801]  Vaudreuil, G. and G. Parsons, "Voice Profile for Internet
              Mail - version 2 (VPIMv2)", RFC 3801,
              DOI 10.17487/RFC3801, June 2004,
              <http://www.rfc-editor.org/info/rfc3801>.

   [RFC5233]  Murchison, K., "Sieve Email Filtering: Subaddress
              Extension", RFC 5233, DOI 10.17487/RFC5233, January 2008,
              <http://www.rfc-editor.org/info/rfc5233>.

   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
              DOI 10.17487/RFC5226, May 2008,
              <http://www.rfc-editor.org/info/rfc5226>.

   [RFC5429]  Stone, A., Ed., "Sieve Email Filtering: Reject and
              Extended Reject Extensions", RFC 5429,
              DOI 10.17487/RFC5429, March 2009,
              <http://www.rfc-editor.org/info/rfc5429>.

   [RFC5598]  Crocker, D., "Internet Mail Architecture", RFC 5598,
              DOI 10.17487/RFC5598, July 2009,
              <http://www.rfc-editor.org/info/rfc5598>.

   [RFC6533]  Hansen, T., Ed., Newman, C., and A. Melnikov,
              "Internationalized Delivery Status and Disposition
              Notifications", RFC 6533, DOI 10.17487/RFC6533, February
              2012, <http://www.rfc-editor.org/info/rfc6533>.




Hansen & Melnikov         Expires June 4, 2017                 [Page 35]

Internet-Draft                     MDN                     December 2016


Appendix A.  Changes from RFC 3798

   Changed IANA registration for different subregistries to
   "Specification Required" to match what is already used by IANA.

   Updated IANA registration template for message/disposition-
   notification.

   "X-" fields no longer reserved for experimental use and can now be
   registered in compliance with RFC 6648.

   Fixed the default MTA-name-type used in "MDN-Gateway" to be "dns".

   Strengthen requirements on obtaining user consent in order to protect
   user privacy.

   Removed discussion of using source routes with MDNs, as source route
   is a deprecated Email feature.

   The values of "dispatched" and "processed" were lost from the ABNF
   for "disposition-type".  (Erratum #691)

   Because the warning disposition modifier was previously removed,
   warning-field has also been removed.  (Erratum #692)

   Because the failed disposition type was previously removed, failure-
   field has also been removed.

   The ABNF for ua-name and ua-product included semi-colon, which could
   not be distinguished from *text in the production.  The ua-name was
   restricted to not include semi-colon.  Semi-colon can still appear in
   the ua-product.

   Removed recommendation to include the MUA DNS host name in the
   "Reporting-UA" MDN field.

   The ABNF did not indicate all places that whitespace was allowable,
   in particular folding whitespace, although all implementations allow
   whitespace and folding in the header fields just like any other
   RFC5322 [RFC5322]-formatted header field.  There were also a number
   of places in the ABNF that inconsistently permitted comments and
   whitespace in one leg of the production and not another.  The ABNF
   now specifies FWS and CFWS in several places that should have already
   been specified by the grammar.

   Extension-field was defined in the collected grammar but not in the
   main text.




Hansen & Melnikov         Expires June 4, 2017                 [Page 36]

Internet-Draft                     MDN                     December 2016


   The comparison of mailboxes in Disposition-Notification-To to the
   Return-Path addr-spec was clarified.

   The use of the grammar production "parameter" was confusing with the
   RFC2045 [RFC2045] production of the same name, as well as other uses
   of the same term.  These have been clarified.

   A clarification was added on the extent of the 7bit nature of MDNs.

   Uses of the terms "may" and "might" were clarified.

   A clarification was added on the order of the fields in the message/
   disposition-notification content.

Authors' Addresses

   Tony Hansen (editor)
   AT&T Laboratories
   200 Laurel Ave. South
   Middletown, NJ  07748
   USA

   Email: tony@att.com


   Alexey Melnikov (editor)
   Isode Ltd
   14 Castle Mews
   Hampton, Middlesex  TW12 2NP
   UK

   Email: Alexey.Melnikov@isode.com



















Hansen & Melnikov         Expires June 4, 2017                 [Page 37]