tech-invite   World Map
3GPP     Specs     Glossaries     UICC       T+       IETF     RFCs     Groups     SIP     ABNFs       Search     Home

RFC 8098

 
 
 

Message Disposition Notification

Part 2 of 2, p. 22 to 37
Prev Section

 


prevText      Top      ToC       Page 22 
4.  Timeline of Events

   The following timeline shows when various events in the processing of
   a message and generation of MDNs take place:

   -- User composes message.

   -- User tells MUA to send message.

   -- MUA passes message to Mail Submission Agent (MSA) and original
      recipient information is passed along.

   -- MSA sends message to next MTA.

   -- Final MTA receives message.

   -- Final MTA delivers message to recipient's mailbox (possibly
      generating a Delivery Status Notification (DSN)).

   -- (Recipient's) MUA discovers a new message in recipient's mailbox
      and decides whether an MDN should be generated.  If the MUA has
      information that an MDN has already been generated for this
      message, no further MDN processing described below is performed.
      If MUA decides that no MDN can be generated, no further MDN
      processing described below is performed.

   -- MUA performs automatic processing and might generate corresponding
      MDNs ("dispatched", "processed", or "deleted" disposition type
      with "automatic-action" and "MDN-sent-automatically" disposition
      modes).  The MUA remembers that an MDN was generated.

   -- MUA displays list of messages to user.

   -- User selects a message and requests that some action be performed
      on it.

   -- MUA performs requested action; if an automatic MDN has not already
      been generated, with user's permission, sends an appropriate MDN
      ("displayed", "dispatched", "processed", or "deleted" disposition
      type, with "manual-action" and "MDN-sent-manually" or "MDN-sent-
      automatically" disposition mode).  The MUA remembers that an MDN
      was generated.

   -- User possibly performs other actions on message, but no further
      MDNs are generated.

Top      Up      ToC       Page 23 
5.  Conformance and Usage Requirements

   An MUA or gateway conforms to this specification if it generates MDNs
   according to the protocol defined in this memo.  It is not necessary
   to be able to generate all of the possible values of the Disposition
   field.

   MUAs and gateways MUST NOT generate the Original-Recipient field of
   an MDN unless the mail protocols provide the address originally
   specified by the sender at the time of submission.  Ordinary SMTP
   does not make that guarantee, but the SMTP extension defined in RFC--
   DSN-SMTP [RFC3461] permits such information to be carried in the
   envelope if it is available.  The Original-Recipient header field
   defined in this document provides a way for the MTA to pass the
   original recipient address to the MUA.

   Each sender-specified recipient address may result in more than one
   MDN.  If an MDN is requested for a recipient that is forwarded to
   multiple recipients of an "alias" (as defined in Section 6.2.7.3 of
   RFC-DSN-SMTP [RFC3461]), each of the recipients may issue an MDN.

   Successful distribution of a message to a mailing list exploder or
   gateway to Usenet newsgroup SHOULD be considered the final
   disposition of the message.  A mailing list exploder MAY issue an MDN
   with a disposition type of "processed" and disposition modes of
   "automatic-action" and "MDN-sent-automatically" indicating that the
   message has been forwarded to the list.  In this case, the request
   for MDNs is not propagated to the members of the list.

   Alternatively (if successful distribution of a message to a mailing
   list exploder / Usenet newsgroup is not considered the final
   disposition of the message), the mailing list exploder can issue no
   MDN and propagate the request for MDNs to all members of the list.
   The latter behavior is not recommended for any but small, closely
   knit lists, as it might cause large numbers of MDNs to be generated
   and may cause confidential subscribers to the list to be revealed.
   The mailing list exploder can also direct MDNs to itself, correlate
   them, and produce a report to the original sender of the message.

   This specification places no restrictions on the processing of MDNs
   received by user agents or mailing lists.

Top      Up      ToC       Page 24 
6.  Security Considerations

   The following security considerations apply when using MDNs.

6.1.  Forgery

   MDNs can be (and are, in practice) forged as easily as ordinary
   Internet electronic mail.  User agents and automatic mail handling
   facilities (such as mail distribution list exploders) that wish to
   make automatic use of MDNs should take appropriate precautions to
   minimize the potential damage from denial-of-service attacks.

   Security threats related to forged MDNs include the sending of:

   a.  A falsified disposition notification when the indicated
       disposition of the message has not actually occurred, and

   b.  Unsolicited MDNs.

   Similarly, a forged spam or phishing email message can contain
   Disposition-Notification-To header field that can trick the recipient
   to send an MDN.  MDN processing should only be invoked once
   authenticity of an email message is verified.

6.2.  Privacy

   Another dimension of security is privacy.  There may be cases in
   which a message recipient does not wish the disposition of messages
   addressed to him to be known, or is concerned that the sending of
   MDNs may reveal other sensitive information (e.g., when the message
   was read, using which email client, and which OS was used).  In this
   situation, it is acceptable for the MUA to silently ignore requests
   for MDNs.

   If the Disposition-Notification-To header field is passed on
   unmodified when a message is distributed to the subscribers of a
   mailing list, the subscribers to the list may be revealed to the
   sender of the original message by the generation of MDNs.

   Headers of the original message returned in part 3 of the multipart/
   report, as well as content of the message/disposition-notification
   part, could reveal confidential information about host names and/or
   network topology inside a firewall.

   Disposition mode (Section 3.2.6.1) can leak information about
   recipient's MUA configuration, in particular, whether MDNs are

Top      Up      ToC       Page 25 
   acknowledged manually or automatically.  If this is a concern, MUAs
   can return "manual-action/MDN-sent-manually" disposition mode in
   generated MDNs.

   In general, any optional MDN field may be omitted if the Reporting
   MUA site or user determines that inclusion of the field would impose
   too great a compromise of site confidentiality.  The need for such
   confidentiality must be balanced against the utility of the omitted
   information in MDNs.

   In some cases, someone with access to the message stream may use the
   MDN request mechanism to monitor the mail reading habits of a target.
   If the target is known to generate MDN reports, they could add a
   Disposition-Notification-To header field containing the envelope from
   address.  This risk can be minimized by not sending MDN's
   automatically.

6.2.1.  Disclosure of Product Information

   The "Reporting-UA" field (Section 3.2.1), User-Agent header field,
   and other header fields often reveal information about the respective
   sender's software systems.  In theory, this can make it easier for an
   attacker to exploit known security holes; in practice, attackers tend
   to try all potential holes regardless of the apparent software
   versions being used.  Also note that the "Reporting-UA" field doesn't
   provide any new information in comparison to the "User-Agent" and/or
   (undocumented) "X-Mailer" header fields used by many MUAs.

6.2.2.  MUA Fingerprinting

   The "Reporting-UA" field (Section 3.2.1) might contain enough
   information to uniquely identify a specific device, usually when
   combined with other characteristics, particularly if the user agent
   sends excessive details about the user's system or extensions.  Even
   when the guidance in Section 3.2.1 is followed to avoid
   fingerprinting, other sources of unique information may still be
   present, such as the Accept-Language header fields.

6.3.  Non-repudiation

   MDNs do not provide non-repudiation with proof of delivery.  Within
   the framework of today's Internet Mail, the MDNs defined in this
   document provide valuable information to the mail user; however, MDNs
   cannot be relied upon as a guarantee that a message was or was not
   seen by the recipient.  Even if MDNs are not actively forged, they
   may be lost in transit.  The recipient may bypass the MDN issuing
   mechanism in some manner.

Top      Up      ToC       Page 26 
   One possible solution for this purpose can be found in RFC-SEC-
   SERVICES [RFC2634].

6.4.  Mail Bombing

   The MDN request mechanism introduces an additional way of mail
   bombing a mailbox.  The MDN request notification provides an address
   to which MDN's should be sent.  It is possible for an attacking agent
   to send a potentially large set of messages to otherwise unsuspecting
   third party recipients with a false Disposition-Notification-To
   address.  Automatic or simplistic processing of such requests would
   result in a flood of MDN notifications to the target of the attack.
   Additionally, as generated MDN notifications can include the full
   content of messages that caused them and thus they can be bigger than
   such messages, they can be used for bandwidth amplification attacks.
   Such an attack could overrun the storage capacity of the targeted
   mailbox and/or of the mail transport system, and deny service.

   For that reason, MDN's SHOULD NOT be sent automatically where the
   Disposition-Notification-To address is different from the SMTP "MAIL
   FROM" address (which is carried in the Return-Path header field).
   See Section 2.1 for further discussion.

7.  Collected ABNF Grammar

   NOTE: The following lexical tokens are defined in RFC-MSGFMT
   [RFC5322]: CRLF, FWS, CFWS, field-name, mailbox-list, msg-id, text,
   comment, and word.  The following lexical tokens are defined in
   RFC-SMTP [RFC5321]: Atom.  (Note that RFC-MSGFMT [RFC5322] also
   defines "atom", but the version from RFC-SMTP [RFC5321] is more
   restrictive and this more restrictive version is used in this
   document.)  The "encoded-word" construct defined in RFC-MIME-HEADER
   [RFC2047] is allowed everywhere where RFC-MSGFMT [RFC5322] "comment"
   is used, for example, in CFWS.

    OWS = [CFWS]
          ; Optional whitespace.
          ; MDN generators SHOULD use "*WSP"
          ; (Typically a single space or nothing.
          ; It SHOULD be nothing at the end of a field.),
          ; unless an RFC 5322 "comment" is required.
          ;
          ; MDN parsers MUST parse it as "[CFWS]".

 Message header fields:
    mdn-request-header =
           "Disposition-Notification-To" ":" mailbox-list CRLF

Top      Up      ToC       Page 27 
    Disposition-Notification-Options =
           "Disposition-Notification-Options" ":" [FWS]
                     disposition-notification-parameter-list CRLF

    disposition-notification-parameter-list =
                     disposition-notification-parameter
                     *([FWS] ";" [FWS]
                     disposition-notification-parameter)

    disposition-notification-parameter = attribute [FWS] "=" [FWS]
                     importance [FWS] "," [FWS] value *([FWS] ","
                     [FWS] value)

    importance = "required" / "optional"

    attribute = Atom

    value = word

    original-recipient-header =
           "Original-Recipient" ":" OWS address-type OWS
           ";" OWS generic-address OWS CRLF

 Report content:
    disposition-notification-content =
           [ reporting-ua-field CRLF ]
           [ mdn-gateway-field CRLF ]
           [ original-recipient-field CRLF ]
           final-recipient-field CRLF
           [ original-message-id-field CRLF ]
           disposition-field CRLF
           *( error-field CRLF )
           *( extension-field CRLF )

    address-type = Atom

    mta-name-type = Atom

    reporting-ua-field = "Reporting-UA" ":" OWS ua-name OWS [
                         ";" OWS ua-product OWS ]

    ua-name = *text-no-semi

    ua-product = *([FWS] text)

    text-no-semi = %d1-9 /        ; "text" characters excluding NUL, CR,
            %d11 / %d12 / %d14-58 / %d60-127      ; LF, or semi-colon

Top      Up      ToC       Page 28 
    mdn-gateway-field = "MDN-Gateway" ":" OWS mta-name-type OWS
                        ";" OWS mta-name

    mta-name = *text

    original-recipient-field =
           "Original-Recipient" ":" OWS address-type OWS
           ";" OWS generic-address OWS

    generic-address = *text

    final-recipient-field =
           "Final-Recipient" ":" OWS address-type OWS
           ";" OWS generic-address OWS

    original-message-id-field = "Original-Message-ID" ":" msg-id

    disposition-field =
           "Disposition" ":" OWS disposition-mode OWS ";"
           OWS disposition-type
           [ OWS "/" OWS disposition-modifier
           *( OWS "," OWS disposition-modifier ) ] OWS

    disposition-mode = action-mode OWS "/" OWS sending-mode

    action-mode = "manual-action" / "automatic-action"

    sending-mode = "MDN-sent-manually" / "MDN-sent-automatically"

    disposition-type = "displayed" / "deleted" / "dispatched" /
            "processed"

    disposition-modifier = "error" / disposition-modifier-extension

    disposition-modifier-extension = Atom

    error-field = "Error" ":" *([FWS] text)

    extension-field = extension-field-name ":" *([FWS] text)

    extension-field-name = field-name

Top      Up      ToC       Page 29 
8.  Guidelines for Gatewaying MDNs

   NOTE: This section provides non-binding recommendations for the
   construction of mail gateways that wish to provide semi-transparent
   disposition notifications between the Internet and another electronic
   mail system.  Specific MDN gateway requirements for a particular pair
   of mail systems may be defined by other documents.

8.1.  Gatewaying from Other Mail Systems to MDNs

   A mail gateway may issue an MDN to convey the contents of a "foreign"
   disposition notification over Internet Mail.  When there are
   appropriate mappings from the foreign notification elements to MDN
   fields, the information may be transmitted in those MDN fields.
   Additional information (such as what might be needed to tunnel the
   foreign notification through the Internet) may be defined in
   extension MDN fields.  (Such fields should be given names that
   identify the foreign mail protocol, e.g., X400-* for X.400 protocol
   elements [X.400]).

   The gateway must attempt to supply reasonable values for the
   Reporting-UA, Final-Recipient, and Disposition fields.  These will
   normally be obtained by translating the values from the foreign
   notification into their Internet-style equivalents.  However, some
   loss of information is to be expected.

   The sender-specified recipient address and the original message-id,
   if present in the foreign notification, should be preserved in the
   Original-Recipient and Original-Message-ID fields.

   The gateway should also attempt to preserve the "final" recipient
   address from the foreign system.  Whenever possible, foreign protocol
   elements should be encoded as meaningful printable ASCII strings.

   For MDNs produced from foreign disposition notifications, the name of
   the gateway MUST appear in the MDN-Gateway field of the MDN.

8.2.  Gatewaying from MDNs to Other Mail Systems

   It may be possible to gateway MDNs from the Internet into a foreign
   mail system.  The primary purpose of such gatewaying is to convey
   disposition information in a form that is usable by the destination
   system.  A secondary purpose is to allow "tunneling" of MDNs through
   foreign mail systems in case the MDN may be gatewayed back into the
   Internet.

Top      Up      ToC       Page 30 
   In general, the recipient of the MDN (i.e., the sender of the
   original message) will want to know, for each recipient: the closest
   available approximation to the original recipient address and the
   disposition (displayed, printed, etc.).

   If possible, the gateway should attempt to preserve the Original-
   Recipient address and Original-Message-ID (if present) in the
   resulting foreign disposition report.

   If it is possible to tunnel an MDN through the destination
   environment, the gateway specification may define a means of
   preserving the MDN information in the disposition reports used by
   that environment.

8.3.  Gatewaying of MDN-Requests to Other Mail Systems

   By use of the separate Disposition-Notification-To request header
   field, this specification offers a richer functionality than most, if
   not all, other email systems.  In most other email systems, the
   notification recipient is identical to the message sender as
   indicated in the "from" address.  There are two interesting cases
   when gatewaying into such systems:

   1.  If the address in the Disposition-Notification-To header field is
       identical to the address in the SMTP "MAIL FROM", the expected
       behavior will result, even if the Disposition-Notification-To
       information is lost.  Systems should propagate the MDN request.

   2.  If the address in the Disposition-Notification-To header field is
       different from the address in the SMTP "MAIL FROM", gatewaying
       into a foreign system without a separate notification address
       will result in unintended behavior.  This is especially important
       when the message arrives via a mailing list expansion software
       that may specifically replace the SMTP "MAIL FROM" address with
       an alternate address.  In such cases, the MDN request should not
       be gatewayed and should be silently dropped.  This is consistent
       with other forms of non-support for MDN.

9.  Example

   NOTE: This example is provided as illustration only and is not
   considered part of the MDN protocol specification.  If the example
   conflicts with the protocol definition above, the example is wrong.

   Likewise, the use of *-type subfield names or extension fields in
   this example is not to be construed as a definition for those type
   names or extension fields.

Top      Up      ToC       Page 31 
   This is an MDN issued after a message has been displayed to the user
   of an Internet Mail user agent.

   Date: Wed, 20 Sep 1995 00:19:00 (EDT) -0400
   From: Joe Recipient <Joe_Recipient@example.com>
   Message-Id: <199509200019.12345@example.com>
   Subject: Disposition notification
   To: Jane Sender <Jane_Sender@example.org>
   MIME-Version: 1.0
   Content-Type: multipart/report; report-type=disposition-notification;
      boundary="RAA14128.773615765/example.com"

   --RAA14128.773615765/example.com

   The message sent on 1995 Sep 19 at 13:30:00 (EDT) -0400 to Joe
   Recipient <Joe_Recipient@example.com> with subject "First draft of
   report" has been displayed.
   This is no guarantee that the message has been read or understood.

   --RAA14128.773615765/example.com
   Content-Type: message/disposition-notification

   Reporting-UA: joes-pc.cs.example.com; Foomail 97.1
   Original-Recipient: rfc822;Joe_Recipient@example.com
   Final-Recipient: rfc822;Joe_Recipient@example.com
   Original-Message-ID: <199509192301.23456@example.org>
   Disposition: manual-action/MDN-sent-manually; displayed

   --RAA14128.773615765/example.com
   Content-Type: message/rfc822

   [original message optionally goes here]

   --RAA14128.773615765/example.com--

10.  IANA Considerations

   IANA has completed the following actions:

   1.  IANA has updated the registration template for the message/
       disposition-notification media type to match what appears in
       Section 3.1 of this document and updated the reference for the
       media type to point to this document (instead of to RFC 3798).

   2.  The registries specified here already exist; this section updates
       their documentation.  IANA has changed the reference document for
       the three Message Disposition Notification Parameters registries
       to point to this document (instead of to RFC 3798).

Top      Up      ToC       Page 32 
   This document specifies three types of parameters that must be
   registered with the Internet Assigned Numbers Authority (IANA).  All
   of them use the "Specification Required" IANA registration policy
   [RFC5226].

   The forms below are for use when registering a new disposition-
   notification-parameter name for the Disposition-Notification-Options
   header field, a new disposition modifier name, or a new MDN extension
   field.  Each piece of information required by a registration form may
   be satisfied either by providing the information on the form itself
   or by including a reference to a published and publicly available
   specification that includes the necessary information.  IANA MAY
   reject registrations because of incomplete registration forms or
   incomplete specifications.

   To register, complete the following applicable form and send it via
   electronic mail to <IANA@IANA.ORG>.

10.1.  Disposition-Notification-Options Header Field
       disposition-notification-parameter Names

   A registration for a Disposition-Notification-Options header field
   disposition-notification-parameter name MUST include the following
   information:

   a.  The proposed disposition-notification-parameter name.

   b.  The syntax for disposition-notification-parameter values,
       specified using BNF, ABNF, regular expressions, or other
       non-ambiguous language.

   c.  If disposition-notification-parameter values are not composed
       entirely of graphic characters from the US-ASCII repertoire, a
       specification for how they are to be encoded as graphic US-ASCII
       characters in a Disposition-Notification-Options header field.

   d.  A reference to a permanent and readily available public
       specification that describes the semantics of the disposition-
       notification-parameter values.

Top      Up      ToC       Page 33 
10.2.  Disposition Modifier Names

   A registration for a disposition-modifier name (used in the
   Disposition field of a message/disposition-notification) MUST include
   the following information:

   a.  The proposed disposition-modifier name.

   b.  A reference to a permanent and readily available public
       specification that describes the semantics of the disposition
       modifier.

10.3.  MDN Extension Field Names

   A registration for an MDN extension-field name MUST include the
   following information:

   a.  The proposed extension field name.

   b.  The syntax for extension values, specified using BNF, ABNF,
       regular expressions, or other non-ambiguous language.

   c.  If extension-field values are not composed entirely of graphic
       characters from the US-ASCII repertoire, a specification for how
       they are to be encoded as graphic US-ASCII characters in a
       Disposition-Notification-Options header field.

   d.  A reference to a permanent and readily available public
       specification that describes the semantics of the extension
       field.

11.  References

11.1.  Normative References

   [RFC5321]  Klensin, J., "Simple Mail Transfer Protocol", RFC 5321,
              DOI 10.17487/RFC5321, October 2008,
              <http://www.rfc-editor.org/info/rfc5321>.

   [RFC5322]  Resnick, P., Ed., "Internet Message Format", RFC 5322,
              DOI 10.17487/RFC5322, October 2008,
              <http://www.rfc-editor.org/info/rfc5322>.

   [RFC2045]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
              Extensions (MIME) Part One: Format of Internet Message
              Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996,
              <http://www.rfc-editor.org/info/rfc2045>.

Top      Up      ToC       Page 34 
   [RFC2046]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
              Extensions (MIME) Part Two: Media Types", RFC 2046,
              DOI 10.17487/RFC2046, November 1996,
              <http://www.rfc-editor.org/info/rfc2046>.

   [RFC2047]  Moore, K., "MIME (Multipurpose Internet Mail Extensions)
              Part Three: Message Header Extensions for Non-ASCII Text",
              RFC 2047, DOI 10.17487/RFC2047, November 1996,
              <http://www.rfc-editor.org/info/rfc2047>.

   [RFC6522]  Kucherawy, M., Ed., "The Multipart/Report Media Type for
              the Reporting of Mail System Administrative Messages",
              STD 73, RFC 6522, DOI 10.17487/RFC6522, January 2012,
              <http://www.rfc-editor.org/info/rfc6522>.

   [RFC3461]  Moore, K., "Simple Mail Transfer Protocol (SMTP) Service
              Extension for Delivery Status Notifications (DSNs)",
              RFC 3461, DOI 10.17487/RFC3461, January 2003,
              <http://www.rfc-editor.org/info/rfc3461>.

   [RFC3464]  Moore, K. and G. Vaudreuil, "An Extensible Message Format
              for Delivery Status Notifications", RFC 3464,
              DOI 10.17487/RFC3464, January 2003,
              <http://www.rfc-editor.org/info/rfc3464>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC3503]  Melnikov, A., "Message Disposition Notification (MDN)
              profile for Internet Message Access Protocol (IMAP)",
              RFC 3503, DOI 10.17487/RFC3503, March 2003,
              <http://www.rfc-editor.org/info/rfc3503>.

11.2.  Informative References

   [RFC2634]  Hoffman, P., Ed., "Enhanced Security Services for S/MIME",
              RFC 2634, DOI 10.17487/RFC2634, June 1999,
              <http://www.rfc-editor.org/info/rfc2634>.

   [RFC3249]  Cancio, V., Moldovan, M., Tamura, H., and D. Wing,
              "Implementers Guide for Facsimile Using Internet Mail",
              RFC 3249, DOI 10.17487/RFC3249, September 2002,
              <http://www.rfc-editor.org/info/rfc3249>.

Top      Up      ToC       Page 35 
   [RFC3501]  Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION
              4rev1", RFC 3501, DOI 10.17487/RFC3501, March 2003,
              <http://www.rfc-editor.org/info/rfc3501>.

   [RFC3801]  Vaudreuil, G. and G. Parsons, "Voice Profile for Internet
              Mail - version 2 (VPIMv2)", RFC 3801,
              DOI 10.17487/RFC3801, June 2004,
              <http://www.rfc-editor.org/info/rfc3801>.

   [RFC5233]  Murchison, K., "Sieve Email Filtering: Subaddress
              Extension", RFC 5233, DOI 10.17487/RFC5233, January 2008,
              <http://www.rfc-editor.org/info/rfc5233>.

   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
              DOI 10.17487/RFC5226, May 2008,
              <http://www.rfc-editor.org/info/rfc5226>.

   [RFC5429]  Stone, A., Ed., "Sieve Email Filtering: Reject and
              Extended Reject Extensions", RFC 5429,
              DOI 10.17487/RFC5429, March 2009,
              <http://www.rfc-editor.org/info/rfc5429>.

   [RFC5598]  Crocker, D., "Internet Mail Architecture", RFC 5598,
              DOI 10.17487/RFC5598, July 2009,
              <http://www.rfc-editor.org/info/rfc5598>.

   [RFC6533]  Hansen, T., Ed., Newman, C., and A. Melnikov,
              "Internationalized Delivery Status and Disposition
              Notifications", RFC 6533, DOI 10.17487/RFC6533, February
              2012, <http://www.rfc-editor.org/info/rfc6533>.

   [X.400]    International Telecommunications Union, "Message handling
              system and service overview", ITU-T Recommendation
              F.400/X.400, June 1999.

Top      Up      ToC       Page 36 
Appendix A.  Changes from RFC 3798

   Changed IANA registration for different subregistries to
   "Specification Required" to match what is already used by IANA.

   Updated IANA registration template for message/disposition-
   notification.

   "X-" fields no longer reserved for experimental use and can now be
   registered in compliance with RFC 6648.

   Fixed the default MTA-name-type used in "MDN-Gateway" to be "dns".

   Strengthen requirements on obtaining user consent in order to protect
   user privacy.

   Removed discussion of using source routes with MDNs, as source route
   is a deprecated Email feature.

   The values of "dispatched" and "processed" were lost from the ABNF
   for "disposition-type".  (Erratum #691)

   Because the warning disposition modifier was previously removed, the
   warning-field has also been removed.  (Erratum #692)

   Because the failed disposition type was previously removed, the
   failure-field has also been removed.

   The ABNF for ua-name and ua-product included a semi-colon, which
   could not be distinguished from *text in the production.  The ua-name
   was restricted to not include semi-colon.  Semi-colon can still
   appear in the ua-product.

   Removed recommendation to include the MUA DNS host name in the
   "Reporting-UA" MDN field.

   The ABNF did not indicate all places that whitespace was allowable,
   in particular folding whitespace, although all implementations allow
   whitespace and folding in the header fields just like any other
   header field formatted as described in RFC-MSGFMT [RFC5322].  There
   were also a number of places in the ABNF that inconsistently
   permitted comments and whitespace in one leg of the production and
   not another.  The ABNF now specifies FWS and CFWS in several places
   that should have already been specified by the grammar.

   Extension-field was defined in the collected grammar but not in the
   main text.

Top      Up      ToC       Page 37 
   The comparison of mailboxes in Disposition-Notification-To to the
   Return-Path addr-spec was clarified.

   The use of the grammar production "parameter" was confusing with the
   RFC 2045 [RFC2045] production of the same name, as well as other uses
   of the same term.  These have been clarified.

   A clarification was added on the extent of the 7bit nature of MDNs.

   Uses of the terms "may" and "might" were clarified.

   A clarification was added on the order of the fields in the message/
   disposition-notification content.

Acknowledgements

   The contributions of Bruce Lilly, Alfred Hoenes, Barry Leiba, Ben
   Campbell, Pete Resnick, Donald Eastlake, and Alissa Cooper are
   gratefully acknowledged for this revision.

   The contributions of Roger Fajman and Greg Vaudreuil to earlier draft
   versions of this document are also gratefully acknowledged.

Authors' Addresses

   Tony Hansen (editor)
   AT&T Laboratories
   200 Laurel Ave. South
   Middletown, NJ  07748
   United States of America

   Email: tony@att.com


   Alexey Melnikov (editor)
   Isode Ltd
   14 Castle Mews
   Hampton, Middlesex  TW12 2NP
   United Kingdom

   Email: Alexey.Melnikov@isode.com