Bounce Attack Validation fails for some Non-Delivery Reports (NDR's)

book

Article ID: 177652

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

After Bounce Attack Validation (BATV) is configured on Messaging Gateway (SMG), end users no longer recieve Delivery Status Notification (DSN) or Non-Delivery Report (NDRs messages.

Resolution

The sending mail server has altered the capitalization username portion of the email address, this violates RFC2821 and results in a failure when validating the BATV tag used to filter bounce attacks.


Technical Information
 

NDR's are sometimes also called Delivery Status Notifications (DNS's).

According to RFC documentation the mailbox local-part case MUST be respected:

RFC 2821

2.4 General Syntax Principles and Transaction Model

SMTP commands and replies have a rigid syntax. All commands begin
with a command verb. All Replies begin with a three digit numeric
code. In some commands and replies, arguments MUST follow the verb
or reply code. Some commands do not accept arguments (after the
verb), and some reply codes are followed, sometimes optionally, by
free form text. In both cases, where text appears, it is separated
from the verb or reply code by a space character. Complete
definitions of commands and replies appear in section 4.




Klensin Standards Track [Page 13]

RFC 2821 Simple Mail Transfer Protocol April 2001


Verbs and argument values (e.g., "TO:" or "to:" in the RCPT command
and extension name keywords) are not case sensitive, with the sole
exception in this specification of a mailbox local-part (SMTP
Extensions may explicitly specify case-sensitive elements). That is,
a command verb, an argument value other than a mailbox local-part,
and free form text MAY be encoded in upper case, lower case, or any
mixture of upper and lower case with no impact on its meaning. This
is NOT true of a mailbox local-part. The local-part of a mailbox
MUST BE treated as case sensitive. Therefore, SMTP implementations
MUST take care to preserve the case of mailbox local-parts.

RFC 821 mentions that as well.