Network Working Group                                          T. Hansen
Request for Comments: 3888                             AT&T Laboratories
Category: Informational                                   September 2004
                Message Tracking Model and Requirements

Status of this Memo


This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.


Copyright Notice


Copyright (C) The Internet Society (2004).




Customers buying enterprise message systems often ask: Can I track the messages? Message tracking is the ability to find out the path that a particular message has taken through a messaging system and the current routing status of that message. This document provides a model of message tracking that can be used for understanding the Internet-wide message infrastructure and to further enhance those capabilities to include message tracking, as well as requirements for proposed message tracking solutions.


1. Problem Statement

Consider sending a package through a package delivery company. Once you've sent a package, you would like to be able to find out if the package has been delivered or not, and if not, where that package currently is and what its status is. Note that the status of a package may not include whether it was delivered to its addressee, but just the destination. Many package carriers provide such services today, often via a web interface.


Message tracking extends that capability to the Internet-wide message infrastructure, analogous to the service provided by package carriers: the ability to quickly locate where a message (package) is, and to determine whether or not the message (package) has been delivered to its final destination. An Internet-standard approach will allow the development of message tracking applications that can operate in a multi-vendor messaging environment, and will encourage the operation of the function across administrative boundaries.


The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [RFC-KEYWORDS].

この文書のキーワード "MUST"、 "MUST NOT"、 "REQUIRED"、、、、 "べきではない" "べきである" "ないもの" "ものとし"、 "推奨"、 "MAY"、および "OPTIONAL" はありますBCP 14、RFC 2119 [RFC-KEYWORDS]に記載されているように解釈されます。

2. Definitions

The following terms are relevant to message tracking. The terms Tracking User Agent and Tracking Server are new, while all other terms have been collected here from other sources.


Originating Mail User Agent (MUA) The originating mail user agent is the software used to compose and originate a message. It is the software sitting on a person's desktop.


Originating Mail Submission Agent (MSA) The Mail Submission Agent accepts a message from a User Agent, adds or modifies it as required for Internet standards and/or site policy, and injects the message into the network. The MSA may be the initial MTA or may hand off the message to an MTA.

メール発信エージェント(MSA)を発信メール発信エージェントはユーザーエージェントからのメッセージを受け付け、追加または変更し、それをインターネット標準および/またはサイトポリシーのために必要とされ、ネットワークにメッセージを注入します。 MSAは、初期MTAであってもよく、またはMTAへメッセージをハンドオフすることができます。

Message Transfer Agent (MTA) A Message Transfer Agent accepts a message and moves it forward towards its destination. That destination may be local or reached via another MTA. It may use a local queue to store the message before transferring it further. Any MTA may generate a Non-Delivery Notification.


Intermediate Message Transfer Agent (MTA) An Intermediate MTA is an MTA that accepts a message for transfer somewhere else.


Final Message Transfer Agent (MTA) A Final MTA is an MTA that accepts a message for local delivery. It is the final place that a message is accepted. The final MTA is what sends any Delivery Status Notifications (DSNs). (Intermediate MTA's may also send a DSN if it relays to a non-DSN aware MTA.)

最終的なメッセージ転送エージェント(MTA)、最終的なMTAは、ローカル配信のためにメッセージを受け入れMTAです。これは、メッセージが受け入れられ、最終的な場所です。最後のMTAは、任意の配信状態通知(DSN)を送信するものです。 (それが非DSN意識MTAにリレーする場合、中間MTAのもDSNを送信することができます。)

Foreign Message Transfer Agent A foreign MTA provides delivery of messages using other protocols than those specified for Internet mail, such as an X.400 mail system.


Gateway Message Transfer Agent (GW-MTA) A gateway MTA accepts a message for transfer to a foreign MTA outside of the Internet protocol space.


Local Delivery Agent (LDA) The local Delivery Agent delivers the message to the local message store. (The MTA and LDA are often combined into the same program.)

ローカル配信エージェント(LDA)ローカル配送エージェントは、ローカルメッセージストアにメッセージを配信します。 (MTAおよびLDAはしばしば同じプログラムに統合されています。)

Delivery Status Notification (DSN) A Delivery Status Notification [RFC-DSN] is produced by an MTA when a message is unsuccessfully delivered, either to its next hop or the final message store, or when it is successfully delivered, either to a foreign MTA, to a local delivery agent, or a non-DSN aware MTA. Positive notifications are only performed [RFC-ESMTP-DSN] when specifically requested.

メッセージが失敗した配信されたときに配信状態通知(DSN)配信状態通知[RFC-DSN]は、MTAによって生成され、その次のホップまたは最終メッセージストア、またはそれが正常に配信されたときに、いずれかの外国のMTAへのいずれか、ローカル配送エージェント、または非DSN意識MTAへ。正の通知にのみ実行されている[RFC-ESMTP - DSN]具体的に要求されたとき。

Non-Delivery Notification (NDN) A non-delivery notification is a special form of DSN indicating unsuccessful delivery.


Message Disposition Notification (MDN) A Message Disposition Notification is used to report the disposition of a message after it has been successfully delivered to a recipient.


Tracking User Agent (TUA) A tracking user agent wants to find information on a message on the behalf of a user. It is the requestor or initiator of such a request. (The MUA and TUA could be combined into the same program.)

追跡ユーザエージェント(TUA)追跡ユーザエージェントは、ユーザーの代わりにメッセージに関する情報を見つけたいです。それはそのような要求の要求元または開始剤です。 (MUAとTUAは、同じプログラムに組み合わせることができます。)

Tracking Server A tracking server provides tracking information to a tracking client. It is the repository of the information about a message for the traversal through a particular MTA. (The tracking server and MTA may run on the same system.)

サーバーを追跡する追跡サーバは、トラッキングクライアントに追跡情報を提供します。これは、特定のMTAを介して横断するためのメッセージに関する情報のリポジトリです。 (追跡サーバとMTAは、同じシステム上で実行してもよいです。)

3. Entities

The entities involved in message tracking are: message user agents, message submission agents, message transfer agents, tracking user agents and tracking servers.


4. Requirements

These are requirements that any message tracking solution must be able to satisfy:


The message tracking solution:


** MUST scale to the internet.


** MUST be easy to deploy.


** SHOULD maximize the reuse of existing, already deployed technology and infrastructure.


** If possible, SHOULD extend existing protocols and not invent new ones.


** SHOULD have a low implementation cost. (This makes it easy to incorporate into existing products.)

**低実装コストを持つべきである(SHOULD)。 (これは、既存の製品に組み込むことが容易になります。)

** MUST restrict tracking of a message to the originator of the message (or a delegate).


** MUST be able to do authentication.


** MAY allow an originator to delegate this responsibility to a third party.


** SHOULD have the property that they would allow per-message delegation of the tracking responsibility.


** MUST require a tracking user agent to prove that they are permitted to request the tracking information.


** MUST be able to uniquely identify messages.


** MUST require every message to have unique identification.


5. Interaction Models

There are several models by which tracking of messages can be enabled, by which messages can be tracked, and by which information can be requested and gathered.


5.1. Tracking Enabling Models
5.1. トラッキングを有効モデル

Either the envelope or message header must contain enough information to track a message and securely retrieve information about the message. Any message that does not have enough information to track it is by definition not trackable.


If there is not enough information available in current standard envelopes or message headers, then the current standards will need to be extended. Either the MUA or MSA must determine the additional information and enable the tracking by adding the additional information to either the envelope or header.

現在の標準的な封筒やメッセージヘッダで利用可能な十分な情報がない場合は、現在の規格を拡張する必要があります。 MUAまたはMSAのいずれかが追加の情報を決定し、封筒またはヘッダのどちらかに付加情報を追加することによってトラッキングを有効にする必要があります。

This leads to two tracking enabling models: passive enabling and active enabling.


5.1.1. Passive Enabling Model
5.1.1. パッシブ有効にするモデル

The "passive enabling" model assumes that there is sufficient information available. No UA or MSA interaction occurs to turn tracking on; it is on by default.


5.1.2. Active Enabling Model
5.1.2. アクティブ有効モデル

The "active enabling" model requires that the MUA and MSA exchange information when the message is submitted. This exchange indicates that logging of the message's traversal should be performed, as well as providing enough additional information to allow the message to be tracked. This information will need to be passed on to subsequent MTAs as needed.


5.2. Tracking Request Models
5.2. 要求モデルを追跡

There are several models by which tracking information may be requested.


5.2.1. Passive Request Model
5.2.1. パッシブ要求のモデル

The "passive request" model requires active enabling to indicate that some form of tracking is to be performed. The tracking information can be sent back immediately (as a form of telemetry) or sent to a 3rd party for later retrieval.


5.2.2. Passive Request Tracking Information
5.2.2. パッシブ要求追跡情報

Forms of passive tracking information that could potentially be requested are as follows. Note that mechanisms already exist for requesting the information marked with a (+). The references for such mechanisms are listed at the end of each such entry.


** send a DSN of a message arriving at an intermediate MTA


** (+) send a DSN of a message being rejected while at an intermediate MTA [RFC-DSN]

**(+)中間体MTA [RFC-DSN]でながら、拒絶されるメッセージのDSNを送信します

** (+) send a DSN of a message leaving an intermediate MTA and going to another MTA [RFC-DELIVER-BY]

**(+)は、別のMTA [RFC-DELIVER-BY]中間MTAを出て行くメッセージのDSNを送信します

** send a DSN of a message arriving at a final MTA


** (+) send a DSN of a message being rejected while at a final MTA [RFC-DSN]

**(+)最終MTA [RFC-DSN]でながら、拒絶されるメッセージのDSNを送信します

** (+) send a DSN of a message being delivered to a user's message store [RFC-DSN]


** (+) send a DSN of a message being delivered to a foreign MTA [RFC-DSN]

**(+)外国MTA [RFC-DSN]に配信されるメッセージのDSNを送信します

** (+) send an MDN of a message being read by an end user [RFC-MDN]


5.3. Active Request Model
5.3. アクティブなリクエストモデル

The "active request" model requires an active query by a user's user agent to the MSA, intermediate MTAs and final MTA, or to a third party, to find the message's status as known by that MTA. Active request will work with either passive enabling or active enabling.


5.3.1. Server Chaining vs. Server Referrals
5.3.1. サーバー紹介対サーバー・チェーン

When a tracking server has been asked for tracking information, and the message has been passed on to another MTA of which this tracking server has no tracking knowledge, there are two modelling choices:


** the first tracking server will contact the next tracking server to query for status and pass back the combined status (server chaining), or


** the first tracking server will return the address of the next MTA and the tracking client has the responsibility of contacting the next tracking server (server referrals).


5.3.2. Active Request Tracking Information
5.3.2. アクティブなリクエスト追跡情報

Forms of active tracking information that could potentially be requested are as follows. (Note that no mechanisms currently exist for requesting such information.)

次のように潜在的に要求することができる活性なトラッキング情報の形態です。 (いかなるメカニズムは、現在、このような情報を要求するために存在しないことに注意してください。)

** the message has been queued for later delivery


** the message was delivered locally


** the message was delivered to another MTA,


** the message was delivered to a foreign MTA


** ask a different tracking server,


** I know but can't tell you,


** I don't know.

** 知りません。

5.4. Combining DSN and MDN Information with Message Tracking Information

5.4. メッセージ追跡情報でDSNおよびMDN情報を組み合わせます

The information that would be retrieved by message tracking and the information that is returned for DSN and MDN requests all attempt to answer the question of "what happened to message XX"? The information provided by each is complimentary in nature, but similar. A tracking user agent could use all three possible information sources to present a total view of the status of a message.


Both DSN and MDN notifications utilize the formats defined by RFC 3462 [RFC-REPORT]. This suggests that the information returned by message tracking solutions should also be similar.

両方のDSNとMDN通知は、RFC 3462 [RFC-REPORT]によって定義されるフォーマットを利用します。これは、メッセージ追跡ソリューションによって返された情報も同様であることを示唆しています。

6. Security Considerations
6.1. Security Considerations Summary
6.1. セキュリティの考慮事項の概要

Security vulnerabilities are detailed in [RFC-MTRK-ESMTP], [RFC-MTRK-TSN] and [RFC-MTRK-MTQP]. These considerations include:


** vulnerability to snooping or replay attacks when using unencrypted sessions


** a dependency on the randomness of the per-message secret


** reliance on TLS

** TLSへの依存

** man-in-the-middle attacks

** man-in-the-middle攻撃

** reliance on the server maintaining the security level when it performs chaining


** denial of service

** サービス拒否

** confidentiality concerns


** forgery by malicious servers


6.2. Message Identification and Authentication
6.2. メッセージ識別と認証

This is a security model for message identification and authentication that could be deployed. (There may be others.)

これは、展開することができ、メッセージの識別と認証のためのセキュリティモデルです。 (他の人があるかもしれません。)

A Tracking User Agent must prove that they are permitted to request tracking information about a message. Every [RFC-822]-compliant message is supposed to contain a Message-Id header. One possible mechanism is for the originator to calculate a one-way hash A from the message ID + time stamp + a per-user secret. The user then calculates another one-way hash B to be the hash of A. The user includes B in the submitted message, and retains A. Later, when the user makes a message tracking request to the messaging system or tracking entity, it submits A in the tracking request. The entity receiving the tracking request then uses A to calculate B, since it was already provided B, verifying that the requestor is authentic. In summary,

追跡ユーザエージェントは、それらがメッセージに関する追跡情報を要求することが許可されていることを証明しなければなりません。すべて[RFC-822]準拠メッセージは、メッセージIDヘッダーを含むことになっています。発信者がメッセージID +タイムスタンプ+ユーザごとの秘密から一方向ハッシュAを計算するための一つの可能​​なメカニズムがあります。ユーザは、ユーザが送信メッセージにBを含むAのハッシュであることが別の一方向ハッシュBを算出し、ユーザがメッセージング・システムやトラッキングエンティティに要求メッセージ追跡を行うと、後でA.を保持し、それが提出します追跡要求でA。既にリクエスタが真正であることを確認し、Bを設けたので、追跡要求を受信エンティティは、次いで、Bを計算するために使用します。要約すれば、

A = H(message ID + time stamp + secret)

A = H(メッセージID +タイムスタンプ+シークレット)

B = H(A)

B = H(A)

Another possible mechanism for A is to ignore the message ID and time stamp and just use a one-way hash from a large (>128 bits) random number. B would be calculated as before. In summary,

Aのための別の可能な機構は、乱数をメッセージIDとタイムスタンプを無視しだけ大きい(> 128ビット)から一方向ハッシュを使用することです。 Bは、以前のように計算されます。要約すれば、

A = H(large-random-number)

A = H(大乱数)

B = H(A)

B = H(A)

This is similar in technique to the methods used for One-Time Passwords [RFC-OTP]. The success of these techniques is dependent on the randomness of the per-user secret or the large random number, which can be incredibly difficult in some environments.


If the originator of a message were to delegate his or her tracking request to a third party by sending it A, this would be vulnerable to snooping over unencrypted sessions. The user can decide on a message-by-message basis if this risk is acceptable.


7. Informational References

[RFC-822] Crocker, D., "Standard for the format of ARPA Internet text messages", STD 11, RFC 822, August 1982.

[RFC-822]クロッカー、D.、 "ARPAインターネットテキストメッセージの形式の規格"、STD 11、RFC 822、1982年8月。

[RFC-DELIVER-BY] Newman, D., "Deliver By SMTP Service Extension", RFC 2852, June 2000.

[RFC-DELIVER-BY]ニューマン、D.、RFC 2852、2000年6月 "SMTPサービス拡張により、お届け"。

[RFC-DSN] Moore, K., and G. Vaudreuil, "An Extensible Message Format for Delivery Status Notifications", RFC 3464, January 2003.

[RFC-DSN]ムーア、K.、およびG.ボードルイ、 "配送状態通知のための広げることができるメッセージフォーマット"、RFC 3464、2003年1月。

[RFC-ESMTP-DSN] Moore, K., "Simple Mail Transfer Protocol (SMTP) Service Extension for Delivery Status Notifications (DSNs)", RFC 3461, January 2003.

[RFC-ESMTP - DSN]ムーア、K.、 "配信状態通知のための簡易メール転送プロトコル(SMTP)サービス拡張(DSNの)"、RFC 3461、2003年1月。

[RFC-KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC-キーワード]ブラドナーの、S.、 "要件レベルを示すためにRFCsにおける使用のためのキーワード"、BCP 14、RFC 2119、1997年3月。

[RFC-MDN] Hansen, T. and G. Vaudreuil, Eds., "Message Disposition Notifications", RFC 3798, May 2004.

[RFC-MDN]ハンセン、T.およびG.ボードルイ、編、 "メッセージ処分通知"、RFC 3798、2004年5月。

[RFC-OTP] Haller, N., Metz, C., Nesser, P. and M. Straw, "A One-Time Password System", STD 61, RFC 2289, February 1998.

[RFC-OTP]ハラー、N.、メス、C.、Nesser、P.とM.わら、 "ワンタイムパスワードシステム"、STD 61、RFC 2289、1998年2月。

[RFC-REPORT] Vaudreuil, G., "The Multipart/Report Content Type for the Reporting of Mail System Administrative Messages", RFC 3462, January 2003.

[RFC-REPORT]ヴォードルイユ、G.、RFC 3462、2003年1月、 "メールシステムの管理メッセージの報告のための複合/レポートのコンテンツタイプ"。

[RFC-MTRK-ESMTP] Allman, E. and T. Hansen, "SMTP Service Extension for Message Tracking", RFC 3885, September 2004.

[RFC-MTRK-ESMTP]オールマン、E.とT.ハンセン、 "メッセージ追跡のためのSMTPサービス拡張"、RFC 3885、2004年9月。

[RFC-MTRK-TSN] Allman, E., "The Message/Tracking-Status MIME Extension", RFC 3886, September 2004.

[RFC-MTRK-TSN]オールマン、E.、 "メッセージ/トラッキングステータスMIME拡張"、RFC 3886、2004年9月。

[RFC-MTRK-MTQP] Hansen, T., "Message Tracking Query Protocol", RFC 3887, September 2004.

[RFC-MTRK-MTQP]ハンセン、T.、 "メッセージ追跡照会プロトコル"、RFC 3887、2004年9月。

8. Acknowledgements

This document is the product of input from many people and many sources, including all of the members of the Message Tracking Working Group: Philip Hazel, Alexey Melnikov, Lyndon Nerenberg, Chris Newman, and Gregory Neil Shapiro. It owes much to earlier work by Gordon Jones, Bruce Ernst, and Greg Vaudreuil. In particular, I'd like to also thank Ken Lin for his considerable contributions to the early versions of the document.


9. Author's Address

Tony Hansen AT&T Laboratories Middletown, NJ 07748 USA

トニー・ハンセンAT&T研究所ミドルタウン、NJ 07748 USA

Phone: +1.732.420.8934 EMail:


10. Full Copyright Statement

Copyright (C) The Internet Society (2004).


This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

この文書では、BCP 78に含まれる権利と許可と制限の適用を受けており、その中の記載を除いて、作者は彼らのすべての権利を保有します。


この文書とここに含まれている情報は、基礎とHEが表すCONTRIBUTOR、ORGANIZATION HE / S OR(もしあれば)後援されており、インターネットソサエティおよびインターネット・エンジニアリング・タスク・フォース放棄すべての保証、明示、「そのまま」で提供されていますOR情報の利用は、特定の目的に対する権利または商品性または適合性の黙示の保証を侵害しない任意の保証を含むがこれらに限定されないで、黙示。

Intellectual Property


The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the IETF's procedures with respect to rights in IETF Documents can be found in BCP 78 and BCP 79.

IETFは、本書またはそのような権限下で、ライセンスがたりないかもしれない程度に記載された技術の実装や使用に関係すると主張される可能性があります任意の知的財産権やその他の権利の有効性または範囲に関していかなる位置を取りません利用可能です。またそれは、それがどのような権利を確認する独自の取り組みを行ったことを示すものでもありません。 IETF文書の権利に関するIETFの手続きの情報は、BCP 78およびBCP 79に記載されています。

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at


The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at

IETFは、その注意にこの標準を実装するために必要とされる技術をカバーすることができる任意の著作権、特許または特許出願、またはその他の所有権を持ってすべての利害関係者を招待します。 ietf-ipr@ietf.orgのIETFに情報を記述してください。



Funding for the RFC Editor function is currently provided by the Internet Society.

RFC Editor機能のための基金は現在、インターネット協会によって提供されます。