Email Encyclopedia: What is DSN (Delivery Status Notification)
Table of Contents
In electronic mail communication, DSN (Delivery Status Notification) is a standard mechanism used to report the delivery status of emails. When an email encounters issues during transmission (such as inability to deliver, delay, successful delivery, etc.), the mail server generates a DSN message to provide relevant status information to the sender or a designated recipient.
DSN is also known as Delivery Status Notification message, defined according to standards such as RFC 3464 (“An Extensible Message Format for Delivery Status Notifications”) and RFC 1894 (which defined the format of DSN). It provides a structured way to describe various status information during email transmission.
Basic Functions of DSN #
The main function of DSN is to provide feedback to the sender about the delivery status of their sent emails. It helps senders understand whether emails were successfully delivered, bounced, delayed, and the specific reasons for failure. DSN typically includes the following information:
- Mail Transmission Status: Such as success, failure, delay, etc.
- Reason Code: Standardized error codes to identify the type of problem.
- Target Recipient Address: The destination address of the original email.
- Original Message Identifier: Such as message ID.
- Human-Readable Description: A brief explanation of the error reason.
Structure of DSN #
According to RFC 3464 and RFC 1894, DSN typically consists of the following parts:
1. Envelope Information #
This part contains metadata of the original email, such as sender address, recipient address, message ID, etc.
2. Delivery Status Fields #
This is the core part of DSN, including the following fields:
- Final-Recipient: The final recipient address.
- Original-Recipient: The original recipient address (optional).
- Action: Describes the handling action of the email (such as failed, delayed, delivered, relayed, etc.).
- Status: A 3-digit status code indicating the status of the email.
- Diagnostic-Code: Diagnostic information, usually specific error information related to the mail server.
- Last-Attempt-Date: The time of the last delivery attempt.
- Arrival-Date: The time when the email arrived at the current mail server (optional).
- Reporting-MTA: The identifier of the Mail Transfer Agent (MTA) that issued the DSN.
3. Original Message Content (Optional) #
In some cases, DSN may include header information or partial content of the original email for the sender’s reference.
Usage Scenarios for DSN #
DSN is typically generated in the following situations:
1. Email Delivery Failure #
When an email cannot be delivered to the recipient, for example, if the recipient’s mailbox does not exist or the server refuses to receive it, the mail server generates a DSN with failure status.
2. Email Delivery Delay #
If the mail server temporarily cannot deliver an email (such as when the recipient’s mailbox is full or the server is temporarily unreachable), it may generate a DSN with delay status to notify the sender that the email is still in the delivery attempt process.
3. Successful Email Delivery #
In some configurations, mail servers may also generate DSN to confirm that an email has been successfully delivered to the recipient’s mailbox.
4. Partial Delivery in Multiple Recipient Cases #
When an email is sent to multiple recipients simultaneously, some recipients may successfully receive it while others may fail or be delayed. In this case, DSN generates status information for each recipient separately.
DSN Status Codes #
DSN uses standardized status codes to represent the delivery status of emails. These status codes are in three-digit numerical form, similar to HTTP status codes, but used for email transmission.
Common DSN status codes include:
- 2.0.0: Email has been successfully delivered.
- 4.0.0: Temporary issues, email is still being attempted for delivery.
- 5.0.0: Permanent issues, email cannot be delivered.
A more detailed classification is as follows:
-
First Digit: Indicates the overall status category
2: Success4: Delay (temporary failure)5: Failure (permanent failure)
-
Second Digit: Indicates the problem domain
0: Other (unclassified)1: Recipient address issues2: Mail server issues3: Email content issues4: Network or routing issues5: Authentication or security issues
-
Third Digit: Specific error type
For example:
5.1.1: Recipient mailbox does not exist.4.2.1: Recipient mailbox temporarily unavailable.5.7.1: Email rejected due to policy restrictions (such as anti-spam policies).
Differences Between DSN and MDN #
In email systems, apart from DSN, there is a similar mechanism called MDN (Message Disposition Notification), also known as Read Receipt.
The main differences between DSN and MDN are:
| Feature | DSN | MDN |
|---|---|---|
| Full Name | Delivery Status Notification | Message Disposition Notification |
| Function | Reports email delivery status (such as failure, delay) | Reports whether the email has been read or processed by the user |
| Trigger | Mail server | Recipient client |
| Automatically Sent | Yes | No (requires user authorization) |
| Can be Disabled | Yes | Yes |
| RFC Standard | RFC 3464, RFC 1894 | RFC 8098 |
Simply put, DSN is a server-level notification, while MDN is a client-level notification.
Security and Abuse Issues with DSN #
Although DSN provides useful email status feedback, it can also be misused for malicious purposes:
1. Reflection Attack (DSN Reflection Attack) #
Attackers may forge sender addresses to send emails, causing a large number of DSNs to be sent to innocent third-party mailboxes, resulting in spam flooding. This attack is known as a DSN reflection attack.
2. Email Verification Attack (Email Enumeration) #
Attackers can use DSN failure information to verify whether a target mailbox exists. For example, sending an email to an address, if a 5.1.1 error is received, it indicates that the mailbox does not exist; if there is no error, it may be valid. This technique is often used in the preparation stage of spam or phishing attacks.
3. Privacy Leakage #
Some DSNs may include headers or partial content of the original email, potentially leaking sensitive information.
Preventive Measures #
To prevent DSN from being misused, many mail servers have adopted the following measures:
- Prohibit sending DSNs to external domains.
- Do not send failure notifications to senders of unknown origin.
- Use anti-spam technology to filter suspicious emails.
- Apply rate limiting to DSNs.
Implementation and Configuration of DSN #
Most modern mail servers support DSN functionality, but their behavior can be adjusted according to server configurations. Common mail server software such as Postfix, Sendmail, Microsoft Exchange Server, etc., all support the generation and control of DSN.
DSN Configuration in Postfix #
In Postfix, DSN behavior can be controlled through the following parameters:
-
notify_classes: Decides under what circumstances to send DSN.- Optional values include:
bounce,delay,policy,protocol,resource,software, etc. - For example:
notify_classes = bounce delay
- Optional values include:
-
bounce_notice_recipient: Specifies which email address to send DSN to. -
delay_warning_time: Sets the time interval for delay warnings.
DSN Configuration in Microsoft Exchange Server #
In Exchange Server, DSN rules can be set through the Exchange Management Console or PowerShell command line, for example:
Set-TransportConfig -GenerateCopyOfDSNFor "admin@example.com"
DSN generation and sending can also be controlled through Transport Rules.
Practical Applications of DSN #
DSN is widely applied in the following scenarios:
1. Email Service Providers Monitoring Delivery Quality #
Email service providers (such as SendGrid, Amazon SES, Mailgun, etc.) use DSN to monitor the delivery status of emails, optimize delivery strategies, and report delivery status to clients.
2. Enterprise Internal Email System Maintenance #
Enterprise email administrators can analyze the reasons for email delivery failures through DSN, troubleshoot configuration errors or network issues, and improve internal communication efficiency.
3. User Email Troubleshooting #
When ordinary users encounter issues with email delivery, they can preliminarily judge the problem by checking the status codes and diagnostic information in DSN, and take corresponding measures (such as checking the spelling of the email address, contacting the recipient, etc.).
Summary #
DSN (Delivery Status Notification) is an important mechanism in email systems for reporting email delivery status. It provides information about email delivery success, failure, delay, etc., through a structured format, helping senders understand problems during email transmission. Although DSN brings convenience, there is also a risk of misuse, so reasonable configuration and security protection are needed in actual deployment.
With the development of email technology, DSN is also continuously evolving and may combine with more advanced email feedback mechanisms (such as Feedback Loop, DMARC reports) in the future to further enhance the transparency and security of email systems.
References #
- RFC 3464: An Extensible Message Format for Delivery Status Notifications
- RFC 1894: An Extensible Message Format for Delivery Status Notifications
- RFC 8098: Message Disposition Notification
- Postfix Documentation: http://www.postfix.org/documentation.html
- Microsoft Exchange Server Documentation: https://docs.microsoft.com/en-us/exchange/
- Email Security Best Practices: https://www.cisco.com/c/en/us/solutions/enterprise-networks/email-security-solution/best-practices.html