Ian Eiloart wrote:
I think the reason that backscatter isn't subject to any RFC is that the real problem is the lack of authentication and accountability for return-paths in the original messages. Bouncing would be fine if you know that the email really came from the owner of the return-path.
That's what SPF and DKIM are intended to help with. There's friction in their adoption because certain features of email (notably mail forwarding, but also some others) have no regard for these features.
So far, so good.
Until no email service provider accepts message submissions outside of their own domains, all email providers offer message submission on port 587, all message submissions are autheticated, and mail forwarders accept responsibility for the email that they forward, it's not safe to bounce email.
This, however, is simply untrue. Of course what you said is desirable, but SPF can help with safely bouncing e-mail _today_. SPF may sometimes give an unexpected "Fail" result due to alias-style forwarding or other problematic cases, but when it gives a "Pass" result, it is always safe, i.e., the return path can be assumed to be authentic and bounces may be sent.