{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,21]],"date-time":"2025-11-21T18:23:03Z","timestamp":1763749383156,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":70,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T00:00:00Z","timestamp":1730678400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,11,4]]},"DOI":"10.1145\/3646547.3688425","type":"proceedings-article","created":{"date-parts":[[2024,11,1]],"date-time":"2024-11-01T09:40:26Z","timestamp":1730454026000},"page":"659-673","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Bounce in the Wild: A Deep Dive into Email Delivery Failures from a Large Email Service Provider"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0729-9661","authenticated-orcid":false,"given":"Ruixuan","family":"Li","sequence":"first","affiliation":[{"name":"Tsinghua University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-9648-9811","authenticated-orcid":false,"given":"Shaodong","family":"Xiao","sequence":"additional","affiliation":[{"name":"Fuzhou University, Fuzhou, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9032-8063","authenticated-orcid":false,"given":"Baojun","family":"Liu","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-8730-9832","authenticated-orcid":false,"given":"Yanzhong","family":"Lin","sequence":"additional","affiliation":[{"name":"Coremail Technology Co. Ltd, Guangdong, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0083-733X","authenticated-orcid":false,"given":"Haixin","family":"Duan","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-2973-8049","authenticated-orcid":false,"given":"Qingfeng","family":"Pan","sequence":"additional","affiliation":[{"name":"Coremail Technology Co. Ltd, Guangdong, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7511-1117","authenticated-orcid":false,"given":"Jianjun","family":"Chen","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7896-3382","authenticated-orcid":false,"given":"Jia","family":"Zhang","sequence":"additional","affiliation":[{"name":"Tsinghua University, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4238-3295","authenticated-orcid":false,"given":"Ximeng","family":"Liu","sequence":"additional","affiliation":[{"name":"Fuzhou University, Fuzhou, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-9123-4740","authenticated-orcid":false,"given":"Xiuqi","family":"Lu","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8352-0973","authenticated-orcid":false,"given":"Jun","family":"Shao","sequence":"additional","affiliation":[{"name":"Zhejiang Gongshang University, Hangzhou, China"}]}],"member":"320","published-online":{"date-parts":[[2024,11,4]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"1979. The Belmont report: ethical principles and guidelines for the protection of human subjects of research. United States. National Commission for the Protection of Human Subjects of Biomedical and Behavioral Research. Department of Health Education and Welfare."},{"key":"e_1_3_2_1_2_1","unstructured":"2021. Federal Trade Commission. https:\/\/www.fcc.gov\/consumers\/guides\/broad band-speed-guide."},{"key":"e_1_3_2_1_3_1","unstructured":"2023. Fix NDR error 550 5.4.1 in Exchange Online. https:\/\/learn.microsoft.com\/enus\/ exchange\/troubleshoot\/email-delivery\/ndr\/fix-error-code-550-5-4-1-inexchange- online'source=recommendations."},{"key":"e_1_3_2_1_4_1","unstructured":"2023. Godaddy. Documentation: Domains API. https:\/\/developer.godaddy.com\/doc\/endpoint\/domains."},{"key":"e_1_3_2_1_5_1","unstructured":"2023. Greylisting.org. https:\/\/www.vpnreactor.com\/greylisting-org-acquistion\/."},{"key":"e_1_3_2_1_6_1","unstructured":"2023. have i been pwned? https:\/\/haveibeenpwned.com\/."},{"key":"e_1_3_2_1_7_1","unstructured":"2023. Inactive Google Account Policy. https:\/\/support.google.com\/accounts\/an swer\/12418290?hl=en."},{"key":"e_1_3_2_1_8_1","unstructured":"2023. Postmaster. https:\/\/sendersupport.olc.protection.outlook.com\/pm\/troubles hooting.aspx."},{"key":"e_1_3_2_1_9_1","unstructured":"2023. Recipient address rejected: Access denied. AS(201806281). https:\/\/answer s.microsoft.com\/zh-hant\/outlook_com\/forum\/all\/recipient-address-rejectedaccess-denied\/dc0e60b1-6072-473a-939a-edb6957e3cb0."},{"key":"e_1_3_2_1_10_1","unstructured":"2023. SBL Delisting Procedure. https:\/\/www.spamhaus.org\/sbl\/delistingproced ure\/."},{"key":"e_1_3_2_1_11_1","unstructured":"2023. SMTP Error Codes. https:\/\/senders.yahooinc.com\/smtp-error-codes\/."},{"key":"e_1_3_2_1_12_1","unstructured":"2023. Spamcop. https:\/\/www.spamcop.net\/."},{"key":"e_1_3_2_1_13_1","unstructured":"2023. Spamhaus. https:\/\/www.spamhaus.org\/."},{"key":"e_1_3_2_1_14_1","unstructured":"2023. Web Filter Lookup. https:\/\/www.fortiguard.com\/webfilter."},{"key":"e_1_3_2_1_15_1","unstructured":"2023. WHOIS History API. https:\/\/whois-history.whoisxmlapi.com\/api."},{"volume-title":"World Population Review. Internet Speeds by Country","year":"2023","key":"e_1_3_2_1_16_1","unstructured":"2023. World Population Review. Internet Speeds by Country 2023. https:\/\/worl dpopulationreview.com\/country-rankings\/internet-speeds-by-country."},{"key":"e_1_3_2_1_17_1","unstructured":"2024. BERT community. https:\/\/huggingface.co\/google-bert\/."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/1052812.1052822"},{"volume-title":"USENIX Annual Technical Conference. 281--294","author":"Agarwal S.","key":"e_1_3_2_1_19_1","unstructured":"S. Agarwal, V. Padmanabhan, and D. Joseph. 2007. Addressing Email Loss with SureMail: Measurement, Design, and Evaluation. In USENIX Annual Technical Conference. 281--294."},{"key":"e_1_3_2_1_20_1","volume-title":"Got Report: Measurement and Security Implications of DMARC Reporting. In USENIX Security. 4123--4137.","author":"Ashiq M.","year":"2023","unstructured":"M. Ashiq, W. Li, T. Fiebig, and T. Chung. 2023. You?ve Got Report: Measurement and Security Implications of DMARC Reporting. In USENIX Security. 4123--4137."},{"key":"e_1_3_2_1_21_1","volume-title":"Got Report: Measurement and Security Implications of DMARC Reporting. In USENIX. 4123--4137.","author":"Ashiq M.","year":"2023","unstructured":"M. Ashiq, W. Li, T. Fiebig, and T. Chung. 2023. You've Got Report: Measurement and Security Implications of DMARC Reporting. In USENIX. 4123--4137."},{"key":"e_1_3_2_1_22_1","unstructured":"B. Blechschmidt and B. Stock. 2023. Extended Hell(o): A Comprehensive Large-Scale Study on Email Confidentiality and Integrity Mechanisms in the Wild. In USENIX. 4895--4912."},{"key":"e_1_3_2_1_23_1","unstructured":"R. Clayton. 2007. Email traffic: a quantitative snapshot. In CEAS."},{"key":"e_1_3_2_1_24_1","unstructured":"Coremail. 2023. https:\/\/www.coremail.cn\/."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","unstructured":"D. Crocker T. Hansen and M. Kucherawy. 2011. DomainKeys Identified Mail (DKIM) Signatures. RFC 6376.","DOI":"10.17487\/rfc6376"},{"key":"e_1_3_2_1_26_1","volume-title":"Lazy Gatekeepers: A Large-Scale Study on SPF Configuration in the Wild. In IMC. ACM, 344--355.","author":"Czybik S.","year":"2023","unstructured":"S. Czybik, M. Horlboge, and K. Rieck. 2023. Lazy Gatekeepers: A Large-Scale Study on SPF Configuration in the Wild. In IMC. ACM, 344--355."},{"key":"e_1_3_2_1_27_1","unstructured":"dnstwist. 2023. https:\/\/github.com\/elceef\/dnstwist."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"crossref","unstructured":"Z. Durumeric D. Adrian A. Mirian J. Kasten E. Bursztein N. Lidzborski K. Thomas V. Eranti M. Bailey and J. Halderman. 2015. Neither Snow Nor Rain Nor MITM...: An Empirical Analysis of Email Delivery Security. In IMC. ACM 27--39.","DOI":"10.1145\/2815675.2815695"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"crossref","unstructured":"I. Foster J. Larson M. Masich A. Snoeren S. Savage and K. Levchenko. 2015. Security by Any Other Name: On the Effectiveness of Provider Based Email Security. In CCS. ACM 450--464.","DOI":"10.1145\/2810103.2813607"},{"key":"e_1_3_2_1_30_1","unstructured":"Gmail. 2021. Not receiving emails from Russian Domains that I work with. https:\/\/support.google.com\/mail\/thread\/113761181\/not-receiving-emails-fromrussian- domains-that-i-work-with?hl=en."},{"key":"e_1_3_2_1_31_1","unstructured":"Gmail. 2024. Email sender guidelines. https:\/\/support.google.com\/a\/answer\/8112 6."},{"key":"e_1_3_2_1_32_1","unstructured":"Evan Harris. 2003. The Next Step in the Spam Control War: Greylisting. http: \/\/projects.puremagic.com\/greylisting\/whitepaper.html."},{"key":"e_1_3_2_1_33_1","volume-title":"Drain: An Online Log Parsing Approach with Fixed Depth Tree","author":"He P.","year":"2017","unstructured":"P. He, J. Zhu, Z. Zheng, and M. Lyu. 2017. Drain: An Online Log Parsing Approach with Fixed Depth Tree. In ICWS. IEEE, 33--40."},{"key":"e_1_3_2_1_34_1","unstructured":"G. Ho A. Sharma M. Javed V. Paxson and D.Wagner. 2017. Detecting Credential Spearphishing in Enterprise Settings. In USENIX Security. 469--485."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"crossref","unstructured":"P. Hoffman. 2002. SMTP Service Extension for Secure SMTP over Transport Layer Security. RFC 3207.","DOI":"10.17487\/rfc3207"},{"key":"e_1_3_2_1_36_1","unstructured":"holehe. 2024. Holehe OSINT - Email to Registered Accounts. https:\/\/github.com \/megadose\/holehe."},{"key":"e_1_3_2_1_37_1","volume-title":"Simple: Email Delivery in the 21st Century","author":"Holzbauer F.","year":"2022","unstructured":"F. Holzbauer, J. Ullrich, M. Lindorfer, and T. Fiebig. 2022. Not that Simple: Email Delivery in the 21st Century. In USENIX ATC. USENIX Association, 295--308."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"crossref","unstructured":"Y. Hu H. Wang R. He L. Li G. Tyson I. Castro Y. Guo L. Wu and G. Xu. 2020. Mobile App Squatting. In WWW. ACM \/ IW3C2 1727--1738.","DOI":"10.1145\/3366423.3380243"},{"key":"e_1_3_2_1_39_1","unstructured":"ip api. 2023. IP Geolocation API. https:\/\/ip-api.com\/."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"crossref","unstructured":"J. Isacenkova and D. Balzarotti. 2011. Measurement and evaluation of a real world deployment of a challenge-response spam filter. In IMC. ACM 413--426.","DOI":"10.1145\/2068816.2068855"},{"key":"e_1_3_2_1_41_1","unstructured":"E. Kenneally and D. Dittrich. 2012. The Belmont report: ethical principles and guidelines for the protection of human subjects of research."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"crossref","unstructured":"S. Kitterman. 2014. Sender Policy Framework (SPF) for Authorizing Use of Domains in Email Version 1. RFC 7208.","DOI":"10.17487\/rfc7208"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"crossref","unstructured":"M. Kucherawy and E. Zwicky. 2015. Domain-based Message Authentication Reporting and Conformance (DMARC). RFC 7489.","DOI":"10.17487\/rfc7489"},{"key":"e_1_3_2_1_44_1","volume-title":"Organizations: Findings from a Large-Scale and Long-Term Study","author":"Lain D.","year":"2022","unstructured":"D. Lain, K. Kostiainen, and S. Capkun. 2022. Phishing in Organizations: Findings from a Large-Scale and Long-Term Study. In SP. IEEE, 842--859."},{"key":"e_1_3_2_1_45_1","unstructured":"H. Lee A. Gireesh R. Rijswijk-Deij T. Kwon and T. Chung. 2020. A Longitudinal and Comprehensive Study of the DANE Ecosystem in Email. In USENIX Security. 613--630."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"J. Levine. 2010. DNS Blacklists and Whitelists. RFC 5782.","DOI":"10.17487\/rfc5782"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2023.3246600"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"G. Lindberg. 1999. Anti-Spam Recommendations for SMTP MTAs. RFC 2505.","DOI":"10.17487\/rfc2505"},{"key":"e_1_3_2_1_49_1","unstructured":"G. Liu X. Gao H. Wang and K. Sun. 2022. Exploring the Unchartered Space of Container Registry Typosquatting. In USENIX. 35--51."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"crossref","unstructured":"G. Liu L. Jin S. Hao Y. Zhang D. Liu A. Stavrou and H. Wang. 2023. Dial \"N\" for NXDomain: The Scale Origin and Security Implications of DNS Queries to Non-Existent Domains. In IMC. ACM 198--212.","DOI":"10.1145\/3618257.3624805"},{"key":"e_1_3_2_1_51_1","unstructured":"Y. Liu Y. Jia Q. Tan Z. Liu and L. Xing. 2022. How Are Your Zombie Accounts? Understanding Users? Practices and Expectations on Mobile App Account Deletion. In USENIX Security. 863--880."},{"key":"e_1_3_2_1_52_1","unstructured":"Microsoft. 2022. My email sent to Gmail account is bounced back. https: \/\/answers.microsoft.com\/en-us\/outlook_com\/forum\/all\/my-email-sent-togmail- account-is-bounced-back\/e326204a-435b-4e17-87ac-d72810a0e013."},{"key":"e_1_3_2_1_53_1","unstructured":"The Hacker News. 2024. Key Lesson from Microsoft's Password Spray Hack: Secure Every Account. https:\/\/thehackernews.com\/2024\/03\/key-lesson-frommicrosofts-password.html."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"crossref","unstructured":"A. Pitsillidis C. Kanich G. M. Voelker K. Levchenko and S. Savage. 2012. Taster's choice: a comparative analysis of spam feeds. In IMC. ACM 427--440.","DOI":"10.1145\/2398776.2398821"},{"key":"e_1_3_2_1_55_1","volume-title":"STARTTLS: A Security Analysis of STARTTLS in the Email Context. In USENIX. 4365--4382.","author":"Poddebniak D.","year":"2021","unstructured":"D. Poddebniak, F. Ising, H. B\u00f6ck, and S. Schinzel. 2021. Why TLS is better without STARTTLS: A Security Analysis of STARTTLS in the Email Context. In USENIX. 4365--4382."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"crossref","unstructured":"J. Postel. 1982. SIMPLE MAIL TRANSFER PROTOCOL. RFC 821.","DOI":"10.17487\/rfc0821"},{"key":"e_1_3_2_1_57_1","unstructured":"A. Ramachandran D. Dagon and N. Feamster. 2006. Can DNS-Based Blacklists Keep Up with Bots?. In CEAS."},{"key":"e_1_3_2_1_58_1","unstructured":"S. Sinha M. Bailey and F. Jahanian. 2010. Improving Spam Blacklisting Through Dynamic Thresholding and Speculative Aggregation. In NDSS. 57--64."},{"volume-title":"Overview of e-mail SPAM elimination and its efficiency","author":"Sochor T.","key":"e_1_3_2_1_59_1","unstructured":"T. Sochor. 2014. Overview of e-mail SPAM elimination and its efficiency. In IEEE RCIS. 1--11."},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"crossref","unstructured":"C. Stransky O. Wiese V. Roth Y. Acar and S. Fahl. 2022. 27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University. In SP. IEEE 860--875.","DOI":"10.1109\/SP46214.2022.9833755"},{"key":"e_1_3_2_1_61_1","unstructured":"G. Stringhini M. Egele A. Zarras T. Holz C. Kruegel and G. Vigna. 2012. B@bel: Leveraging Email Delivery for Spam Mitigation. In USENIX. 16--32."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"crossref","unstructured":"D. Tatang F. Zettl and T. Holz. 2021. The Evolution of DNS-based Email Authentication: Measuring Adoption and Finding Flaws. In RAID. ACM 354--369.","DOI":"10.1145\/3471621.3471842"},{"key":"e_1_3_2_1_63_1","unstructured":"TechRepublic. 2021. Billions of passwords leaked online from past data breaches. https:\/\/www.techrepublic.com\/article\/billions-of-passwords-leaked-onlinefrom- past-data-breaches."},{"key":"e_1_3_2_1_64_1","unstructured":"TitanHQ. 2023. Cybersecurity platforms delivering layered security. https:\/\/www.titanhq.com\/."},{"key":"e_1_3_2_1_65_1","unstructured":"uceprotect. 2024. Removal of Level 1 Records. https:\/\/www.uceprotect.net\/de\/index.php?m=7&s=6."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"crossref","unstructured":"G. Vaudreuil. 2003. Enhanced Mail System Status Codes. RFC 3463.","DOI":"10.17487\/rfc3463"},{"volume-title":"Proceedings of the 31st Annual Network and Distributed System Security Symposium (NDSS).","author":"Wang C.","key":"e_1_3_2_1_67_1","unstructured":"C. Wang, Y. Kuranaga, Y. Wang, M. Zhang, L. Zheng, X. Li, J. Chen, H. Duan, Y. Lin, and Q. Pan. 2024. BreakSPF: How Shared Infrastructures Magnify SPF Vulnerabilities Across the Internet. In Proceedings of the 31st Annual Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_68_1","unstructured":"C. Wang K. Shen M. Guo Y. Zhao M. Zhang J. Chen B. Liu X. Zheng H. Duan Y. Lin and Q. Pan. 2022. A Large-scale and Longitudinal Measurement Study of DKIM Deployment. In USENIX Security. 1185--1201."},{"key":"e_1_3_2_1_69_1","unstructured":"Yahoo. 2024. Sender Requirements and Recommendations. https:\/\/senders.yahooinc.com\/best-practices."},{"key":"e_1_3_2_1_70_1","volume-title":"Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem. In CCS. 1373--1387.","author":"Zhang Y.","year":"2021","unstructured":"Y. Zhang, B. Liu, C. Lu, Z. Li, H. Duan, J. Li, and Z. Zhang. 2021. Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem. In CCS. 1373--1387."}],"event":{"name":"IMC '24: ACM Internet Measurement Conference","sponsor":["SIGMETRICS ACM Special Interest Group on Measurement and Evaluation","SIGCOMM ACM Special Interest Group on Data Communication"],"location":"Madrid Spain","acronym":"IMC '24"},"container-title":["Proceedings of the 2024 ACM on Internet Measurement Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3646547.3688425","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3646547.3688425","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T11:51:07Z","timestamp":1755863467000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3646547.3688425"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,4]]},"references-count":70,"alternative-id":["10.1145\/3646547.3688425","10.1145\/3646547"],"URL":"https:\/\/doi.org\/10.1145\/3646547.3688425","relation":{},"subject":[],"published":{"date-parts":[[2024,11,4]]},"assertion":[{"value":"2024-11-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}