VERP (Variable Envelope Return-Path)
In the above example, you will have noticed that the delivery failure message was sent back to the address of the Return-Path header in the original email. If there is a key to handle the bounced emails, it comes from the Return-Path header.
The idea of VERP is to safely encode the recipient details, too, somehow in the return-path so that we can parse the received bounce effectively and extract the failing recipient from it. We specifically use the Return-Path header, as that’s the only header that is not going to get tampered with by the intervention of a number of MTAs.
Typically, an email from Alice to Bob in the above example will have headers like the following: From: alice@example.com To: bob@somewhere.com Return-Path: mails@example.com
Now, we create a custom return path header by encoding the ‘To’ address as a combination of prefix-delim-hash. The hash can be generated by the PHP hmac functions, so that the new email headers become something like what follows: From: alice@example.com To: bob@somewhere.com Return-Path: bounce-bob.somewher.com-{encode ( bob@somewher. com ) }@example.com
Now, the bounces will get directed to our new return-path and can be handled to extract the failing recipient.