Proof of submission allows a message originator to obtain proof that its MTA submitted a message for delivery to the intended recipient(s). This service counters the threat of masquerade (i.e., impersonation of an MTA to an MTS user). It is provided on a per-message basis using symmetric or asymmetric encryption techniques.
The message originator requests the service by submitting a proof of submission request with a message. The originator's MTA returns the proof in an acknowledgment. The proof is computed as a function of the submitted message arguments (i.e., the submitted message without the content), the message identifier (which is added by the MTA), and the time the message was submitted.
To generate the proof using an asymmetric encryption algorithm, the MTA signs the acknowledgment using its private key. The message originator validates the signature using the MTA's public key certificate. This certificate may be registered with the originator, transferred in the acknowledgment, or obtained by some other means. An asymmetric proof of submission also provides non-repudiation of submission (see sec. 11.6.6).
If the message originator transferred a symmetric encryption key to the MTA during the authentication process (see sec. 11.6.2), the MTA can compute the proof of submission using this key. A symmetric proof of submission does not provide non-repudiation of submission.