Taken from http://openacs.org/doc/acs-mail-lite/ :
When called to send a mail, the mail will either get sent immediately or placed in an outgoing queue (changeable via parameter) which will be processed every few minutes.
ACS Mail Lite uses either sendmail (you have to provide the location of the binary as a parameter) or SMTP to send the mail. If the sending fails, the mail will be placed in the outgoing queue again and be given another try a few minutes later when processing the queue again.
Each email contains an X-Envelope-From adress constructed as follows:
The adress starts with "bounce" (can be changed by a parameter) followed by the user_id, a hashkey and the package_id of the package instance that sent the email, separated by "-". The domain name of this adress can be changed with a parameter.
The system checks every 2 minutes (configurable) in a certain maildirectory (configurable) for newly bounced emails, so the mailsystem will have to place every mail to an address beginning with "bounce" (or whatever the appropriate parameter says) in that directory. The system then processes each of the bounced emails, strips out the message_id and verifies the hashkey in the bounce-address. After that the package-key of the package sending the original mail is found out by using the package_id provided in the bounce adress. With that, the system then tries to invoke a callback procedure via a service contract if one is registered for that particular package-key. This enables each package to deal with bouncing mails on their own - probably logging this in special tables. ACS Mail Lite then logs the event of a bounced mail of that user.
Every day a procedure is run that checks if an email account has to be disabled from receiving any more mail. This is done the following way: