Our server is calling a CBV (Callback Verifier) service, apparently
the "+" signed is being escaped incorrectly.
I assume that this CBV service uses SMTP to determine whether the
return-path is valid.
If so, does that CBV send MAIL FROM:<>? If so, what happens when the
SMTP server associated with the return-path (incorrectly) returns an
error to that? (in my experience this is a fairly common bug, or
misfeature, or misconfiguration).
If the CBV doesn't send MAIL FROM:<>, what happens when the SMTP server
associated with the return-path server also uses a CBV?