This is a known issue and a main annoyance with the Apple APNs protocol, this is not a library issue. Basically you should ensure that any device token you send is a valid device token, otherwise Apple may reject the tokens and treats your notification sender as untrusted.
Couple of points:
1. service.getInactiveDevices() returns inactive devices, where the user installed the app but disabled it afterwards. It does not return invalid device tokens.
2. ApnsDelegate has a callback method (connectionClosed) that returns an error code. If you use an invalid notification id, the callback method will be called with INVALID_TOKEN argument along with the message id. You may retry the messages sent after. The API isn't quite user-friendly yet, but it got slightly improved with 0.2.0 already.
Your best bet is to ensure that all the device tokens are valid tokens and properly marked whether they are production or sandbox.
Regards,- Mahmood