Understanding Common Misconceptions About Email Delivery (Part 1)

Understanding Common Misconceptions About Email Delivery (Part 1)

March 10, 2016 / in Blog, Encryption/Security / by Zafar Khan, RPost CEO

Have you, your staff, or a client ever sent an important email that the recipient claimed he or she did not receive?

Over the next three weeks, Tech Essentials will explore common misconceptions about email delivery that will prepare you in case delivery of your (or a client’s) time-dependent email is disputed. Let’s get started with a few pervasive misconceptions.

1. I did not get a bounce notice, so I know my email got there.

This is a false assumption.

Why? Email technologists estimate that more than half of recipient mail servers do not return bounce notification emails.

In case you are curious why some mail servers are configured to not return bounce notices, here is a slightly technical explanation. Spammers often send spam relayed through unknowing ISP mail servers to every conceivable iteration of “yourname@yourfirm.com” . They will use automated systems to send to y.name@yourfirm.com , your.name@yourfirm.com  , your.n@youfirm.com , and so on. Since most of these are not real addresses, your firm would be sending thousands of bounce notices back to unknowing sending ISP servers if your firm’s mail servers were configured to send bounce notices. The sending ISP servers would then believe your firm’s servers were sending it spam, possibly resulting in your firm’s email servers getting blacklisted. Your firm’s legitimate email would then simply disappear (before reaching the recipients) until your IT staff cleared up the blacklisting issue. This phenomenon is called “backscatter blacklisting”.

2. I copied (cc’d or bcc’d) myself and got the copy – so I know my message was delivered to all recipients.

This is a false assumption.

Why? Receipt of internal email within the organization does not have any bearing as to whether or not the email got to the Internet – and certainly does not prove delivery.

Here is a technical explanation of why that is the case. In most cases, if the sender and recipient have the same email domain (the domain being “@yourfirm.com”), the email will never need to transmit from your mail server to the Internet to reach the recipient. The email will travel from your computer to your mail server, and then, if your mail server sees the recipient domain as its own, it will look up the recipient in its own local directory, and put the email into that recipient folder (mailbox) locally on the mail server. The email will not need to be transmitted to the Internet to reach the recipient.

In the case where you copy yourself (or staff) on the message going to an external party, the message to your (and your staff) will remain on your mail server, and the message copy for the external party will transmit to the Internet. Whether it is delivered will be dependent on a number of Internet delivery variables, but delivery success is independent of whether or not you (or staff) received their copy.

In next week’s brief, we will introduce and debunk several other common misconceptions about proving email delivery.

When you need visibility of delivery, assurance or proof, or simply peace of mind, you should use an email tracking service that preserves the simplicity of standard email — and does not require recipients to click links, register for an account, or download software.

“Tech Essentials for Florida Lawyers” explores emerging threats and trends in cybersecurity and recommends simple steps members of The Florida Bar can take to stay ahead of these threats.

Common Misconceptions: Part 1 | Part 2 | Part 3