Understanding Common Misconceptions About Email Delivery (Part 2)

Understanding Common Misconceptions About Email Delivery (Part 2)

March 15, 2016 / in Blog, Encryption/Security / by Zafar Khan, RPost CEO

Most disputes center on who said what to whom and when. When an email gets lost without the sender being aware, the entire conversation or negotiation can derail, and there can be serious financial and/or reputational damage as a consequence.

Have you ever been in a situation where an email vanishes?

Part 2 of “Common Misconceptions about Email Delivery” prepares you in case delivery of your (or a client’s) time-dependent email is disputed. Let’s get right into the misconceptions.

1. I copy my assistant and he/she prints a copy (to paper or PDF) for the file. This protects me in case I need to irrefutably prove who said what when at a later time.

This is a false assumption.

Why? Your printed copy can certainly remind you of what you believe occurred, but a printed copy is not proof of what actually transpired and can easily be disputed. It is incredibly easy to alter the content and timestamps on an email and print it so that it appears authentic.

If there is a question of authenticity, the printed email (or PDF) can easily be denied admission into evidence. No matter how authentic your printed copy is, the recipient can simply claim non-receipt. If your printed copy includes the recipient’s reply text and email thread, and the recipient’s copy (the sender of the reply) does not match, it will be challenging to prove which one is authentic.

2. I save everything in my archive, sent folder and/or inbox. I therefore can prove when they got my email and what it said.

This is a false assumption.

Why? Most email archives save less than half of the transaction data. For sent email, the archives may show you what you claim to have sent, but do not prove what was actually received. Further, it is well understood that messages in your sent folder and inbox can be altered (or can be claimed to have been altered) with a few clicks of a mouse. If later disputed, your email records may not provide you with the proof and coverage you had thought you had.

In case you are curious about how easy it is to change an email record, here are some common methods:

a. Altering Timestamps: To make an email appear in the recipient’s folder in a different time order, or to change the timestamp on your copy pushed into your sent folder, you can simply temporarily change the clock on your personal computer, and then send the message from commonly used email programs like Microsoft Outlook. Magically, it will appear to have been sent at that time – the timestamps on the email, the chronological placement in your sent folder, and the chronological placement in the recipient inbox will be altered. This could be used, for example, to back-date an email if a deadline had been missed.

b. Changing Message Content: In commonly used email programs like Microsoft Outlook, one can easily open the message, in the toolbar ribbon, click “Actions” and then “Edit Message”, then change the text, save, and close. The email will forever be changed in your inbox or sent folder, with changes virtually undetectable. If the email is later printed to paper or PDF, you will not be able to determine what the authentic original once said. If you suspect someone else altered an email and purported it to be fact, you can point out how easy it is to change an email, and suggest that they find a way to authenticate their record.

c. Unreliable Outlook Read Receipt: Common email program read receipts have little value as they are simple text files that can have the timestamps or message content easily forged using methods noted above, and further, they tell nothing about what the original message actually said (or what was attached). Further, they are unreliable since the recipient can opt not to have the receipt returned with a simple email account setting. Generally, for external recipients (outside of your company or network) these “Outlook” read receipts are not returned. The same holds for other standard read receipt programs in Gmail and AOL, for example. Note, sending to people within your company may return more of these, but that would only be due to IT administrator settings inside your company. Watch video:

In next week’s brief, we will discuss the final common misconceptions people commonly have about email delivery.

When you need visibility of delivery, assurance or proof, or simply peace of mind, you should use an email tracking service that returns irrefutable proof while preserving the simplicity of standard email — and does not require recipients to click links, register for an account, or download software. Watch a video showing how RMail e-delivery proof works.

“Tech Essentials for Florida Lawyers” explores emerging threats and trends in cybersecurity and recommends simple steps members of The Florida Bar can take to stay ahead of these threats. 

Common Misconceptions: Part 1 | Part 2 | Part 3