Final Delivery Status

C

Checole

Member
Jun 7, 2021
10
1
23
57
The Proxmox features highlists list the
  • Status of final delivery
of the "innovative Proxmox Message Tracking Center".

What is really meant by status "delivered"

  • Does the confirmation come from the recipient’s mail server?
  • Does this mean that the recipient’s mail server has accepted the sent email and delivered it to Employee A’s mailbox?
  • Can the tracking log be interpreted unambiguously to mean that the email has arrived at Employee A and that they can become aware of it?
  • Can the tracking logs be stored in a way that is audit-proof/revision-safe?

 
Checole said:
What is really meant by status "delivered"

  • Does the confirmation come from the recipient’s mail server?
Click to expand...
yes - a status of delivered means that the receiving mailserver sent a 2xx code (meaning it accepts the mail for delivery) when PMG tried to send the mail

Checole said:
  • Does this mean that the recipient’s mail server has accepted the sent email and delivered it to Employee A’s mailbox?
  • Can the tracking log be interpreted unambiguously to mean that the email has arrived at Employee A and that they can become aware of it?
Click to expand...
no for both questions - in general a mail-server only knows if the receiving mail-server accepted the message - not if it's further delivery succeeded.
there are some RFCs which specify ways how to automatically notify a sender that a message was received by the recipient, but those are not provided on the public internet in most cases (to not disclose too much information). Some mechanisms exist where the recipient can actively acknowledge receiving a message - request return receipt - but it depends on the recipient to actively say they want to sent that information.

Checole said:
Can the tracking logs be stored in a way that is audit-proof/revision-safe?
Click to expand...
The tracking center takes its information from /var/log/syslog and its rotated variants - those get written by rsyslog, and are regular Linux syslog files - you can use any technique that store syslogs in an audit-proof/revision-safe way .

I hope this helps!
 
Thanks for your answer. I’d like to follow up because this distinction matters greatly to me when considering whether to use an enterprise/support subscription or only the free open-source PMG.


In the official documentation it clearly describes two mail phases in the Tracking Center: the accept phase and the delivery phase, where a status like accepted/delivered combines both phases.


However, in practice this seems to mean:


  • “accepted” = receiver’s mail server accepted the SMTP transaction, and
  • “delivered” = PMG logged that acceptance into final delivery status.

The crucial question I’m trying to clarify is what “delivered” actually represents in terms of end-to-end message delivery.


To illustrate with a real-world example:


  • I sent an email to an organization and saw initial statuses like queued/deferred and accepted/deferred while delivery retries were happening.
  • Later PMG showed accepted/delivered.
  • I also received a standard PMG delivery notification email stating:



Your message was successfully delivered to the destination(s) listed below.
If the message was delivered to mailbox you will receive no further notifications.

<recipient@domain>: 250 ok: Message accepted


This notification comes from PMG’s own Mail Delivery System and references the recipient. The logged line with “250 ok: Message accepted” is clearly the SMTP acceptance by the recipient’s mail server — not an actual read/acceptance by the person or final mailbox.


What I want to confirm is whether the PMG status accepted/delivered strictly reflects that the recipient’s mail server responded with acceptance, or if it ever implies that the message has been placed into the recipient’s mailbox and is accessible there.


Put differently: does PMG’s “delivered” imply just acceptance by the next server, or does it mean delivery into the recipient’s mailbox environment?


Clarifying this difference will help me decide if PMG alone (even with logs and notifications) is sufficient for reliable evidence of delivery in critical use cases.


With regard to log files:
Maybe this is more of a wish/feature request than a question:
It would be very helpful if the Tracking Center itself had an option to save the extracted log lines (e.g. Accepted/Delivered events) in an immutable/audit-proof way directly from the UI.
Currently the Tracking Center parses the system syslog files (standard Debian rsyslog output) and shows them in the web UI. This works great for analysis, but doesn’t provide any built-in mechanism to export or store those tracking entries in a revision-safe way.
 
Checole said:
However, in practice this seems to mean:


  • “accepted” = receiver’s mail server accepted the SMTP transaction, and
  • “delivered” = PMG logged that acceptance into final delivery status.
Click to expand...
the first status `accepted` says that PMG has accepted the mail for delivering it to the next server (instead of blocking it, adding it to quarantine, rejecting it in postscreen) - the second status `delivered` says that PMG sent the mail to the receiving mailserver and got a 250 OK back

Checole said:
  • I sent an email to an organization and saw initial statuses like queued/deferred and accepted/deferred while delivery retries were happening.
  • Later PMG showed accepted/delivered.
Click to expand...
yes - this happens while the receiving mailserver does not accept the mail, but returns a temporary reject code (4xx, e.g. due to greylisting, or a full mailbox of the recipient) - in the end the receiving mailserver accepted the mail - thus the status was accepted/delivered.
you should have one entry for each delivery attempt - the final one should be the current status of the mail.

Checole said:
  • I also received a standard PMG delivery notification email stating:



Your message was successfully delivered to the destination(s) listed below.
If the message was delivered to mailbox you will receive no further notifications.

<recipient@domain>: 250 ok: Message accepted


This notification comes from PMG’s own Mail Delivery System and references the recipient. The logged line with “250 ok: Message accepted” is clearly the SMTP acceptance by the recipient’s mail server — not an actual read/acceptance by the person or final mailbox.


What I want to confirm is whether the PMG status accepted/delivered strictly reflects that the recipient’s mail server responded with acceptance, or if it ever implies that the message has been placed into the recipient’s mailbox and is accessible there.
Click to expand...
that message is a success DSN - see https://www.postfix.org/DSN_README.html (it's not commonly used - most mail-environments don't request notifications on success, and PMG only offers DSN in general on the internal port)

In any case - PMG can generally only say if a message was accepted by the next server - it cannot know what the next server did with the message (whether it delivered it to the mailbox, discarded because it decided that it's spam,...)

I hope this explains it.


Checole said:
Thanks for your answer. I’d like to follow up because this distinction matters greatly to me when considering whether to use an enterprise/support subscription or only the free open-source PMG.
Click to expand...
for completeness sake - PMG (like all Proxmox products) is always 100% open-source - you can get a subscription for:
* access to the enterprise repository (which we recommend when using it in production)
* access to our enterprise support portal
see https://www.proxmox.com/en/products/proxmox-mail-gateway/pricing for the details
 
You must log in or register to reply here.
Top Bottom
Back