Short answer: no. Email read receipts don't reliably work in any major email client. Neither does pixel tracking — the supposed upgrade that every email tracking tool sells you on. This article covers exactly what breaks, why, and what actually gives you the data you're looking for.
How email read receipts work
The mechanism is simple and hasn't changed since RFC 8098 was published. Your email client adds a Disposition-Notification-To header to the outgoing message. The recipient's email client sees the header, prompts the recipient, and — if they accept — sends a disposition notification back to you.
The spec is explicit: receipt requests are "entirely advisory." Recipients can always decline, and you'll never know they did. There's no fallback, no retry, no silent confirmation. If they say no — or if their email client ignores the request entirely — you get nothing.
Gmail read receipts — the full picture
Personal Gmail accounts
Not supported. There's no compose-window option, no hidden setting, no Labs extension, and no indication Google plans to add one. If you're on a free Gmail account, you cannot request a read receipt.
Third-party extensions like Mailtrack and Streak don't use native receipts — they use pixel tracking, which has its own set of problems (covered below).
Google Workspace accounts
Read receipts are disabled by default. An admin must explicitly enable them through Admin Console → Apps → Google Workspace → Gmail → User settings → Email read receipts.
There are four configuration tiers:
- Fully disabled (default)
- Internal only — receipts work between people in the same organization
- Internal plus allowlist — internal, plus up to 100 specific external addresses
- Any email address — receipts can be requested for any recipient, but the recipient is always prompted and can always decline
When enabled, here's how it works on desktop:
- Open Gmail on the web (desktop only — not available on Gmail mobile for iOS or Android)
- Compose a new email
- Click the three-dot "More options" menu at the bottom of the compose window
- Select "Request read receipt"
- Send the email
The recipient sees "Send receipts" or "Not now." If they choose "Not now," they'll be prompted again next time they open the email. You never learn that the request was declined.
Read receipts must be set per-message — there's no global default. They don't work with BCC or mailing lists. And you can't add a receipt request after the email has been sent.
Even when everything works — admin enables receipts, you remember to request one, the recipient accepts — all you learn is that the email was opened. Not the attachment. Not how long they read. Not which section mattered.
Outlook read receipts — including new mobile support in 2025
Outlook has the richest read receipt implementation of any major email client. It also has the most fragmented one.
Classic Outlook for Windows
The most complete experience. You can request receipts per-message or set a global default (Options → Tracking → "Request a read receipt for all messages sent"). Admins can automate receipt handling through Group Policy and Exchange rules.
New Outlook for Windows and Outlook on the web (OWA)
Per-message receipts work. But the global default setting is gone — a widely reported regression from Classic. You have to remember to request a receipt every time.
Outlook mobile (iOS/Android)
As of spring 2025, Outlook mobile now supports both read and delivery receipts. Compose a message → tap the "+" menu → select the Receipts icon → choose the type. This is a recent addition — most competing articles still say mobile doesn't support receipts.
Read receipts vs delivery receipts
Most people conflate these. They're fundamentally different:
- Delivery receipts (DSN) are server-side. The mail server confirms the message reached the recipient's mailbox. No recipient involvement required.
- Read receipts (MDN) are client-side. The recipient's email app fires when the message is opened, and the recipient can always decline.
A delivery receipt tells you the email arrived. A read receipt tells you it was opened. Neither tells you anything about the content inside.
Admin controls
There's no single tenant-wide kill switch. Enterprise IT teams typically combine multiple approaches:
- Exchange transport rules — stripping the
Disposition-Notification-Toheader is the most effective blanket approach - Set-MailboxMessageConfiguration for OWA settings
- Group Policy for Classic desktop
- Remote Domain settings for external sender handling
The transport-rule approach is the closest thing to org-wide auto-decline — and many enterprise IT teams use exactly this. If your recipient's organization strips receipt headers at the server level, your request is silently discarded before anyone sees it.
The punchline is the same as Gmail: even in the best case, you learn the email was opened. Nothing about the content.
Apple Mail — the spoiler
Apple Mail doesn't support requesting read receipts. But the real story is what it does to other people's tracking.
Mail Privacy Protection (MPP)
Introduced in September 2021 with iOS 15 and macOS Monterey, Mail Privacy Protection pre-fetches all email content in the background — regardless of whether the user actually opens the email. Images load, tracking pixels fire, and the sender gets a false "open" signal.
The traffic is routed through two separate relay proxies. The first proxy knows the user's IP address but can't see the email content. The second proxy can see the content but doesn't know who the user is. This double-relay architecture makes it impossible for senders to correlate opens with recipients using IP addresses.
Adoption is roughly 97% among Apple Mail users — it's enabled by default and most people never turn it off.
Link Tracking Protection (iOS 17+)
Starting with iOS 17, Apple Mail also strips UTM parameters and click tracking IDs from URLs. This breaks click attribution on top of open tracking.
Market share
According to Litmus's Email Client Market Share data, Apple Mail accounts for roughly 47% of all email opens as of January 2026, based on 1.1 billion tracked opens. This figure has fluctuated between 46% and 67% over the trailing twelve months.
Even at the low end, nearly half of all email opens are unreliable due to MPP pre-fetching. This is the bridge from "read receipts don't work" to "pixel tracking doesn't work either."
Email pixel tracking — "the better alternative" that's also broken
This is where most articles about email tracking end with a recommendation: "Read receipts are unreliable, so use our pixel tracking tool instead." We're going to be honest about pixel tracking too.
How pixels work
An invisible 1×1 transparent image is embedded in the email body via an <img> tag. When the recipient's email client renders the email and loads images, the pixel is fetched from a server that logs the request — recording the IP address, user agent, timestamp, and a unique recipient identifier.
The mechanism is unchanged since the early 2000s. And the countermeasures have been catching up ever since.
Apple Mail Privacy Protection
As covered above, MPP pre-fetches all images. Every email looks "opened." With Apple Mail handling roughly 47% of email opens, nearly half your "opens" may be phantom reads.
Gmail's image proxy and reputation-based blocking
Since 2013, Gmail routes all images through Google's proxy servers, masking recipient IP addresses and device information. Open tracking still technically works — each image load registers — but you lose geolocation and device data.
Since August 2024, Gmail additionally blocks images entirely from low-reputation senders, showing a warning banner: "Images in this message are hidden. This message might be suspicious or spam." This isn't a blanket block — it's ML-driven, based on sender reputation, SPF/DKIM/DMARC authentication, spam complaint rates, and engagement metrics.
Legitimate marketing with good sender reputation is generally unaffected. Cold outreach emails — exactly the use case where you most want open tracking — are disproportionately hit. When images are blocked, the tracking pixel never loads, and the open goes completely undetected.
Corporate security scanners
Barracuda, Mimecast, Proofpoint, and Microsoft Defender for Office 365 all pre-fetch images and pre-click links during inbound email scanning, generating phantom opens and clicks before a human ever sees the email.
Microsoft Defender's Safe Links feature is especially impactful given Microsoft 365's enterprise market share. Other confirmed tools that generate false opens include Cisco Secure Email, Check Point Avanan, Trend Micro, Sophos, and CrowdStrike.
The bot signatures are predictable: opens and clicks within 60 seconds of delivery, sub-second sequential clicks on multiple links, and requests from known security vendor IP ranges. One documented case found that 80% of a campaign's engagement was bot traffic.
We wrote about how security bots inflate view counts in Why Your Deck Analytics Are Wrong — the same bots that fake deck views also fake email opens.
AI inbox agents — new in 2026
Google Gemini and other AI assistants now scan incoming emails to generate summaries and suggest actions, loading embedded images — including tracking pixels — with zero human attention.
This is a growing source of false opens that no email tracking tool currently filters reliably. Your "opened at 3:47 AM" might be Gemini reading the email for the user, not the user reading it themselves.
Image blocking defaults in 2026
Where major email clients stand:
- Block images by default: Outlook desktop (classic and new), Thunderbird, Proton Mail, Tuta (formerly Tutanota)
- Display images by default (through proxies): Gmail, Apple Mail, Yahoo Mail, Outlook mobile
The fundamental limit
Even if pixel tracking worked perfectly — no Apple MPP, no bots, no image blocking — it would still only tell you the email was opened. Not the attachment. Not the document inside. Opening an attachment doesn't trigger the pixel. Not opening the attachment doesn't prevent it from firing.
Pixel tracking answers a question about the envelope, not the letter.
You're tracking the envelope, not the letter
Nobody actually cares whether their email was opened. They care whether the prospect read the proposal. Whether the candidate reviewed the offer letter. Whether the client looked at the contract.
Email tracking — receipts and pixels alike — answers "did they see the envelope?" Document tracking answers "did they read the letter, and which pages did they underline?"
What actually works: track the content, not the email
The fix is structural, not incremental. Instead of attaching your proposal to an email and hoping for a read receipt, share it via a tracked link. When the recipient clicks the link, the document loads from a server that can log everything: who opened it, when, how long they spent on each page, what they clicked, and whether they came back for another look.
This isn't a workaround. It's a fundamentally different approach that side-steps every limitation covered in this article. Apple Mail can't pre-fetch a document someone hasn't clicked on yet. Security bots don't fill out engagement analytics. And because the tracking lives in the content layer — not the email layer — blocking images does nothing.
We cover the full workflow shift from attachments to tracked links in Can You Track If Someone Opened Your Email Attachment?. For proposal-specific tracking, see How to See Who Viewed Your Sales Proposal. And if you're evaluating which tools actually deliver reliable tracking, our proposal tracking software comparison covers the leading options side by side. If you're currently using DocSend, see our DocSend alternative comparison.
When email tracking still makes sense
We're not saying email open tracking is useless. We're saying it's useless for individual high-stakes decisions.
Bulk outreach and campaigns
Aggregate open rates across hundreds or thousands of emails are still a useful directional signal, even with noise. If your Tuesday send gets 34% opens and your Thursday send gets 22%, the Tuesday slot is probably better — even if the absolute numbers are inflated by bots and Apple MPP.
Marketing automation tools like Mailchimp and HubSpot use campaign-level open rates for A/B testing subject lines, send time optimization, and list health monitoring. At this scale, the noise averages out enough to be useful.
The distinction
- Aggregate email metrics work for campaign optimization
- Individual email tracking is unreliable for high-stakes follow-up decisions
When you need to know if your Tuesday batch performed better than Thursday, email open tracking is adequate. When you need to know if Jane at Acme Corp read your specific proposal before your Thursday call, it fails.
Where the industry is going
Reply rates, click-through rates, and conversions have replaced open rates as the primary engagement metrics across most email platforms. Apple's MPP was the tipping point — once half your opens became unreliable, the metric lost its authority. For more on what's changed with email infrastructure, see Email Deliverability in 2026.
Email tracking methods compared
| Capability | Read receipts (MDN) | Pixel tracking | Tracked document link |
|---|---|---|---|
| Know if email was opened | Sometimes — recipient can decline | Sometimes — blocked by Apple MPP, Gmail, security scanners | N/A — tracks the document, not the email |
| Know who opened it | Yes, if receipt returned | Approximate — IP/user agent, masked by proxies | Yes — by name and email |
| Know when they opened it | Yes, timestamp in receipt | Yes, if pixel loads | Yes — real-time notification |
| Know how long they spent | No | No | Yes — per-page time tracking |
| Know what they read | No | No | Yes — page-by-page engagement |
| Know if they clicked links | No | No | Yes — click tracking |
| Works on personal Gmail | No | Degraded — proxy, reputation blocking | Yes |
| Works on Apple Mail | No | No — MPP pre-fetches everything | Yes |
| Recipient can block | Yes — silently | Yes — image blocking | No |
| Legal status (EU) | Generally acceptable | Increasingly contested — CNIL draft guidance proposes requiring separate consent | Standard data processing |
FAQ
Can you see if someone read your email in Gmail?
Not reliably. Personal accounts don't support read receipts at all. Workspace accounts require admin enablement, work on desktop web only, and recipients can silently decline. Pixel tracking extensions work but are degraded by Gmail's image proxy (no location or device data) and reputation-based image blocking (cold outreach emails may get zero signal).
Do read receipts work between Gmail and Outlook?
Inconsistently. Cross-platform receipt handling varies by client version, admin settings, and recipient configuration. A Gmail Workspace user can send a receipt request, but the Outlook recipient can auto-decline or ignore it. The sender often gets no response at all — with no indication why.
Are email tracking pixels legal?
Increasingly contested. France's CNIL published landmark draft guidance in June 2025 treating tracking pixels as equivalent to cookies under the ePrivacy Directive — proposing that individual-level open tracking requires separate explicit consent beyond the consent to receive the email itself. The UK's ICO states that tracking pixels must comply with the same rules as cookies. No enforcement actions specifically targeting one-to-one business email pixels yet, but the regulatory direction is clear. This is not legal advice.
Why does Mailtrack show my email was opened 10 times?
Security scanners and bots. Corporate email security tools — Microsoft Defender, Proofpoint, Mimecast, Barracuda — pre-load images and pre-click links during inbound scanning, each generating a separate "open" event. AI inbox agents like Google Gemini also load images while scanning. Your "15 opens from 3 countries" might be one security scanner and one AI agent.
Is there a way to track email attachments?
No. Email attachments are local copies with no connection back to you. See Can You Track If Someone Opened Your Email Attachment? for the full explanation and the alternative approach.
What about Superhuman, Hey, or other email clients with read tracking?
Superhuman (acquired by Grammarly in 2025 for approximately $825M) still offers "Read Statuses" — pixel-based tracking showing when, how many times, and on which device someone opened your email. The feature is now off by default after a 2019 controversy over location tracking, which was permanently removed.
Hey.com takes the opposite approach — it actively strips all tracking pixels from incoming emails, identifies which service attempted to track you, and tells you.
Both illustrate the same point: the underlying pixel mechanism is identical, subject to the same Apple MPP, Gmail proxy, and security scanner limitations covered above. A fancier UI doesn't fix the reliability problem.