The Case of the Ten Day Email

On April 5, I got an email from a friend of mine asking if I could write an article for a local arts journal. It said that the editor was trying to get all of the articles in by April 1st. Needless to say, I thought this was odd. Upon further examination, I noticed the time stamp claimed the email was sent on March 27, but I hadn’t gotten it until April 5th, thus screwing me out of a byline and $200. This is even more odd because the sender lives about five blocks away. So where was the email from the 27th to the 5th?

I experienced something kinda similar a couple years ago: parents were supposed to send me some kind of important information by email from my dad’s job on a Friday (they had just moved, no phone yet). Didn’t get it by Friday evening. My emails to him bounced over the weekend. Monday, the email he sent me showed up in my inbox, with a header saying it had been sent Friday. My emails to him started going through. Turned out that the server in the building where he worked had been broken over the weekend.

I’ve also gotten bounce notices saying that such-and-such email will be retried for 5 days, or 48 hours, or whatever, because something isn’t working right now. So maybe the email ran into something broken enroute, and whatever computer was handling it at that point on its journey retried for 10 days before choosing an alternate route?

Sorry that you missed out on the byline and the $$$.

Maybe that date of April 1 might be invoked to explain this strangeness?

Just a thought.

Out in the net somewhere. Stuck between smtp forwarders. Caught in someone’s email system when it went down. It could’ve been in a ton of different places. For example: I send an email to you. It goes to comcast. Comcast does a lookup on your mail server. Your ISP’s DNS is having problems, so it has trouble finding you. Comcast’s email goes down around the same time, so it can’t notify me. When it comes back up, it starts working through the backlog of mail it has to deal with. Sooner or later, it gets to the one I sent. It starts the DNS lookup again, finds it, then sends it on it’s way. Should it take ten days? No, but it in the realm of possibility. The five blocks away doesn’t really matter, since the email goes through a server, not directly to you. If you’re on different ISP’s, the example above could easily happen.

From the experience we have here:

If, for whatever reason our internal mail server goes down, and the messages cannot get to us from our ISP, they are stored on the ISP machines until the ISP machine can once again talk to our mail server.

At this time, the newest batch of mail is passed on to our machines, and dispersed throughout the company, and the new, incoming mail takes priority over the old stored stuff. So If our connection is down for a day, anything sent to us in the morning will reach us hours, sometimes 2-3 days after things sent 5 minutes before the outage.

And the longer the server is down, the longer the catch up time is. If it’s down a couple of hours, it takes about 150% of that time to catch up, but if it’s down for a couple days, it could take 2-300% of the downtime to catch up again.

We rarely get email bounced when this happens. So people think we are just ignoring them. So they send another mail to make sure they got it correct… and it just backs the system up even more.

My longest record is about 6 months. A mail server at a university where I was taking classses would occasionally spool messages, and for some reason, would just forget about them. Enough messages were getting through that no one realized they were missing e-mails until the machine finally filled up its disk, six months later. We got a brief e-mail from the systems folks explaining what had happened, and then all of the messages that had been lost.

So there’s this thing, called DNS. Now, I’m not a network programmer, so I may be a little off on my explanation, but one of the things you can get from a DNS server is the MX record, MX = Mail Transportation, which should make it MT, but it’s a long story.

Anyways, suppose you asked your domain nameserver for the MX record of some host, say, In reply, you’d see:
        origin =
        mail addr =
        serial = 10
        refresh = 21600 (6 hours)
        retry   = 3600 (1 hour)
        expire  = 1728000 (20 days)
        minimum ttl = 3600 (1 hour)

So, if you were sending email to <>, your computer would try to get a hold of the SMTP server on If, for some reason, it couldn’t get a hold of, or there was some error that didn’t cause an automatic bounce of your message, it would retry every hour for up to twenty days. If, after twenty days, it couldn’t send your message, it would then bounce the message back to you.

Now, may or may not send the email directly to In fact, it probably won’t. It will probably have a different host to send it to, with its own retry and expiration times, and even that host might not send the message straight to So, you can see, with a few network troubles, it could take quite a long time for one message to get somewhere.

It’s interesting to note that each time a SMTP server gets a message, it prepends a Received line to it, with a timestamp, as well as the name of who it thinks it was talking to when it recieved it. So, if you have access to the header of the message in question, and look at it, you could see something like (some stuff X’ed out to protect the innocent):

So, if you look at the first timestamp (at the bottom, 10 Apr 2002 00:50:07 -0000) and the last stamp (at the top, Tue, 9 Apr 2002 17:57:23 -0700) you can see that it took all of seven minutes, sixteen seconds for the message to get to me from the sender’s machine.