Part 1: Installing our 6th gen add-in
Part 2: Adding tracking to your emails
Part 3: Changing add-in receipt settings
Part 4: Understanding the receipts

These instructions are for our 6th generation add-in for:

• Gmail/Google our Google Workspace App and
• HotMail/Outlook App our Microsoft OfficeJS App

When tracking your emails, always insert "add tracking" last, and then immediately send your message without delay, to avoid false-positive tracking of yourself.

Gmail     Google  App: Add our free Workspace App to your email compose page (works on your phone and your browser).

Just click our new icon before sending!

HotMail  Outlook App: Add our free OfficeJS App to your email compose page (works on your phone, your browser, and inside your Outlook program).

Just click our new icon before sending!

Install one of our add-ins (see above), compose your email, then before sending it, click our new icon (which shows up in your email compose page)

You can change the settings for your email tracking, and your receipts. To do this, if you don't already have one, you will need to set up a new account with ReadNotify.com (free). The following settings can be changed when you log in to your ReadNotify account:

Tracked emails you send can optionally include the following message:

Click here to acknowledge reading this ReadNotify return‑receipt email.

You can turn this off (make it invisible) or turn it on (make it show up) by creating a free ReadNotify account and visiting the Banner Settings page.

• The default for users with no ReadNotify account is to always show the banner
• For users who do have a ReadNotify account, the default is invisible tracking (no banner)
• Changes to banner visibility are immediate, and apply to all your emails, both past (already sent) and future
• The Banner Settings page lists many different banner styles; be aware that our 6th generation add-in banners only have one style (shown above). It's either on (showing) or off (invisible) - you cannot change the style of banner.

Visit your Notifications & Reports settings page and un-check the Notifications By Email option.

Visit your Notifications & Reports settings page and select the Multiple Notifications options.

• For your first 14 days (trial period) free and paid accounts are identical
• After your 14-day free trial,
  • your email receipt banners will turn back on (no longer be invisible)
  • your Read Notification: receipts will have less detail
  • extra-receipts when re-opened will be disabled
• You can convert to a paid account at any time, which will restore your banner settings and reveal full tracking details of all your past receipts, and re-enable your extra-receipts setting

It is important to send your mail immediately after adding tracking. See next section.

compose email proof-read add tracking, then immediately: click send

ReadNotify tracks everyone and everything that sees your email. This includes you (the sender) too.

When you "add tracking" to your email, this starts the tracking immediately (and tracks you right then). We try to detect this, and exclude what we can work out is "you" from your receipts. This is why it's important to "add tracking" last, and immediately before clicking send. Replies: when someone replies to your email, and you read their reply, this will track you again. We often cannot tell this is you, so keep in mind the dates and times you opened your sent mail and replies to it, when reading your receipts.

65% of emails our customers send track successfully. If you're net getting tracking for an email you've sent, there's 3 possible reasons:-

The recipient never opened it. The email never reached the recipient (e.g. wrong email address, or they're using filters to block your emails or block what you're putting into your emails or email subject lines.) The recipient is reading your email in a way that prevents tracking (this is rare). Examples include: downloading email, then disconnecting from the internet before opening it, or using a bespoke email client programmed to prevent internet access.

Some mail services sometimes intercept tracking and hide some recipient information. There is no way in advance to know how someone will read the email you send them, or whether or not a proxy will conceal some of their information.

Pay attention to the sections in your tracking report.

If it says only "DNS", the recipient is behind the strongest possible tracking-blocker. We try to guess their location for you, but this can be wildly inaccurate (although usually the correct state and country still) If the Ip-Geo says an email company, like "Google LLC" or "Microsoft" - this will usually be a proxy which is deliberately preventing you from knowing where the recipient is. Great for fraudsters, annoying for 99.9% of everyone else.

We use our best-efforts to find the Geo-Location of the IP Address(es) associated with the reader of your email, but this is an inexact science.   Keep in mind that mobile devices, satellites, and dynamic IP allocations exist and can make locations highly approximate, and that proxies also exist which can fake and hide locations as well.

Maps are based on Geo-Location (see above) and are approximate; they will typically not indicate any recipient exact actual location.

We use the most powerful tracking available, developed and constantly refined over 25 years of operations, with more than a dozen different and simultaneous tracking methods included in each mail you track.

This generates a lot of tracking data - typically more than 100 events per message - often even 1000+.   Our system works hard to group all this data into individual reading events. Keep in mind that these might sometimes get mixed up (e.g. when multiple people read your email at the exact same time), and sometimes not get properly associated (e.g. when one person behind a proxy keeps your email open for hours).

We try to count individual readers, and re-identify them if they re-read your email from the data we collect (see above) - but this is extremely approximate. Use your best judgement, common sense, and what you know about your recipient when trying to work out if our reader-counts are plausible.

Wherever possible, when we detect any machine touching your tracked email you sent, we collect the IPv4 and IPv6 addresses, as well as any connecting port (the big number after the last colon) of these recipients, and report this in your receipts (along with IP location and ownership).

If you see a location without an IP address, that's because the recipient was protected by a firewall and no tracking connections could be made (we guess the approximate location from their DNS events).

Note that IP addresses might be used by your recipient directly, or might be others that indirectly allow your recipient to access the email (proxies, DNS, etc)

See also Proxies above.

These, our add-in trackers for Google and Microsoft, cannot distinguish between multiple email recipients. If you need to know which person (of many) reads your email, you will need to send individual tracked emails - one to each of them - instead of using Cc: or Bcc:

Emails you have sent using one of our 6th generation add-ins for Google (gmail etc) and Microsoft (office and outlook etc) do not show on your account "Personal Tracking Page".

To access the live tracking-history for your sent emails, use the link in the "Click here for up-to-date (live) tracking information." at the bottom of the "Read Notification:" receipt in your email inbox.

Also - see next heading:

You can also use our add-in panel from inside your gmail or outlook etc when you open your sent-mails from your sent folder, but, keep in mind that this might count as a "Tracking Yourself" event.

We report everything your recipient mail system elected to tell us about the reading of emails you send. This typically includes one or more of the following:

Meaning of collected tracking information
Opened	Sun 12-Nov-2023 at 05:51:19am (UTC +10:00).   Reader #2 Opened 4 hours, 37 mins, 3 secs after sending
	The date and time of a new tracking event for a new reader.   You can change your timezone settings from your Account Settings page.   Elapsed time is also shown.   Hover your mouse over the dates and times to see what they are in UTC.   See also Reader Counts above.
Re-opened	Tue 31-Oct-2023 at 16:19:13pm (UTC +10:00).   Reader #5 Re-opened 4 hours, 8 mins, 32 secs after sending
	An earlier person re-opened the email.   Be aware that our systems try hard to work out the difference between a new person reading an email, and the same person reading it a second time, but this is not always possible or reliable.   Use your best judgement and the available additional information to work out the most likley situation.
IPs	[2001:8004:1300:a1ac:c110:291f:4492:50ad]:51641,   185.44.77.151:46946,   104.28.42.17:24999,   [2a09:bac2:35eb:1519::21a:ac]:45354
	All the IPv4 and IPv6 addresses associated with this opening event, along with the :port numbers that were used (i.e. the REMOTE_ADDR:REMOTE_PORT http headers).   Each IP is clickable to show its location on a map.   Hover you mouse over any IP address to see the location and the owner of the IP address allocation.   If you see the special Ip "(us)", that indicates a noteworthy unusal incoming connection from your recipient (e.g. (us):8088).
IP-Geo	Paris, Île-de-France, France (Cloudflare, Inc.)
	The approximate geographic location of all the IP addresses that used or displayed your email.   Hover you mouse over the locations to see which IPs come from there.   Click to see it on a map.   See the Geo-Location section above.
Ssl-Session-Id	57e3e80c9bd044de05a9­d243814c573292edf064­7610460a563c40084061d3ae
	A hash-protected representation of your recipient's technical TLS ID (identical ID's, if they recur in other event displays, represent the exact same machine being used)
Http-Cookie	xfinityAssistant)=true : _cc_id=cbfb31f64c0027327b33ed37d08934dc
	We did not ask for these cookies, but if your recipient system set us any, these are noteworthy and may be useful: if they recur in other event displays it would mean the exact same machine was being used
Http-User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246 Mozilla/5.0 : Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 : Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 : Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
	The name of the browser or email program being used (or that of the proxy blocking this info from you), and its version, and possibly the brand and version of their operating system
Http	Connection: keep-alive. Accept-Encoding: gzip, deflate, br. Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Http-Ua-CPU: AMD64
	What kind of connection was requested, and the display capabilities for the requesting machine(s) - can be useful for identifying different machines being used. This is a synthesis of the following HTTP headers: HTTP_UA_CPU (The CPU type of the recipient machine) HTTP_CONNECTION (the connection keep-alive state requested) HTTP_ACCEPT_ENCODING (supported compressions) HTTP_ACCEPT (supported file types)
Ssl	Session-Id(md5): 505a3f796ca984775bb4­6300075894de, 59c1c09ff24a86f0d4b5­e8ca88e8f40a, c63d5f9c31a8fe790128­30d3cb322a14. Session-Resumed: Initial. Secure-Reneg: false. Protocol: TLSv1.3. Cipher-Usekeysize: 256. Cipher-Algkeysize: 256. Cipher: TLS_AES_256_GCM_SHA384
	This is a synthesis of the following TLS connection parameters: SSL_SESSION_RESUMED (e.g. Initial or Resumed), SSL_SECURE_RENEG (e.g. true or false), SSL_PROTOCOL (e.g. TLSv1.3 : TLSv1.2 : TLSv1.3 : TLSv1.2), SSL_CIPHER_USEKEYSIZE (e.g. 128 or 256), SSL_CIPHER_ALGKEYSIZE (e.g. 128 or 256), SSL_CIPHER (e.g. TLS_AES_256_GCM_SHA384 : ECDHE-RSA-AES256-GCM-SHA384 : TLS_AES_256_GCM_SHA384 : ECDHE-RSA-AES256-GCM-SHA384)
DNS	Melbourne, Victoria, Australia (NOMINET UK), Sydney, New South Wales, Australia (NOMINET UK)
	The geographic locations of the DNS being used by the recipient.   Note that DNS is usually (but not always!) geo-located in at least the same country as the recipient, and often the same state, but is typically never going to be the exact city.   Use this location info with caution and your best judgement.
Http-Accept-Language	en-US : en-US,en;q=0.9 : en-US,en;q=0.5
	What language(s) your recipient system reports they understand, and in their order of preference (A lower q= number means lower preference; none at all means max preference)
Http-Sec-Fetch-Site	none : cross-site
	The cross-site security policy in use by the recipient
Http-Sec-Fetch-Mode	navigate : no-cors
	The cross-site security mode in use by the recipient
Http-Sec-Fetch-Dest	document : image
	The cross-site security destination in use by the recipient
Http-Sec-Ch-Ua-Mobile	?0 : ?1
	Is the user on a mobile phone (1) or not (0)
Http-Sec-Ch-Ua	"Not_A_Brand";v="8", "Chromium";v="108", "Google Chrome";v="108"
	The brand and version of the users secure web browser engine
Http-Sec-Ch-Ua-Platform	"Windows" : "Android" : "macOS"
	Users operating system
Http-Sec-Fetch-User	?1
	If this shows, it represents a user directly rendering your email (as opposed to a machine rendering it in a subframe or similar)
Http-Sec-Gpc	1
	The users Global Privacy Control preference
Http-Sec-Required-Csp	default-src 'none'; style-src http: https: cid: 'self' 'unsafe-inline'; img-src http: https: cid: data: attachment: img: 'self'; media-src http: https: cid: 'self'; font-src http: https: cid: 'self'
	The users Content Security Policy preference
Http-X-Requested-With	com.alibaba.cloudmail : com.samsung.android.email.provider : com.google.android.gm
	Brand of proxy that made the AJAX request
Http-Referer	http://mail.google.com/ : https://connect.xfinity.com/
	URL that the user was on when they read their email
Http-X-P2p-Peerdistex	MinContentInformation=1.0, MaxContentInformation=2.0
	Extended Version (capabilities) of the peer-to-peer proxy that loaded your content
Http-X-P2p-Peerdist	Version=1.1
	Version of the peer-to-peer proxy that loaded your content
Http-Cache-Control	no-cache : max-age=0 : max-stale=0
	Caching methods requested
Http-X-Forwarded-For	12.230.31.162
	Real user IP address exposed by their proxy. Be aware that these are easily faked.
Http-From	support@search.yandex.ru
	Usually the contact address for the author of the robot which loaded your message, sometimes the email address of the actual user
Http-X-Proxyuser-Ip	183.82.161.78
	Real user IP address exposed by their proxy. Be aware that these are easily faked.
Http-Pragma	no-cache
	Caching methods requested, for HTTP/1.0 cache compatibility
Http-Upgrade-Insecure-Requests	1
	Indicates that the requesting client requests an upgrade to an encrypted and authenticated session for the requested content
Http-Dnt	1
	If "1", indicates user wishes not to be tracked. Please keep this in mind, and respect this setting as approprraite for the laws in your region
Http-Via	1.1 wsa-dallas-11.sitel-world.net:80 (Cisco-WSA/14.0.3-014) : Proxy A
	Indicates intermediate protocols and recipients between the user agent and the server.
Http-X-Imforwards	20
	indicates the number of "hops" or intermediate servers a request has passed through proxies
Http-Sentry-Trace	4b5d58be29144f4582ab­4ffdbcd7b61f-99dcebe06e1b13f6-
	Used for tracing with Sentry, an error monitoring tool.
Http-X-Native-Host	OneOutlook/1.2023.323.100
	Identifies the mail software and version used for showing your email to your recipient.
Http-X-Mwg-Via	BFAA2700-C953-11EB-906E-0017A4403562
	A non-standard proxy identification header.
Http-Client-Ip	202.4.188.200
	Real user IP address exposed by their proxy. Be aware that these are easily faked.
Http-Proxy-Connection	Keep-Alive
	Client request for the connection type to be maintained by intermediate proxies.
Http-Ctxrequest­webview­key	03AC769F-E537-46AE-A747-591723EACF40
	A non-standard identification header.
Http-Te	deflate,gzip;q=0.3
	Indicates the transfer encodings the user agent is willing to accept.
Http-Save-Data	on
	Indicates the client’s preference for reduced data usage.
Http-Keep-Alive	300
	Enables persistent HTTP connections, with options for timeout and max requests.
Http-X-Ms-Cookieuri-Requested	t
	A non-standard header, specific to Microsoft services.
Http-X-Feature­version	1
	A non-standard header, possibly for internal versioning of features.
Http-X-Hubspot-Timeout-Millis	29988 : 29986 : 29536 : 60000
	A non-standard header, specific to HubSpot, for timeout settings.
Http-Access-Control-Expose-Headers	Content-Disposition
	Specifies the headers that can be exposed as part of the response when using CORS.
Http-Accept-Charset	ISO-8859-1,utf-8;q=0.7,*;q=0.7
	Indicates which character sets are acceptable for the response.
Http-Content-Language	en-US
	Describes the language(s) intended for the audience of the response content.
Http-X-Bluecoat-Via	bda198ce473681c6 : 7c150bb3a12e4cf2
	A non-standard header used by BlueCoat proxy devices.
Http-Trace­parent	00-5b90d2ce4bce1e498­35b4528658d7ace-6467d338a90b944c-00
	Used for distributed tracing to identify individual requests and their place in a trace.
Http-X-Trace	2BD62EC96D820A9B4CCE­1EBB38AF03F27143D1BA­72000000000000000000
	A non-standard header, potentially for tracing request processing.
Http-X-Iws-Via	1.1 A746FA4F (IWSS)
	Indicates the intermediate web server through which the request was routed.
Http-X-Hubspot-Requesting-Chain-Bin	CkQKOE1pbWVvZ3JhcGhU­cTJXb3JrZXJzLW1lZGlh­LXByb2Nlc3NpbmctZW5n­YWdlbWVudHMtZW1haWxz­EghQUk9DRklMRQowCiRj­b250ZW50ZmlsZW1hbmFn­ZXJhcGl3ZWJpbnRlcm5h­bC13ZWISCFBST0NGSUxF­EgIIAg==
	Used by HubSpot to track the chain of requests leading to the current request.
Http-X-Hubspot-Correl­ation-Id	ee1d53bf-41c3-4d56-9911-4852b2e31f5b
	A unique identifier for correlating requests in HubSpot services.
Http-X-Hubspot-Client-Ip	172.21.182.104
	Real user IP address exposed by the Hubspot proxy. Be aware that these are easily faked.
Http-Req-Mi-Chain	-1407258960:8080
	Often used for tracking the chain of request modifications in middleware.
Unique-Id	YYZilLulDXPYQNEQghlQAQAAAM8
	A custom header, likely used to uniquely identify the request or session.
Query-String	(blank) or a=b
	Represents the query string part of a URL, containing key-value pairs. These should never be present - if they are, it indicates someone is deliberately interfering with your tracking
Http-X-Browser-Session	z1pb2tx2p927j21f0w4k
	Used to identify a browser session for tracking or management purposes.
Http-Expect	100-continue
	Indicates expectations that need to be fulfilled by the server in order to properly handle the request.
Http-X-Request-Id	178380c8-5060-4759-bfb2-245a4e4f12f5
	A unique identifier for the request, often used for logging or tracing purposes.
Http-X-Real-Ip	10.160.71.216
	Real user IP address exposed by their proxy. Be aware that these are easily faked.
Http-X-Operamini-Route	2
	Used by Opera Mini to specify routing information for the request.
Http-X-Operamini-Phone-Ua	OperaMini(MAUI_mRE;Opera Mini/4.4.33576;en)
	Indicates the original user agent of the phone using Opera Mini.
Http-X-Operamini-Phone	? # ?
	Indicates the original user agent of the phone using Opera Mini.
Http-X-Operamini-Features	advanced, download, file_system, folding, httpping, pingback, routing
	Used by Opera Mini to indicate specific browser features or requirements.
Http-X-Ms-Applicat­ionguard-Initiated	1
	Used by Microsoft Application Guard to indicate that the request was initiated in a secure environment.
Http-X-Fb-Crawlerbot	AanxrRLxKW7Jng8mn62t­SVHmSvlzgQ2NvSqoj8HN­jWqB6u6SKG54vpC-so29QCntpRBXQXRnppjF­C3JNw9dmGx8AITf_k12s­CScFEKRiHD7_UA
	Indicates whether the request is made by Facebook's crawler bot.
Http-X-Clacks-Overhead	GNU ph
	A non-standard header used as a tribute to Terry Pratchett, or for lightweight signaling.
Http-Tracestate	189019@nr=0-0-1355455-Unknown-690bbe209584774b-7c6f0d1b4398c34a-1-1.574630-1673045226927
	Provides trace context, used in distributed tracing of applications.
Http-Newrelic	eyJ2IjpbMCwxXSwiZCI6­eyJ0eSI6IkFwcCIsImFj­IjoiMTM1NTQ1NSIsImFw­IjoiVW5rbm93biIsInR4­IjoiN2M2ZjBkMWI0Mzk4­YzM0YSIsInRyIjoiZjQ5­YWJkN2U5YmNhZWRjNjVm­Y2JiZTE3YmNlMGNkOGYi­LCJwciI6MS41NzQ2Mywi­c2EiOnRydWUsInRpIjox­NjczMDQ1MjI2OTI3LCJp­ZCI6IjY5MGJiZTIwOTU4­NDc3NGIiLCJ0ayI6IjE4­OTAxOSJ9fQ==
	Used by New Relic for monitoring web application performance.
Http-Forwarded	for="105.112.113.159:23652"
	Real user IP address exposed by their proxy. Be aware that these are easily faked.
Http-Device-Stock-Ua	OperaMini(MAUI_MRE;Opera Mini/4.4.33576;en)
	Identifies the standard user agent of the device making the request. soon
Http-*	All other custom data sent from your recipient
	All the above are not an exhaustive list - they're examples (in decreasing proportion of common likelihood) of data which does arrive. If new or unusual tracking info turns up, it will have its own Http- prefix and be shown as well.