MailPing Research investigates how modern email infrastructure behaves across different platforms and devices. Our studies analyze tracking signals, proxy systems, and privacy protections implemented by major email providers.
View all research →Email Privacy Study: Gmail Masks User IP While Outlook Exposes It
MailPing Research. (2026). Email Privacy Study: Gmail Masks User IP While Outlook Exposes It. MailPing Infrastructure Research. https://mailping.pro/research/email-privacy-ip-exposure-study
Research Summary
- Gmail loads email images through Google proxy infrastructure.
- Apple Mail Privacy Protection hides recipient IP addresses.
- Outlook clients load remote images directly from the user device.
- Direct image loading exposes recipient IP address and network location.
- Email privacy protections vary significantly across major email platforms.
Research Context
Email privacy has evolved significantly as large email platforms introduced proxy infrastructure designed to prevent senders from directly observing recipient network information.
Platforms such as Gmail and Apple Mail route remote image requests through intermediary infrastructure. This architecture prevents the sender from seeing the recipient’s real IP address, ISP, or geographic location.
However, it is not universally understood whether these protections exist across all email clients and devices. This study investigates how different email platforms load remote images and whether those requests expose the recipient’s network identity.
Methodology
MailPing tracking pixels were embedded inside controlled test emails sent to multiple environments including Gmail, Apple ecosystem devices, and Microsoft Outlook clients.
Each email contained a unique tracking image. When the email client rendered the message and requested the image, the MailPing logging infrastructure recorded the full HTTP request including:
- Request IP address
- User-agent string
- Network ASN
- Geographic metadata
Observed requests were then analyzed to determine whether the image fetch originated from proxy infrastructure operated by the email provider or directly from the recipient device.
Observed Behavior
| Email Client | Image Request Origin | User IP Visible | Location Visible |
|---|---|---|---|
| Gmail Web | Google Image Proxy | No | No |
| Gmail Android | Google Image Proxy | No | No |
| Gmail iOS | Google Image Proxy | No | No |
| Apple Mail (Mail Privacy Protection) | Apple Privacy Relay | No | No |
| Outlook Android | Recipient Device | Yes | Yes |
| Outlook Windows | Recipient Device | Yes | Yes |
The behaviors shown above were consistently observed during controlled testing across multiple devices and repeated message opens.
Request Trace Examples
The following examples illustrate the difference between proxy-based image loading and direct device image requests.
Gmail Image Proxy Request
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via ggpht.com GoogleImageProxy) IP Address: 66.249.x.x ASN: Google LLC Observed Location: Google Infrastructure
Outlook Android Direct Request
User-Agent: Mozilla/5.0 (Linux; Android 16; SM-A356E) Chrome Mobile WebView IP Address: 197.x.x.x Country: South Africa Network: Mobile ISP
When images are loaded directly by the recipient device, the sender infrastructure can observe the user's network identity and approximate location.
Key Findings
- Gmail routes image requests through Google proxy infrastructure.
- Apple Mail Privacy Protection masks the recipient’s network identity.
- Outlook clients load remote images directly from the user device.
- Direct image loading exposes recipient IP address and network metadata.
- Email privacy protections vary significantly across platforms.
Implications
Email engagement measurement systems rely on remote image requests to detect message opens. Proxy infrastructure changes how these signals appear to sender-side analytics platforms.
When requests originate from proxy networks rather than user devices, the sender infrastructure cannot determine the recipient’s real location or network provider.
However, when clients load images directly from the device, the sender infrastructure can observe IP address, ISP, and approximate geographic location.
These architectural differences affect privacy expectations, email tracking interpretation, and how engagement metrics should be analyzed across platforms.
Dataset & Research Evidence
The observations in this study were derived from MailPing infrastructure request logs generated during controlled email tests across multiple clients and devices.
Example request traces used in this analysis are available through the following dataset references:
- MailPing Gmail proxy request dataset
- MailPing Outlook Android device request dataset
- MailPing Apple ecosystem proxy request dataset
These datasets represent real HTTP request logs recorded during controlled infrastructure experiments designed to observe image loading behavior in modern email clients.
Disclosure
This research was conducted using MailPing tracking infrastructure designed to observe how email clients load remote images. The analysis focuses solely on HTTP request behavior generated during controlled testing. No personal user data beyond standard request metadata was collected.