Recipient mail server sent an automatic reply such as an out-of-office or vacation response. Auto replies are informational and do not change the message delivery status.
Code
{ "id": "4c1a6e5b-7a2f-4f8a-9d3e-6f7b8c9d0e1f", "event": "message.auto_replied", "timestamp": "2025-08-08T20:16:10.000Z", "data": { "message_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479", "subject": "Your order has shipped", "metadata": { "X-Order-ID": "order-12345" }, "tag": "shipping", "auto_reply": { "sender": "user@example.com", "recipient": "feedback-f47ac10b-58cc-4372-a567-0e02b2c3d479@lm-bounces.example.com", "subject": "Automatic reply: out of office", "body": { "text": "I am currently out of office and will reply when I return.", "html": "<p>I am currently out of office and will reply when I return.</p>" } } }}
Fields:
auto_reply.sender: Address that sent the automatic reply, when available
auto_reply.recipient: Bounce/feedback recipient address that received the automatic reply
auto_reply.subject: Subject of the automatic reply, when available
auto_reply.body.text: Plain-text automatic reply body, when available
auto_reply.body.html: HTML automatic reply body, when available
message.hard_bounced
Permanent delivery failure (e.g., user does not exist).
Recipient opened the email. Requires open tracking to be enabled on the route.
This event is only available for routes with open tracking enabled. By default, webhooks receive only human-countable opens; machine, privacy proxy, and security scanner opens require Include machine events.
Recipient clicked a link in the email. Requires click tracking to be enabled on the route.
This event is only available for routes with click tracking enabled. By default, webhooks receive only human-countable clicks; machine, link preview, and security scanner clicks require Include machine events.
envelope: SMTP envelope data from the sending server
remote_ip: IP address of the sending mail server
remote_hostname: Reverse DNS (PTR) hostname of the sending server
helo: HELO/EHLO domain the sender identified as
mail_from: Envelope sender address (MAIL FROM command, may differ from the From header)
from: Sender information with optional subaddress
to: Array of TO recipients with optional subaddresses
cc: Array of CC recipients with optional subaddresses
recipient: Primary envelope recipient
subaddress: Parsed subaddress from recipient (e.g., "tag" from "user+tag@example.com")
reply_to: Reply-To address if specified
subject: Email subject line
date: Email received timestamp (ISO 8601)
body.text: Plain text body content
body.html: HTML body content
tag: Custom tag from X-LM-Tag or X-Tag header
headers: Original email headers excluding standard ones (From, To, Subject, etc.). This is parsed from the raw message and does not include synthesized Lettermint authentication verdicts.
authentication_results: Lettermint's inbound authentication verdict after ingress scanning. Includes an RFC-style header string plus structured dkim, dmarc, and spf results. Method result values can be pass, fail, softfail, neutral, temperror, permerror, none, or unknown; when a method has no decisive signal, its result is unknown.
attachments: File attachments (see attachment delivery modes below)
raw: The original raw email file (.eml / RFC 822 format)
raw.url: Signed URL for downloading the raw email source. Valid for 28 days.
raw.expires_at: ISO 8601 timestamp indicating when the URL expires
is_spam: Whether message exceeded spam threshold
spam_score: Calculated spam score
spam_symbols: Diagnostic spam rule objects, each containing name, score, options, and description fields. Use authentication_results for stable DKIM, DMARC, and SPF verdicts.
Attachment delivery modes: By default, attachments include base64-encoded content. You can configure your inbound route to use URL delivery mode instead, where attachments include a signed url for downloading along with an expires_at ISO 8601 timestamp indicating when the URL becomes invalid. URLs are valid for 28 days. See the Inbound Mail guide for configuration.
Security: Always validate webhook signatures and sanitize email content before processing. Email bodies may contain malicious HTML or scripts.
webhook.test
Special event that can be triggered from the Dashboard for connectivity testing.
Code
{ "id": "test-7f9c8e2a-1b3d-4f6e-b7d2-5c9f3a7e8b0c", "event": "webhook.test", "timestamp": "2025-08-08T20:14:12.000Z", "data": { "message": "This is a test webhook from Lettermint", "webhook_id": "9f9bf19c-4a2c-45f3-a6c7-bc937224ec5a", "timestamp": 1754921294 }}
Next Steps
Signed Webhooks: Verify the authenticity of webhook payloads.
