Attachments live “with” the email, and the short answer about email is what’s been sent cannot be unsent. Once you send a piece of email, you lose all control over it.
It’s kind of like the internet; once you’ve posted something, it’s almost impossible to remove all the copies.
Now, email is definitely not public, but I do want to emphasize the word “copies.”
Become a Patron of Ask Leo! and go ad-free!
Copy of a copy of a…
When you send email, it’s copied – attachment and all – from your machine to a mail server owned by your email service. Eventually it gets copied from that mail server to the mail server of your recipient, and then from that last server it’s copied to your recipient’s mail program.
Each one of those is a copy operation and it assumes two things:
- The mail with its attachment is a file on a hard disk somewhere, be it in an email server or on the user’s PC.
- After the copy completes the version that’s left behind is appropriately deleted.
Now, what’s the definition of “appropriately”? I don’t know. For most busy mail servers (like those at Yahoo), I assume it’s deleted almost immediately. There’s really no reason for them to be keeping things.
But it’s not just the servers that are causing the problem.
How long the copy stays
The person who received your email with the attachment probably accessed their email through either:
- A website that downloaded the email from Yahoo to their PC
- An email program which automatically downloaded the email to their PC.
We actually don’t know; there’s no way to tell from your perspective or mine whether the actual email or the attachment is living on Yahoo’s servers or the recipient’s own desktop PC.
The file could easily still be sitting in their inbox, in a sub-folder, or wherever they happen to put it for however long that email account exists.
Then there are back ups. Most companies back up their email servers, so your email could be sitting in the recipient’s inbox as well as one of several daily, weekly, monthly, or however frequent back up files taken of the email server or the recipient’s PC.
All of these copies are OK. Really.
All of this doesn’t scare me, to be honest.
I actually do what you do fairly regularly. I send semi-sensitive information to people via email from time to time with the understanding that yes, it could be backed up on this sever and copies could be over on that server and so on. It doesn’t bother me.
When I send something that I consider to be very sensitive, then I just take the additional step of encrypting it first and making sure that my recipient either understands how to decrypt it. I send the appropriate decryption password via phone, text, or some other channel that is not the same path that the encrypted email would take.
Why am I okay with it all? I know that servers and backups at Yahoo or the recipient’s company are only going to be accessible to very trusted employees. The only time anyone may look at your email from a server is if an employee goes rogue or there’s a court order requesting those backups.
As for the recipient’s machine, it might just stay in their inbox forever.
And backups are only kept for so long. We just don’t know how long that is for each email service.
It’s all a matter of trust
The point there is that you need to trust that:
- Yahoo and the actual IT infrastructure for your recipient’s business actually store your email on their servers as part of their normal email workflow.
- Your recipient will not keep the file any longer than they need to and keep their own machine and backups secure.
Whenever you send email, there will be multiple copies of it. That’s nothing to be overly concerned about because it’s just part of how email works.
About deleting your Yahoo! account
Finally, it’s worth noting that deleting your Yahoo! account has absolutely no impact on any of the email that you’ve sent in the past or the attachments they may have included. Those emails and attachments left your control as soon as you hit Send.
Deleting the account will do absolutely nothing other than inconvenience you.