← Back to MailParse

Notification Routing with MailParse | Email Parsing

How to implement Notification Routing using MailParse. Routing email notifications to Slack, Teams, or other channels based on content.

Introduction

Notification routing turns raw email into timely alerts in the right collaboration tools. Incidents, invoices, deploy summaries, build failures, customer escalations, and third party advisories still arrive by email. Without a clean pipeline, engineers copy and paste, miss critical threads, or drown in noisy inboxes. A reliable notification-routing workflow captures inbound email, parses it into structured JSON, evaluates rules, and forwards concise messages to Slack, Microsoft Teams, or custom destinations. The result is faster response, less context switching, and a clear audit trail that aligns with how teams work.

Why Notification Routing Matters

  • Reduce mean time to detect and respond. Routing security advisories or error reports to the right Slack channel increases visibility and cuts reaction time.
  • Eliminate manual triage. Automated classification by subject, sender domain, or MIME content saves hours of repetitive sorting each week.
  • Improve consistency. Repeatable rules ensure that similar notifications land in the same workspace with the same format and fields.
  • Consolidate tools. Email is ubiquitous. A routing pipeline lets you integrate legacy systems with modern chat and incident platforms without custom connectors in each system.
  • Enhance observability. Structured JSON creates a foundation for metrics, dashboards, and searchable archives of notifications.
  • Lower risk. Strong parsing reduces missed details caused by complex MIME, encodings, or inline attachments. A stable pipeline offers predictable behavior under load.

Architecture Overview: Email Parsing in a Notification-Routing Pipeline

A practical notification-routing architecture is simple enough to manage yet flexible enough to evolve. The flow typically looks like this:

  1. Provision an instant email address for inbound notifications. Examples include alerts@org.example or vendor-specific addresses that vendors already support.
  2. Receive email, parse MIME into normalized JSON, and expose the result via webhook delivery or REST polling.
  3. Run the payload through a routing layer that checks rules. Rules can inspect the subject line, sender domain, headers, body text, and attachments, then assign a target like Slack incident channel, Teams ops channel, or a custom webhook.
  4. Transform and deliver downstream messages. Render a concise, actionable summary with links back to the original email payload and attachments.
  5. Log, monitor, and retry on failure. Persist decisions and outcomes for audit and analytics.

This pipeline leans on robust MIME processing to ensure structured data. If you are new to message structure, read MIME Parsing: A Complete Guide | MailParse and Email Parsing API: A Complete Guide | MailParse for a deep dive into headers, content types, inline images, and common pitfalls.

With MailParse, teams get instant email endpoints, reliable MIME parsing, and delivery options that plug directly into routing logic. You focus on business rules while the service handles the heavy lifting of email processing.

Implementation Walkthrough

1. Provision an inbound address and a webhook target

Create a dedicated address for each notification source or domain of alerts. Point delivery to your webhook endpoint. The webhook receives a POST request per message with the parsed JSON. For best practices on resilience, review Webhook Integration: A Complete Guide | MailParse.

2. Understand the JSON payload

A typical parsed payload contains high level metadata, normalized text, and attachments. Example structure:

{
  "id": "msg_01HZX2GQ7M5E7H4TQYPMJ6W7AB",
  "timestamp": "2026-05-03T12:41:02Z",
  "envelope": {
    "from": "alerts@vendor.example",
    "to": ["ops-alerts@org.example"],
    "subject": "[CRITICAL] API latency above threshold",
    "message_id": "<20260503.1240.abcdef@vendor.example>"
  },
  "headers": {
    "from": "Vendor Alerts <alerts@vendor.example>",
    "to": "Ops Alerts <ops-alerts@org.example>",
    "subject": "[CRITICAL] API latency above threshold",
    "mime-version": "1.0",
    "content-type": "multipart/alternative; boundary=\"abc123\"",
    "x-priority": "1"
  },
  "parts": [
    {
      "content_type": "text/plain",
      "charset": "utf-8",
      "text": "Region: us-east-1\nService: api-gateway\nLatency p95: 1.6s\nRunbook: https://runbooks.example/api-latency"
    },
    {
      "content_type": "text/html",
      "charset": "utf-8",
      "html": "<p>Region: us-east-1</p><p>Service: api-gateway</p><p>Latency p95: 1.6s</p>"
    }
    ],
  "attachments": [
    {
      "filename": "latency-chart.png",
      "content_type": "image/png",
      "size": 58213,
      "url": "https://files.example/attachments/msg_01HZX2.../latency-chart.png"
    }
  ],
  "security": {
    "spf": "pass",
    "dkim": "pass",
    "dmarc": "pass"
  }
}

Keys and structure may vary, but you can rely on consistent normalization across messages. That consistency is what enables clean notification routing rules.

3. Build a routing function with clear rules

Start with deterministic rules that are easy to audit. Combine subject patterns, sender domains, and header signals to assign severity and channel. Example in TypeScript:

type Route = { channel: "slack" | "teams" | "webhook"; target: string; severity: "info" | "warning" | "critical" };

function parseSeverity(subject: string, xPriority?: string): "info" | "warning" | "critical" {
  const s = subject.toLowerCase();
  if (s.includes("[critical]") || s.includes("sev1") || xPriority === "1") return "critical";
  if (s.includes("[warning]") || s.includes("sev2")) return "warning";
  return "info";
}

function selectTarget(payload: any): Route {
  const subject = payload.envelope.subject || "";
  const from = (payload.envelope.from || "").toLowerCase();
  const xPriority = payload.headers["x-priority"];
  const severity = parseSeverity(subject, xPriority);

  // Domain based routing
  if (from.endsWith("@vendor.example")) {
    return { channel: "slack", target: "https://hooks.slack.com/services/T000/B000/XXX", severity };
  }
  if (from.endsWith("@billing.example")) {
    return { channel: "teams", target: "https://outlook.office.com/webhook/YYY", severity };
  }

  // Content based routing
  const plain = (payload.parts || []).find((p: any) => p.content_type === "text/plain")?.text || "";
  if (/invoice/i.test(subject) || /invoice/i.test(plain)) {
    return { channel: "webhook", target: "https://accounting.example/ingest", severity: "info" };
  }

  // Default
  return { channel: "slack", target: "https://hooks.slack.com/services/T000/B000/ZZZ", severity };
}

function summarize(payload: any, severity: string): { title: string; body: string } {
  const subject = payload.envelope.subject || "(no subject)";
  const from = payload.envelope.from || "(unknown)";
  const text = (payload.parts || []).find((p: any) => p.content_type === "text/plain")?.text || "";
  const snippet = text.split("\n").slice(0, 6).join("\n");
  return {
    title: `[${severity.toUpperCase()}] ${subject}`,
    body: `From: ${from}\n\n${snippet}`
  };
}

Keep rules small and composable. You can incrementally add new matchers for specific vendors without affecting existing behavior. Store rule versions so you can trace why a message routed to a given channel.

4. Deliver to Slack and Microsoft Teams

After selecting a route, transform the summary into each destination format. Minimal examples:

Slack incoming webhook:

curl -X POST -H "Content-type: application/json" \
  --data '{
    "text": "[CRITICAL] API latency above threshold",
    "attachments": [
      {
        "color": "#E01E5A",
        "fields": [
          { "title": "From", "value": "alerts@vendor.example", "short": true },
          { "title": "Runbook", "value": "https://runbooks.example/api-latency", "short": true }
        ]
      }
    ]
  }' \
  https://hooks.slack.com/services/T000/B000/XXX

Microsoft Teams incoming webhook:

curl -X POST -H "Content-Type: application/json" \
  --data '{
    "@type": "MessageCard",
    "@context": "http://schema.org/extensions",
    "themeColor": "EA4300",
    "summary": "API latency alert",
    "sections": [{
      "activityTitle": "[CRITICAL] API latency above threshold",
      "facts": [
        { "name": "From", "value": "alerts@vendor.example" },
        { "name": "Region", "value": "us-east-1" }
      ],
      "markdown": true
    }]
  }' \
  https://outlook.office.com/webhook/YYY

Attach links to the original payload and any attachment URLs. For sensitive data, sign links or proxy through your API to control access and apply authorization checks.

5. Polling alternative

If webhooks are not feasible, poll the REST endpoint on an interval and acknowledge messages by their IDs. Simple pattern:

// Pseudocode
let cursor = null;

while (true) {
  const page = await fetch(`/messages?cursor=${cursor || ""}&limit=50`).then(r => r.json());
  for (const msg of page.items) {
    // apply routing and deliver
    await handle(msg);
    // store last processed id
    cursor = msg.id;
  }
  await sleep(3000);
}

Polling is useful in restricted networks or where inbound connectivity is not allowed. When possible, prefer webhooks to reduce latency and infrastructure complexity.

Handling Edge Cases

Email is messy. Notification routing must survive real world variation and still produce reliable outcomes. Consider these cases:

  • Malformed headers or missing fields. Default to safe values like subject of "(no subject)" and a generic sender. Log for inspection rather than failing the pipeline.
  • Quoted-printable and base64 encodings. Normalize text to UTF-8, collapse soft line breaks, and strip trailing spaces. Keep both plain text and HTML available to improve matching.
  • HTML-only messages. Convert HTML to text for rule evaluation. A simple sanitize and tag strip preserves content while reducing noise.
  • Large attachments. Enforce size thresholds. Fetch or proxy attachments only when required. For images used as charts, embed a thumbnail or link rather than uploading full files to chat.
  • Inline images and CID references. Replace cid: references in HTML with resolved URLs so previews render correctly in downstream tools.
  • Bounce loops and auto replies. Detect common headers like Auto-Submitted, Precedence, and X-Auto-Response-Suppress. Suppress or route to a low noise channel.
  • Security signatures. Preserve S/MIME and PGP parts when present. Route the summary while storing the original for audit.
  • Duplicate delivery. Deduplicate by Message-ID plus a normalized hash of the body. Use idempotency keys in your delivery layer.

MailParse normalizes common encodings and surface-level MIME quirks into predictable fields, which simplifies rule evaluation and reduces the need for custom parsers in your application code.

Scaling and Monitoring

Production grade notification-routing requires careful attention to throughput, reliability, and cost control.

  • Queue incoming payloads. Use a message queue between the webhook receiver and the routing worker. This protects you from downstream slowness.
  • Apply idempotency. Combine the provider message ID and a content hash as a unique key. Skip reprocessing if the key already exists.
  • Retry with backoff. Distinguish between transient and permanent errors. For HTTP 5xx or network failures, retry with exponential backoff. For 4xx like 410 Gone, consider the route invalid and alert an operator.
  • Enforce rate limits. Implement a token bucket per destination to avoid Slack or Teams throttling. Spill excess volume to a backlog queue with aging rules.
  • Instrument end to end. Track counts by source, latency percentiles from receipt to delivery, success and failure rates, rule evaluation time, and per channel throughput.
  • Alert on anomalies. Notify when critical sources fall silent, when failure rates spike, or when queue depth surpasses thresholds.
  • Manage secrets safely. Store destination webhooks and API tokens in a secrets manager. Rotate regularly. Avoid logging sensitive URLs.
  • Store originals and summaries. Persist a compact summary for search. Keep a reference to the original email and attachment URLs for audit and replay.

MailParse delivers parsed JSON via webhook or polling, which lets your scaling layer focus on queueing, retries, and rule evaluation. Keep your routing logic stateless where possible so you can scale horizontally.

Conclusion

Notification routing bridges email first systems with chat first workflows. By normalizing messages, evaluating clear rules, and delivering concise summaries to Slack, Microsoft Teams, or custom webhooks, teams gain faster response and better collaboration. Start with a narrow set of high value sources, measure impact, then expand coverage. A small, reliable pipeline can power an entire use case landing for alerts, releases, and customer operations.

If you want deeper background on message structures and delivery patterns, explore MIME Parsing: A Complete Guide | MailParse and Email Parsing API: A Complete Guide | MailParse. When you are ready to wire up webhooks in production, review Webhook Integration: A Complete Guide | MailParse. MailParse provides instant email addresses and structured JSON so you can focus on routing logic instead of MIME edge cases.

FAQ

How do I map one email to multiple channels without duplication?

Use a rule engine that returns a set of targets. For example, send critical incidents to a public ops channel and a private on call channel. Assign a single idempotency key to the source message and tag each downstream delivery with a subkey per destination. If a retry occurs, your dedupe store prevents double posting to the same channel while still allowing delivery to other channels.

What is the best way to handle attachments securely?

Store attachments in a private object store and generate short lived signed URLs. Replace direct links with proxy endpoints that enforce authorization and redact sensitive names. In Slack and Teams, avoid uploading raw files for large artifacts. Link to the proxy with clear file metadata, size, and a content type badge so users know what to expect.

How can I reduce noise from auto replies, mailing lists, and promotional emails?

Check headers like Auto-Submitted, List-Id, Precedence, and X-Auto-Response-Suppress. Downrank or ignore messages that match common patterns. Apply sender reputation by domain and subject heuristics. Keep a denylist for known noisy senders and a safelist for critical sources. Log suppressed messages with a reason so you can tune rules over time.

How do I test the end to end routing pipeline?

Create a staging inbox with the same parsing and delivery configuration. Seed fixtures that cover plain text, HTML only, multipart mixed, attachments, inline images, and various charsets. For each fixture, run assertions on parsed JSON, rule decisions, and downstream payloads. Include failure tests, for example Slack webhook returning 429 or 500. Validate idempotency by replaying the same message twice and ensuring only one post appears.

What if my vendor uses unusual MIME or character encodings?

Capture a few raw messages for that vendor and confirm that the parser exposes both normalized text and the original parts. Prefer rules based on normalized plain text when possible. Keep a fallback that scans HTML if plain text is missing. If a vendor embeds data in attachments, for example CSV reports, run a lightweight extractor in the routing worker and attach key metrics to the downstream message.

Related Articles

Email Parsing API: A Complete Guide | MailParse

Introduction to Email Parsing APIs Email is a universal protocol that still drives product signups, support threads, alerts, and user-generated content. For ...

Webhook Integration: A Complete Guide | MailParse

Why webhook integration matters for real-time email delivery Webhooks power real-time integrations by pushing events to your application the moment they happ...

MIME Parsing: A Complete Guide | MailParse

Why MIME Parsing Matters for Modern Email Integrations Email is a critical integration surface for SaaS products. Notifications, user replies, support ticket...

Ready to get started?

Start parsing inbound emails with MailParse today.

Get Started Free