In my view, one can certify the submission part of the process with minimal effort using DKIM and ARC. Let’s say you run a law firm that uses O365 for its email service. You can open a free Gmail account for such certification and BCC every important communication to this filing address—either manually, or by setting up a rule.
This way, you would have a DKIM signature from Microsoft on your outbound messages that covers From, Date, Subject, Message-ID, message body & attachment contents, and more. You would also have ARC signatures from both Microsoft and Google. Fortunately, Google’s ARC signature also covers the To header field
Successful verification of these signatures on the inbound message to the filing mailbox would confirm when the message was sent, to/from whom it was sent, and the contents of the message body and all attachments.
A few things to be mindful of:
The duration of the certification coverage needed. DKIM & ARC public keys are not available forever. If long-term coverage is needed (i.e., several years), special arrangements would need to be made to preserve the keys.
You would want to monitor the DKIM & ARC signatures periodically to make sure that the metadata fields you care about are covered.
Although DKIM & ARC are standardized and are fairly easy to verify, it may be necessary to retain an expert to perform such verification if a dispute arises. On the other hand, if you use a trusted third-party certification service, a report or receipt from them may alleviate concerns quicker.
You may want to consider whether Gmail’s end user license agreement & ToC align with your privacy expectations for these communications. If not, perhaps Google Workspace or another provider that supports DKIM & ARC may be appropriate.
A third-party provider would come into play if you need to verify the delivery as well as the opening of the messages and their attachments. For delivery, the provider would take each message from you, deliver it itself, and log the corresponding response from the target mail exchanger. I believe eGarante refers to this when they say:
Entrega doble por eGarante refuerza el envío
It sounds like the message is delivered once (by your original submission), and a second time by eGarante’s submission to the recipient’s mail exchanger.
Tracking email opens could be handled in at least two different ways:
One can embed tracking pixels into outbound emails and log information based on HTTP requests for the image. This is very brittle as there may be automated caching of the image by service providers without user interaction, and mail user agents often block linked images by default.
The provider can take the sender’s message and its attachments, put them behind a wall, and present a link to the recipient to get there. In essence, your original message body and attachments would be replaced with one or more links. When the recipient explicitly follows the links and opens the message and/or attachments, their details and actions are tracked, logged, and perhaps timestamped (as in RFC 3161).
In either case, you may need to consider the privacy implications, applicable laws, and the overall legality of such tracking.
I did not get the impression that eGarante does the above. But there are services that do, in some cases to the level of how much time is spent per page of the attached document (only works for their native docs, not external attachments such as PDFs).