eusend/Deliverability
DocsPricingMigrateGuidesSign in
Get started
Trust & Deliverability

Built for reliable delivery.

Deliverability isn’t a feature you switch on. It’s a property of the infrastructure underneath, the reputation of the addresses you send from, and how aggressively abuse is kept off the network. This page describes how Eusend earns it — the authentication we require, the feedback loops that run on every send, and the limits that keep one sender’s mistakes from becoming everyone’s problem. It’s an engineering description, not a claim.

Why an email platform has to say no

An email platform is a shared resource. Mail leaves through a pool of IP addresses whose reputation is built slowly and spent quickly. When mailbox providers see spam, high bounce rates, or complaints from one of those addresses, they don’t isolate the responsible sender — they throttle or block the address itself. Everyone sending through it inherits the damage.

So the most consequential thing the platform does is refuse traffic. No to unverified domains. No to a new account that wants to send a million messages on its first day. No to the sender whose complaint rate has quietly crossed the line. These aren’t obstacles bolted on after the fact — they’re the reason the platform stays deliverable at all.

We’d rather refuse a send than let it degrade delivery for every other customer on the same infrastructure. Everything below is built on that trade.

How Eusend protects deliverability

Every message — whether it enters through the REST API or over SMTP — passes through one pipeline. The same authentication, suppression, reputation, and sending limits apply either way; SMTP is a different door into the same building, not a bypass around it.

REST API
SMTP
01Authenticate the requestAPI key or SMTP credentials
02Verify the sending domainDKIM / SPF / DMARC alignment
03Check the suppression listbounces & complaints blocked first
04Apply reputation & rate limitsper-account daily ceiling
05DKIM-sign, then relay via MTATLS · MTA-STS · DANE
06Recipient server accepts or rejectsthe SMTP conversation
emits
deliveredbouncedcomplainedopenedclicked
Signed webhooks to your endpoint
One pipeline. SMTP and the REST API converge before anything is sent, and both emit the same events.

Verified senders

You can’t send from a domain until you’ve proven you control it. When you add a domain, Eusend generates a dedicated 2048-bit DKIM key for it and returns the exact DNS records to publish. Sending stays blocked until the DKIM record resolves and verifies.

1
Add a domain
in the dashboard
2
Publish the records
2048-bit DKIM + SPF + DMARC
3
Eusend confirms DKIM
the record resolves
Sending unlocked
for that domain
SPF+DKIMalignedDMARC passes at the receiver
Verification gates sending, and aligned SPF + DKIM is what makes DMARC pass at the receiver.

Automatic suppression

Every send is checked against your suppression list first. Two things put an address there automatically — and once an address is suppressed, Eusend will not send to it again.

Suppressed addresses are never retried — on any send, through the API or SMTP. That permanence is the whole value of the list.

A message is sent to a recipient
Hard bounce
permanent failure — the mailbox doesn't exist
Spam complaint
the recipient marks it as spam
Added to your suppression list
Checked before every future send — through the API and over SMTP.
Dropped — never retried
The feedback loop that runs on every send. Suppression is permanent and checked before delivery.

Gradual sender ramp-up

A brand-new domain sending large volume looks exactly like a compromised account or a spammer, because that’s the pattern they follow — and mailbox providers respond by deferring or junking the mail. Reputation is built by sending consistent, wanted mail in growing volume over time, not by opening a firehose.

New accounts start with a conservative daily ceiling. As an account demonstrates healthy sending — low bounces, low complaints, real engagement — that ceiling lifts automatically over roughly the first week. You don’t file a ticket to be trusted; you earn it by sending well. The Free plan is held at a low fixed daily rate by design.

Reputation monitoring

Bounce and complaint rates are computed continuously from your own delivery data, and they gate how much you can send:

These numbers aren’t arbitrary; they track the thresholds mailbox providers enforce themselves. Applying them automatically is what catches a degrading sender early — while the fix is still “clean your list,” not “rebuild a burned reputation.”

Healthy
under ~2% bounces & 0.04% complaints
Limits ramp up as you send clean mail.
Throttled
those thresholds are crossed
Daily sending ceiling is automatically halved.
Suspended
sustained >4% bounces or >0.08% complaints over 7 days
Sending is stopped.
Reputation gates sending automatically, in both directions — limits ramp up on clean sending and pull back as rates climb.

Shared infrastructure

Most mail goes out through a shared pool of warmed IP addresses. That’s what makes good deliverability available to a new account on day one — you inherit reputation the platform has already built. It also means every safeguard above is protecting the same thing: the reputation of addresses many customers share.

To keep one customer’s risk from becoming another’s, untrusted and free-tier traffic is routed through separate, isolated egress addresses rather than the warmed shared pool — a sender who hasn’t earned trust yet can’t spend reputation that isn’t theirs. Delivery itself is encrypted: outbound mail uses TLS and honors recipients’ MTA-STS and DANE policies, validating certificates when the receiver offers STARTTLS.

Operational principles

Why we built Eusend

Eusend exists because the existing options asked for one of two compromises. Either you trusted infrastructure that ultimately runs on a US cloud — with the legal exposure that carries for European data — or you accepted an abstraction so thick that the actual email stack, the part that determines whether mail arrives, was someone else’s black box.

We run our own mail infrastructure, in the EU, rather than forwarding requests to another provider’s API. That’s more work, and it means deliverability is ours to solve rather than something we’ve outsourced. But it also means we can see the entire delivery pipeline — the SMTP conversation with the receiving server, the reason a message deferred, the reputation of each egress address — and make engineering decisions based on what we observe. When something goes wrong in delivery, we look at the layer where it happened instead of opening a ticket with a provider we’re built on top of.

Owning the stack is the point. It’s what lets everything on this page be a design decision rather than a setting we hope an upstream honors.

Evaluate it on your own traffic first.

Every account can send against eu_test_ API keys before a single production message goes out. Test sends are accepted, tracked, and returned through the full pipeline — but never delivered — so you can build and verify your integration with zero deliverability risk. When you’re ready, verify a domain and switch to a live key.

Create a free account