So, How’s The Deliverability?
Let's be frank.
It’s an odd question to ask any decent email provider.
Having your outgoing emails reach their destination is one of our core concerns. We do everything possible on our side to make sure your emails are never denied or marked as spam.
Ensuring good deliverability is a never-ending race. Compared to other providers, we even go the extra mile.
For a simple answer, you can just jump to it. Otherwise, proceed to find out how we ensure your messages reach their destination.
Our efforts can be divided in those of:
- maintaining correct infrastructure setup,
- blacklists and feedback loops monitoring,
- verifying, throttling and monitoring all senders,
- authenticating and scanning all outgoing emails and
- preventing abuse.
Correct Infrastructure Setup
We spend a lot of efforts on implementing email infrastructure best practices. Even though we are a bootstrapped company, we never economise when it comes to having the right stuff in place.
We run multiple servers for each of the services we run. Each of our mail servers has a dedicated IP address with a correct reverse DNS entry.
Our outgoing SMTP servers use mandatory TLS encryption without support for SSLv3 due to its vulnerability. The certificates in use are updated regularly, every 3 months.
Incoming SMTP servers (MX) are TLS capable and will try to upgrade connections to it whenever possible. However, if the server that tries delivering email for some of our mailboxes does not support TLS, we will still accept. This is common sense, since there are many mis-configured servers out there. If we were to enforce TLS, some valid non-spam messages would inevitably get denied.
Blacklists are a simple, maybe even too simple way of enlisting spammy senders. On incoming traffic, mail servers (including our own) check senders’ IP addresses against the blacklists. Being enlisted could result in some traffic being denied or marked as spam.
Since most of the lists are open, anyone could add anyone to it. In the absence of better solutions, we play along. We continuously monitor all our IP addresses against 100+ known blacklists.
When an email recipient of some of the largest email providers marks messages originating from our servers as spam, we get notified.
We immediately investigate those cases. Sometimes the spam reports are due to sheer ignorance of mistaking junk with trash or malicious intentions against the sender. Sometimes however the reports are valid indicators of spammy activities by some of our users. Such users and their domains get permanently blocked and denied all service, regardless if they are paid customer or not.
By having us react immediately, we ensure your own deliverability is never influenced.
Manual Verification And Monitoring
All Migadu accounts are initially limited in the number of outgoing emails they can send per day, hour and minute. Everyone finds this throttling odd but soon realise it is in their own best interest. The limits may sound low, but we have still to experience an account without bad intents to breach them. The ones that have breached them were always spam/phishing attempts and ended up being blocked and banned from our systems. The booby trap seems to work.
Until the reputation of an account is verified, account limits are kept very low even for paid accounts. All verifications are manual and subjective. Suspicious domains and accounts are kept under observation until proven valid. We do this hard work ourselves with great care and it has proven effective.
Furthermore, our pricing is intentionally devised to appeal only to individuals, families and small businesses that are of low volume, worldwide. There is no enterprise plan if you’ve noticed. We are not interested in hosting large senders. Our sending volume therefore stays significantly low. With such, we can achieve higher reputation than the large email hosting companies out there that do not know or care who their users are.
Email Authentication With DKIM And SPF
DKIM and SPF are methods that should prevent spoofing and unauthorised email sending from your domain. While not perfect, it is the best there is at the moment. All Migadu accounts must setup and keep DKIM and SPF in order to use our services. While the two do not stop spammers, they eliminate a significant amount of phishing attempts. We hate those as oil hates water.
Scanning of Outgoing Messages
Our own spam filters have dual purpose. If your outgoing message looks like spam or includes a known virus, we will prevent you from sending it and we will both be notified of the incident.
Since there is no such thing as a perfect spam filter yer, we may also have false positives occasionally. However, if our own, good enough spam filters detect your outgoing emails as spam, what remains for the other much more complex filters out there?
Spam is very annoying for both of us, and we do our share of preventing it.
Migadu does not allow misrepresentation in outgoing emails. The envelope and “from” addresses must match the one of the mailbox account. If the addresses differ, the message sending will be denied.
We also implement a few more checks we simply should not publicly talk about.
So, Finally, How’s The Deliverability?
If your intentions are to send bulk mailing such as newsletters or spam, the deliverability is quite bad. Your mails will most likely not even be accepted by our servers. If they somehow do, and we notice your attempt, your account and your domains will be permanently banned from our platform.
If your intentions are to send personal or business emails, the deliverability is one of the best ones out there. Our outgoing email servers score on average 99.5/100 with SenderScore.org. With Mail-tester.com we get an excellent 10/10.
However, the question of deliverability is only half of the picture and understanding of how email works. Another question ought to be asked too: how's the receiveability?
We’ve already seen our share of bad spam filters and misconfigured servers. In some cases recipient servers intentionally rejected correct emails just because we are a low volume sender. Ironically that is how an ideal sender should be. To improve the “receiveability” they of course offer their own hosted email service at a hefty price.
Email is shady business. It is an industry that thrives on keeping problems not making solutions. For example, contrary to the public opinion, no big provider has an incentive to really fix the spam problem. Spam filtering is for many the business enabler and differentiator. If someone fixed the spam problem definitely, many of these businesses would disappear or would have their competitive differences nullified.
If an email goes to the recipient’s junk folder, it is not necessarily the fault of the sender. It can also be the recipient’s servers showing their muscles.