[{"data":1,"prerenderedAt":1319},["ShallowReactive",2],{"content-developer\u002Fhow-email-works":3,"surround-\u002Fdeveloper\u002Fhow-email-works":1310},{"id":4,"title":5,"body":6,"description":1302,"extension":1303,"meta":1304,"navigation":1305,"path":1306,"seo":1307,"stem":1308,"__hash__":1309},"content\u002F3.developer\u002F12.how-email-works.md","How Email Works",{"type":7,"value":8,"toc":1257},"minimark",[9,13,16,21,24,27,103,106,111,121,136,140,152,162,165,169,179,183,194,198,205,213,216,219,223,279,282,286,293,304,308,311,331,335,342,450,463,467,470,523,527,534,562,568,572,585,587,591,598,605,611,618,634,638,648,659,665,668,674,688,692,702,708,711,737,748,760,764,767,796,799,803,814,816,820,823,834,838,841,863,870,874,877,880,886,890,893,980,983,987,990,993,997,1000,1007,1011,1022,1026,1041,1065,1068,1072,1075,1081,1084,1088,1091,1095,1101,1105,1112,1129,1132,1136,1162,1166,1173,1177,1190,1194,1197,1247],[10,11,12],"p",{},"Every day, over 300 billion emails are sent worldwide. Yet most people — including many developers — have no idea what actually happens between clicking \"send\" and a message appearing in someone's inbox. Email is one of the oldest and most resilient protocols on the internet, first standardized in the early 1980s and still going strong.",[10,14,15],{},"This guide walks through the full technical picture: how messages travel across the internet, how servers authenticate senders, why some emails land in spam, and what makes sending a marketing campaign fundamentally different from sending a message to a friend.",[17,18,20],"h2",{"id":19},"the-journey-of-an-email","The Journey of an Email",[10,22,23],{},"An email passes through several systems on its way from sender to recipient. Each system has a specific role, and understanding these roles is key to understanding email as a whole.",[10,25,26],{},"Here's the terminology you'll encounter:",[28,29,30,46],"table",{},[31,32,33],"thead",{},[34,35,36,40,43],"tr",{},[37,38,39],"th",{},"Abbreviation",[37,41,42],{},"Full Name",[37,44,45],{},"Role",[47,48,49,64,77,90],"tbody",{},[34,50,51,58,61],{},[52,53,54],"td",{},[55,56,57],"strong",{},"MUA",[52,59,60],{},"Mail User Agent",[52,62,63],{},"The email client (Gmail, Outlook, Thunderbird, or your app)",[34,65,66,71,74],{},[52,67,68],{},[55,69,70],{},"MSA",[52,72,73],{},"Mail Submission Agent",[52,75,76],{},"Accepts outgoing mail from authenticated users",[34,78,79,84,87],{},[52,80,81],{},[55,82,83],{},"MTA",[52,85,86],{},"Mail Transfer Agent",[52,88,89],{},"Routes and relays mail between servers",[34,91,92,97,100],{},[52,93,94],{},[55,95,96],{},"MDA",[52,98,99],{},"Mail Delivery Agent",[52,101,102],{},"Delivers mail into the recipient's mailbox",[104,105],"email-journey",{},[107,108,110],"h3",{"id":109},"composing-and-submitting","Composing and Submitting",[10,112,113,114,116,117,120],{},"When you hit \"send\" in your email client (the MUA), the message is submitted to a ",[55,115,73],{}," over SMTP on ",[55,118,119],{},"port 587",". The MSA requires authentication — you must prove you're allowed to send from that address. This is why you enter your email password or use an app-specific token.",[10,122,123,124,128,129,132,133,135],{},"The MSA validates the message, adds some headers (like ",[125,126,127],"code",{},"Date"," and ",[125,130,131],{},"Message-ID"," if missing), and passes it to the outbound ",[55,134,86],{},".",[107,137,139],{"id":138},"routing","Routing",[10,141,142,143,147,148,151],{},"The sender's MTA needs to figure out ",[144,145,146],"em",{},"where"," to deliver the message. It does this by querying DNS for the recipient domain's ",[55,149,150],{},"MX records"," (Mail eXchange). MX records point to the hostnames of the servers that accept mail for that domain.",[153,154,159],"pre",{"className":155,"code":157,"language":158},[156],"language-text","$ dig +short MX gmail.com\n5  gmail-smtp-in.l.google.com.\n10 alt1.gmail-smtp-in.l.google.com.\n20 alt2.gmail-smtp-in.l.google.com.\n","text",[125,160,157],{"__ignoreMap":161},"",[10,163,164],{},"The numbers are priorities — lower is preferred. The MTA tries each server in order until one accepts the message.",[107,166,168],{"id":167},"delivery","Delivery",[10,170,171,172,175,176,178],{},"The ",[55,173,174],{},"receiving MTA"," accepts (or rejects) the message based on authentication checks (SPF, DKIM, DMARC — covered below), spam filtering, and server-level policies. If accepted, the message is handed to the ",[55,177,99],{},", which sorts it into the correct mailbox, applies user-defined filters, and stores it.",[107,180,182],{"id":181},"retrieval","Retrieval",[10,184,185,186,189,190,193],{},"The recipient's email client retrieves messages using ",[55,187,188],{},"IMAP"," (Internet Message Access Protocol) or ",[55,191,192],{},"POP3"," (Post Office Protocol). IMAP keeps messages on the server and syncs state across devices. POP3 downloads messages and typically removes them from the server. Webmail clients like Gmail skip this step entirely — they read directly from the server's storage.",[17,195,197],{"id":196},"the-smtp-protocol","The SMTP Protocol",[10,199,200,201,204],{},"SMTP (Simple Mail Transfer Protocol) is the standard protocol for sending email. It's a ",[55,202,203],{},"push protocol"," — it only handles sending, not receiving. It was designed in 1982 (RFC 821) and has been extended many times since, but the core conversation still looks remarkably similar.",[206,207,210],"callout",{"title":208,"type":209},"SMTP is a conversation","info",[10,211,212],{},"Unlike HTTP where the client sends a request and gets a response, SMTP is a multi-step dialogue. The client and server exchange commands and responses in sequence, negotiating the transfer of a message.",[10,214,215],{},"Here's what a raw SMTP session looks like:",[217,218],"smtp-session",{},[107,220,222],{"id":221},"port-numbers","Port Numbers",[28,224,225,238],{},[31,226,227],{},[34,228,229,232,235],{},[37,230,231],{},"Port",[37,233,234],{},"Name",[37,236,237],{},"Purpose",[47,239,240,253,266],{},[34,241,242,247,250],{},[52,243,244],{},[55,245,246],{},"25",[52,248,249],{},"SMTP",[52,251,252],{},"Server-to-server relay (MTA to MTA)",[34,254,255,260,263],{},[52,256,257],{},[55,258,259],{},"587",[52,261,262],{},"Submission",[52,264,265],{},"Client-to-server with STARTTLS (MUA to MSA)",[34,267,268,273,276],{},[52,269,270],{},[55,271,272],{},"465",[52,274,275],{},"SMTPS",[52,277,278],{},"Client-to-server with implicit TLS (legacy, re-standardized)",[10,280,281],{},"Port 25 is used between mail servers and is typically blocked by ISPs for consumer connections to prevent spam. Port 587 is what your email client uses — it requires authentication and encryption via STARTTLS.",[17,283,285],{"id":284},"email-anatomy-envelope-vs-headers-vs-body","Email Anatomy — Envelope vs Headers vs Body",[10,287,288,289,292],{},"One of the most confusing aspects of email is that there are ",[144,290,291],{},"two"," sets of sender\u002Frecipient information, and they can differ.",[10,294,295,296,299,300,303],{},"Think of it like physical mail: the ",[55,297,298],{},"envelope"," has a return address and destination address that the postal service uses for routing. Inside the envelope, the ",[55,301,302],{},"letter"," has its own \"From\" and \"To\" at the top — these are what the recipient sees, but the postal service ignores them.",[107,305,307],{"id":306},"the-envelope","The Envelope",[10,309,310],{},"The SMTP envelope consists of two commands:",[312,313,314,323],"ul",{},[315,316,317,322],"li",{},[55,318,319],{},[125,320,321],{},"MAIL FROM:"," — the return address (also called the Return-Path or bounce address). If the message can't be delivered, the bounce notification goes here.",[315,324,325,330],{},[55,326,327],{},[125,328,329],{},"RCPT TO:"," — the actual destination address(es). This is where the message is physically delivered.",[107,332,334],{"id":333},"the-headers","The Headers",[10,336,337,338,341],{},"Inside the ",[125,339,340],{},"DATA"," portion of the SMTP conversation, the message has headers that the recipient sees:",[28,343,344,353],{},[31,345,346],{},[34,347,348,351],{},[37,349,350],{},"Header",[37,352,237],{},[47,354,355,365,375,385,394,403,417,438],{},[34,356,357,362],{},[52,358,359],{},[125,360,361],{},"From",[52,363,364],{},"The displayed sender address",[34,366,367,372],{},[52,368,369],{},[125,370,371],{},"To",[52,373,374],{},"The displayed recipient address",[34,376,377,382],{},[52,378,379],{},[125,380,381],{},"Subject",[52,383,384],{},"The subject line",[34,386,387,391],{},[52,388,389],{},[125,390,127],{},[52,392,393],{},"When the message was sent",[34,395,396,400],{},[52,397,398],{},[125,399,131],{},[52,401,402],{},"Unique identifier for the message",[34,404,405,410],{},[52,406,407],{},[125,408,409],{},"MIME-Version",[52,411,412,413,416],{},"Always ",[125,414,415],{},"1.0"," — indicates MIME formatting",[34,418,419,424],{},[52,420,421],{},[125,422,423],{},"Content-Type",[52,425,426,427,430,431,430,434,437],{},"The body format (",[125,428,429],{},"text\u002Fplain",", ",[125,432,433],{},"text\u002Fhtml",[125,435,436],{},"multipart\u002Falternative",")",[34,439,440,445],{},[52,441,442],{},[125,443,444],{},"Reply-To",[52,446,447,448,437],{},"Where replies should go (if different from ",[125,449,361],{},[206,451,454],{"title":452,"type":453},"Why phishing works","warning",[10,455,171,456,458,459,462],{},[125,457,361],{}," header is just text — anyone can write anything there. This is why you can receive an email that ",[144,460,461],{},"appears"," to come from your bank but was actually sent from a completely different server. Email authentication (SPF, DKIM, DMARC) was invented to solve this problem.",[107,464,466],{"id":465},"why-envelope-and-headers-can-differ","Why Envelope and Headers Can Differ",[10,468,469],{},"There are legitimate reasons for mismatches:",[312,471,472,489,498,507],{},[315,473,474,477,478,481,482,484,485,488],{},[55,475,476],{},"BCC",": the BCC recipient appears in ",[125,479,480],{},"RCPT TO"," but not in the ",[125,483,371],{}," or ",[125,486,487],{},"Cc"," headers",[315,490,491,494,495,497],{},[55,492,493],{},"Mailing lists",": the list server receives the message and re-sends it to all subscribers. The ",[125,496,361],{}," stays as the original author, but the envelope sender changes to the list's bounce address",[315,499,500,503,504,506],{},[55,501,502],{},"Forwarding",": the ",[125,505,361],{}," header stays the same, but the envelope sender changes to the forwarder",[315,508,509,503,512,515,516,519,520,522],{},[55,510,511],{},"Marketing email",[125,513,514],{},"MAIL FROM"," is often a bounce-processing address (like ",[125,517,518],{},"bounces+id@esp.example.com","), while ",[125,521,361],{}," shows the brand's address",[107,524,526],{"id":525},"mime-and-multipart-messages","MIME and Multipart Messages",[10,528,529,530,533],{},"Modern emails rarely contain just plain text. ",[55,531,532],{},"MIME"," (Multipurpose Internet Mail Extensions) allows emails to carry multiple content types in a single message:",[312,535,536,543,551],{},[315,537,538,542],{},[55,539,540],{},[125,541,436],{}," — the same content in different formats (plain text + HTML). The email client picks which to display.",[315,544,545,550],{},[55,546,547],{},[125,548,549],{},"multipart\u002Fmixed"," — the message body plus attachments",[315,552,553,558,559,437],{},[55,554,555],{},[125,556,557],{},"multipart\u002Frelated"," — HTML body with inline images (referenced via ",[125,560,561],{},"Content-ID",[153,563,566],{"className":564,"code":565,"language":158},[156],"Content-Type: multipart\u002Falternative; boundary=\"boundary123\"\n\n--boundary123\nContent-Type: text\u002Fplain; charset=\"utf-8\"\n\nHello, this is the plain text version.\n\n--boundary123\nContent-Type: text\u002Fhtml; charset=\"utf-8\"\n\n\u003Chtml>\u003Cbody>\u003Ch1>Hello\u003C\u002Fh1>\u003Cp>This is the HTML version.\u003C\u002Fp>\u003C\u002Fbody>\u003C\u002Fhtml>\n\n--boundary123--\n",[125,567,565],{"__ignoreMap":161},[17,569,571],{"id":570},"email-authentication","Email Authentication",[10,573,574,575,430,578,581,582,135],{},"In the early days of email, there was no way to verify that a message actually came from the domain it claimed to come from. Anyone could send an email pretending to be anyone else. Three complementary protocols were developed to solve this: ",[55,576,577],{},"SPF",[55,579,580],{},"DKIM",", and ",[55,583,584],{},"DMARC",[570,586],{},[107,588,590],{"id":589},"spf-sender-policy-framework","SPF — Sender Policy Framework",[10,592,593,594,597],{},"SPF lets a domain declare which servers are allowed to send email on its behalf. The domain publishes a ",[55,595,596],{},"DNS TXT record"," listing authorized IP addresses and services.",[10,599,600,601,604],{},"When a receiving server gets a message, it checks the ",[55,602,603],{},"Return-Path domain"," (envelope sender), looks up that domain's SPF record, and verifies the connecting server's IP is in the authorized list.",[153,606,609],{"className":607,"code":608,"language":158},[156],"example.com.  IN TXT  \"v=spf1 include:amazonses.com include:_spf.google.com -all\"\n",[125,610,608],{"__ignoreMap":161},[10,612,613,614,617],{},"This record says: \"Only Amazon SES and Google Workspace are allowed to send email for example.com. Reject everything else (",[125,615,616],{},"-all",").\"",[10,619,620,623,624,626,627,630,631,633],{},[55,621,622],{},"Limitation",": SPF checks the envelope sender, not the ",[125,625,361],{}," header. A phishing email can pass SPF if the phisher uses their ",[144,628,629],{},"own"," domain in the Return-Path while spoofing the ",[125,632,361],{}," header.",[107,635,637],{"id":636},"dkim-domainkeys-identified-mail","DKIM — DomainKeys Identified Mail",[10,639,640,641,644,645,633],{},"DKIM adds a ",[55,642,643],{},"cryptographic signature"," to outgoing emails. The sending server signs specific headers and the message body using a private key. The signature is included as a ",[125,646,647],{},"DKIM-Signature",[10,649,650,651,654,655,658],{},"The receiving server extracts the signing domain (",[125,652,653],{},"d=",") and selector (",[125,656,657],{},"s=",") from the signature, looks up the corresponding public key via DNS, and verifies the signature. If the message was altered in transit, the signature check fails.",[153,660,663],{"className":661,"code":662,"language":158},[156],"DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=s1;\n  h=from:to:subject:date:message-id;\n  bh=2jUSOH9Nhtj...;\n  b=dzdVyOfAKCdL...\n",[125,664,662],{"__ignoreMap":161},[10,666,667],{},"The public key is published as a DNS TXT record:",[153,669,672],{"className":670,"code":671,"language":158},[156],"s1._domainkey.example.com.  IN TXT  \"v=DKIM1; k=rsa; p=MIGfMA0GCS...\"\n",[125,673,671],{"__ignoreMap":161},[10,675,676,678,679,682,683,685,686,135],{},[55,677,622],{},": DKIM proves the message wasn't tampered with and was signed by a specific domain, but it doesn't prove that ",[125,680,681],{},"d=example.com"," matches the ",[125,684,361],{}," header. A phisher could sign with their own domain while spoofing ",[125,687,361],{},[107,689,691],{"id":690},"dmarc-domain-based-message-authentication-reporting-conformance","DMARC — Domain-based Message Authentication, Reporting & Conformance",[10,693,694,695,698,699,701],{},"DMARC ties SPF and DKIM together by adding ",[55,696,697],{},"alignment"," — requiring that the domain in the ",[125,700,361],{}," header matches the domain verified by SPF or DKIM (or both).",[153,703,706],{"className":704,"code":705,"language":158},[156],"_dmarc.example.com.  IN TXT  \"v=DMARC1; p=reject; rua=mailto:dmarc@example.com\"\n",[125,707,705],{"__ignoreMap":161},[10,709,710],{},"DMARC introduces three policy levels:",[312,712,713,721,729],{},[315,714,715,720],{},[55,716,717],{},[125,718,719],{},"p=none"," — monitor only; don't take action on failures (useful when setting up)",[315,722,723,728],{},[55,724,725],{},[125,726,727],{},"p=quarantine"," — send failures to the spam folder",[315,730,731,736],{},[55,732,733],{},[125,734,735],{},"p=reject"," — outright reject messages that fail alignment",[10,738,739,740,743,744,747],{},"DMARC also introduces ",[55,741,742],{},"aggregate reports"," (",[125,745,746],{},"rua","): receiving servers send daily XML reports telling the domain owner how many emails passed or failed authentication. This is invaluable for monitoring and debugging.",[206,749,752],{"title":750,"type":751},"BIMI — Brand Indicators for Message Identification","tip",[10,753,754,755,484,757,759],{},"BIMI is an emerging standard that lets domains display their logo next to authenticated emails in supporting email clients. It requires a valid DMARC policy with ",[125,756,727],{},[125,758,735],{}," and a Verified Mark Certificate (VMC). Gmail, Apple Mail, and Yahoo support BIMI.",[107,761,763],{"id":762},"how-they-work-together","How They Work Together",[10,765,766],{},"A fully authenticated email setup looks like this:",[768,769,770,775,783,793],"ol",{},[315,771,772,774],{},[55,773,577],{}," confirms the sending server's IP is authorized for the Return-Path domain",[315,776,777,779,780,782],{},[55,778,580],{}," confirms the message body and headers haven't been tampered with, signed by the ",[125,781,653],{}," domain",[315,784,785,787,788,790,791,782],{},[55,786,584],{}," confirms that the ",[125,789,361],{}," header domain aligns with either the SPF domain or the DKIM ",[125,792,653],{},[315,794,795],{},"The receiving server applies the DMARC policy if alignment fails",[10,797,798],{},"All three passing gives receiving servers strong confidence that the email is legitimate.",[17,800,802],{"id":801},"sender-reputation","Sender Reputation",[10,804,805,806,809,810,813],{},"Authentication proves who you are. Reputation determines whether you're trusted. Even a perfectly authenticated email — SPF pass, DKIM verified, DMARC aligned — can land in spam if the sender has a poor reputation. Mailbox providers track reputation on two axes: the ",[55,807,808],{},"IP address"," the message was sent from, and the ",[55,811,812],{},"domain"," associated with the sender.",[801,815],{},[107,817,819],{"id":818},"ip-reputation","IP Reputation",[10,821,822],{},"Every IP address that sends email accumulates a reputation score with each mailbox provider it delivers to. This score is based on measurable sending behavior: bounce rates, spam complaint rates, spam trap hits, and volume patterns. In the 2000s and early 2010s, IP reputation was the dominant trust signal — domain-level authentication (DKIM, DMARC) wasn't widely adopted yet, so the IP was the most reliable way to identify a sender.",[10,824,825,826,829,830,833],{},"IP reputation comes in two flavors. ",[55,827,828],{},"Shared IPs"," are used by email service providers like SendGrid or Mailgun, where thousands of customers send from the same pool of addresses. Your reputation is blended with everyone else's — good for low-volume senders who benefit from the pool's established trust, risky if a neighbor sends spam. ",[55,831,832],{},"Dedicated IPs"," give you a reputation that's entirely your own, but they start cold — you must warm them gradually over weeks by sending to your most engaged recipients first.",[107,835,837],{"id":836},"domain-reputation","Domain Reputation",[10,839,840],{},"Domain reputation is the modern primary signal. Mailbox providers track reputation against several domain identifiers:",[312,842,843,851,857],{},[315,844,845,743,848,850],{},[55,846,847],{},"DKIM signing domain",[125,849,653],{}," value in the DKIM-Signature header) — the strongest signal, because it's cryptographically tied to the sender",[315,852,853,856],{},[55,854,855],{},"Envelope sender domain"," (the Return-Path \u002F MAIL FROM domain)",[315,858,859,862],{},[55,860,861],{},"From header domain"," — the domain recipients see in their inbox",[10,864,865,866,869],{},"Google retired its domain and IP reputation dashboards from Postmaster Tools in late 2025, shifting to compliance-focused metrics (spam rate, authentication errors, delivery issues) — a signal that Gmail's filtering has moved beyond simple reputation scores toward holistic engagement and compliance signals. Microsoft's SNDS still surfaces IP-level data, but since May 2025 Microsoft also enforces domain-level authentication (SPF, DKIM, DMARC alignment) for bulk senders, with message rejection for non-compliant domains rolling out in 2026. The critical advantage of domain reputation: it ",[55,867,868],{},"persists when you change infrastructure",". Switch ESPs, rotate IPs, migrate providers — your domain reputation travels with you.",[107,871,873],{"id":872},"the-shift-from-ip-to-domain","The Shift from IP to Domain",[10,875,876],{},"The shift happened for practical reasons. Cloud-based ESPs made shared IPs the norm — when thousands of senders share the same IP addresses, IP reputation becomes a blunt instrument. Google's 2024 bulk sender requirements made this shift explicit by tying enforcement to domain-level authentication (DKIM alignment and DMARC policies). Yahoo followed with identical requirements, and Microsoft joined in May 2025 with the same SPF\u002FDKIM\u002FDMARC requirements for senders exceeding 5,000 messages per day.",[10,878,879],{},"Domain reputation is also harder to game. In the IP-centric era, spammers would burn through IP addresses — send spam until the IP was blocklisted, then move to a fresh one. Domains are more expensive, more visible, and tied to DNS records that take time to establish.",[206,881,883],{"title":882,"type":751},"What this means for you",[10,884,885],{},"Invest in your domain reputation above all else. Consistent sending patterns, clean lists, proper DKIM alignment, and low complaint rates build trust that follows your domain regardless of what infrastructure you use. If you switch ESPs tomorrow, your domain reputation carries you through the transition. If you get a new dedicated IP, your established domain reputation helps you warm it faster.",[107,887,889],{"id":888},"how-providers-weigh-reputation-today","How Providers Weigh Reputation Today",[10,891,892],{},"No two mailbox providers weight reputation identically, but the trend is clear — domain reputation is increasingly dominant:",[28,894,895,911],{},[31,896,897],{},[34,898,899,902,905,908],{},[37,900,901],{},"Provider",[37,903,904],{},"Primary signal",[37,906,907],{},"Secondary signal",[37,909,910],{},"Monitoring tools",[47,912,913,929,944,959],{},[34,914,915,920,923,926],{},[52,916,917],{},[55,918,919],{},"Gmail",[52,921,922],{},"Domain reputation",[52,924,925],{},"Engagement + compliance",[52,927,928],{},"Google Postmaster Tools (v2)",[34,930,931,936,939,941],{},[52,932,933],{},[55,934,935],{},"Microsoft",[52,937,938],{},"Blended (IP + domain)",[52,940,925],{},[52,942,943],{},"SNDS",[34,945,946,951,953,956],{},[52,947,948],{},[55,949,950],{},"Yahoo",[52,952,922],{},[52,954,955],{},"IP reputation",[52,957,958],{},"Sender Hub",[34,960,961,966,968,971],{},[52,962,963],{},[55,964,965],{},"Apple (iCloud)",[52,967,938],{},[52,969,970],{},"Content + user feedback",[52,972,973],{},[974,975,979],"a",{"href":976,"rel":977},"https:\u002F\u002Fsupport.apple.com\u002Fen-us\u002F102322",[978],"nofollow","Postmaster page",[10,981,982],{},"Most smaller ISPs and corporate mail servers still rely heavily on IP reputation and third-party blocklists (Spamhaus, Barracuda). A comprehensive deliverability strategy addresses both signals, but for the major providers, domain reputation and authentication compliance now outweigh IP reputation.",[17,984,986],{"id":985},"marketing-email-vs-private-email","Marketing Email vs Private Email",[10,988,989],{},"Sending a marketing campaign to 50,000 subscribers is a fundamentally different operation from sending a message to a colleague. The SMTP protocol is the same, but almost everything around it changes.",[991,992],"email-comparison",{},[107,994,996],{"id":995},"infrastructure","Infrastructure",[10,998,999],{},"When you send a personal email through Gmail, your message goes through Google's shared mail infrastructure — the same servers used by millions of other Gmail users. Google's IP addresses are already trusted by every ISP on the planet.",[10,1001,1002,1003,1006],{},"Marketing email requires ",[55,1004,1005],{},"dedicated infrastructure",": Email Service Providers (ESPs) like Amazon SES, SendGrid, or Mailgun — or a custom Mail Transfer Agent. These systems handle the complexity of sending at scale: connection pooling, retry logic, bounce processing, and compliance.",[107,1008,1010],{"id":1009},"ip-warming","IP Warming",[10,1012,1013,1014,1017,1018,1021],{},"As covered in ",[974,1015,802],{"href":1016},"#sender-reputation"," above, a brand-new IP address has no reputation. ",[55,1019,1020],{},"IP warming"," is the process of gradually increasing send volume over weeks, building trust with each ISP. Sending to your most engaged recipients first builds positive signals that let you scale up faster.",[107,1023,1025],{"id":1024},"compliance","Compliance",[10,1027,1028,1029,1032,1033,1036,1037,1040],{},"Marketing email is governed by laws like ",[55,1030,1031],{},"CAN-SPAM"," (US), ",[55,1034,1035],{},"GDPR"," (EU), and ",[55,1038,1039],{},"CASL"," (Canada). Requirements include:",[312,1042,1043,1050,1056,1059,1062],{},[315,1044,1045,1046,1049],{},"A visible, working ",[55,1047,1048],{},"unsubscribe mechanism"," in every email",[315,1051,171,1052,1055],{},[125,1053,1054],{},"List-Unsubscribe"," header for one-click unsubscribe (required by Gmail and Yahoo since 2024)",[315,1057,1058],{},"Honoring unsubscribe requests within 10 days (CAN-SPAM) or immediately (best practice)",[315,1060,1061],{},"Not sending to contacts who haven't given consent (GDPR)",[315,1063,1064],{},"Including a physical mailing address (CAN-SPAM)",[10,1066,1067],{},"Private emails between individuals don't have any of these requirements.",[107,1069,1071],{"id":1070},"bounce-processing-and-feedback-loops","Bounce Processing and Feedback Loops",[10,1073,1074],{},"When a marketing email bounces (the recipient address doesn't exist or the mailbox is full), the ESP must process that bounce and suppress the address from future sends. Continued sending to invalid addresses damages your IP reputation.",[10,1076,1077,1080],{},[55,1078,1079],{},"Feedback Loops (FBLs)"," are agreements with ISPs where the ISP notifies you when a recipient marks your email as spam. Processing FBL complaints and removing those recipients is critical for maintaining deliverability.",[10,1082,1083],{},"Private email clients handle bounces by simply showing you an error — there's no automated suppression system needed when you're emailing one person at a time.",[17,1085,1087],{"id":1086},"why-emails-end-up-in-spam","Why Emails End Up in Spam",[10,1089,1090],{},"Spam filters have evolved from simple keyword matching to sophisticated systems that consider dozens of signals. Here's what matters most:",[107,1092,1094],{"id":1093},"reputation","Reputation",[10,1096,1097,1098,1100],{},"As detailed in ",[974,1099,802],{"href":1016}," above, every sending IP and domain carries a reputation score. A poor reputation means your emails go to spam — even if the content is perfectly legitimate.",[107,1102,1104],{"id":1103},"engagement-signals","Engagement Signals",[10,1106,1107,1108,1111],{},"Modern spam filters (especially Gmail's) heavily weight ",[55,1109,1110],{},"recipient behavior",":",[312,1113,1114,1117,1120,1123,1126],{},[315,1115,1116],{},"Do recipients open your emails?",[315,1118,1119],{},"Do they click links?",[315,1121,1122],{},"Do they reply?",[315,1124,1125],{},"Do they move your emails out of spam?",[315,1127,1128],{},"Do they mark your emails as spam?",[10,1130,1131],{},"Low engagement tells ISPs that recipients don't want your email — and they'll start routing it to spam proactively.",[107,1133,1135],{"id":1134},"content-and-technical-signals","Content and Technical Signals",[312,1137,1138,1144,1150,1156],{},[315,1139,1140,1143],{},[55,1141,1142],{},"Authentication failures"," — missing or failing SPF, DKIM, or DMARC is a major red flag",[315,1145,1146,1149],{},[55,1147,1148],{},"HTML quality"," — broken HTML, excessive images with no text, or hidden text can trigger filters",[315,1151,1152,1155],{},[55,1153,1154],{},"URL reputation"," — links to known-bad domains or URL shorteners can cause issues",[315,1157,1158,1161],{},[55,1159,1160],{},"Sending patterns"," — sudden volume spikes from a domain that normally sends little email",[107,1163,1165],{"id":1164},"list-hygiene","List Hygiene",[10,1167,1168,1169,1172],{},"Sending to old, invalid, or purchased lists is one of the fastest ways to destroy deliverability. ",[55,1170,1171],{},"Spam traps"," — email addresses specifically set up to catch senders with poor list practices — are seeded across the internet. Hitting a spam trap is a strong negative signal to ISPs.",[107,1174,1176],{"id":1175},"blocklists","Blocklists",[10,1178,1179,1180,430,1183,581,1186,1189],{},"Organizations like ",[55,1181,1182],{},"Spamhaus",[55,1184,1185],{},"Barracuda",[55,1187,1188],{},"SpamCop"," maintain blocklists of IP addresses and domains known to send spam. Many ISPs check these blocklists in real time. Getting listed — and getting delisted — can take days to weeks.",[17,1191,1193],{"id":1192},"how-owlat-fits-in","How Owlat Fits In",[10,1195,1196],{},"Owlat implements all of the concepts described above as a complete email platform:",[312,1198,1199,1209,1220,1226,1237],{},[315,1200,1201,1204,1205,1208],{},[55,1202,1203],{},"Custom MTA"," — Owlat's ",[974,1206,86],{"href":1207},"\u002Fdeveloper\u002Fmta-system"," handles direct SMTP delivery with DKIM signing, adaptive per-ISP throttling, IP warming, bounce processing, and feedback loop integration",[315,1210,1211,1214,1215,1219],{},[55,1212,1213],{},"Authentication"," — When you ",[974,1216,1218],{"href":1217},"\u002Fguide\u002Fdeliverability","verify a domain"," in Owlat, it generates the SPF, DKIM, and DMARC DNS records for you and monitors their status",[315,1221,1222,1225],{},[55,1223,1224],{},"Intelligence pipeline"," — Every outgoing email passes through 10+ pre-send checks including circuit breakers, suppression lists, domain throttling, and engagement-based priority ordering",[315,1227,1228,1231,1232,1236],{},[55,1229,1230],{},"Email rendering"," — The ",[974,1233,1235],{"href":1234},"\u002Fdeveloper\u002Femail-renderer","email renderer"," converts visual editor blocks into cross-client compatible HTML with CSS inlining, Outlook VML fallbacks, and dark mode support",[315,1238,1239,1231,1242,1246],{},[55,1240,1241],{},"Provider abstraction",[974,1243,1245],{"href":1244},"\u002Fdeveloper\u002Femail-system","email system"," supports multiple providers (custom MTA, Amazon SES, Resend) behind a unified interface with automatic retry and rate limiting",[10,1248,1249,1250,128,1254,135],{},"For product-specific setup guides, see ",[974,1251,1253],{"href":1252},"\u002Fguide\u002Fgetting-started","Getting Started",[974,1255,1256],{"href":1217},"Deliverability",{"title":161,"searchDepth":1258,"depth":1258,"links":1259},2,[1260,1267,1270,1276,1282,1288,1294,1301],{"id":19,"depth":1258,"text":20,"children":1261},[1262,1264,1265,1266],{"id":109,"depth":1263,"text":110},3,{"id":138,"depth":1263,"text":139},{"id":167,"depth":1263,"text":168},{"id":181,"depth":1263,"text":182},{"id":196,"depth":1258,"text":197,"children":1268},[1269],{"id":221,"depth":1263,"text":222},{"id":284,"depth":1258,"text":285,"children":1271},[1272,1273,1274,1275],{"id":306,"depth":1263,"text":307},{"id":333,"depth":1263,"text":334},{"id":465,"depth":1263,"text":466},{"id":525,"depth":1263,"text":526},{"id":570,"depth":1258,"text":571,"children":1277},[1278,1279,1280,1281],{"id":589,"depth":1263,"text":590},{"id":636,"depth":1263,"text":637},{"id":690,"depth":1263,"text":691},{"id":762,"depth":1263,"text":763},{"id":801,"depth":1258,"text":802,"children":1283},[1284,1285,1286,1287],{"id":818,"depth":1263,"text":819},{"id":836,"depth":1263,"text":837},{"id":872,"depth":1263,"text":873},{"id":888,"depth":1263,"text":889},{"id":985,"depth":1258,"text":986,"children":1289},[1290,1291,1292,1293],{"id":995,"depth":1263,"text":996},{"id":1009,"depth":1263,"text":1010},{"id":1024,"depth":1263,"text":1025},{"id":1070,"depth":1263,"text":1071},{"id":1086,"depth":1258,"text":1087,"children":1295},[1296,1297,1298,1299,1300],{"id":1093,"depth":1263,"text":1094},{"id":1103,"depth":1263,"text":1104},{"id":1134,"depth":1263,"text":1135},{"id":1164,"depth":1263,"text":1165},{"id":1175,"depth":1263,"text":1176},{"id":1192,"depth":1258,"text":1193},"A technical deep-dive into how email actually works — from SMTP and DNS to authentication, deliverability, and the differences between marketing and private email.","md",{},true,"\u002Fdeveloper\u002Fhow-email-works",{"title":5,"description":1302},"3.developer\u002F12.how-email-works","DqtSKnIYHIt1qy_Hyz92wRXAhnK9pLeAe3r-QYrFAeg",[1311,1315],{"title":1312,"path":1313,"stem":1314,"children":-1},"Admin Dashboard","\u002Fdeveloper\u002Fadmin-dashboard","3.developer\u002F11.admin-dashboard",{"title":1316,"path":1317,"stem":1318,"children":-1},"Email Security","\u002Fdeveloper\u002Femail-security","3.developer\u002F13.email-security",1774391042317]