Protect deliverability at the platform level

MultiMail monitors bounce rates, complaint rates, and domain health so your agent sends from clean infrastructure — without manual intervention.

The problem

Why this matters

Email deliverability breaks quietly. New mailboxes get throttled by ISPs before they've built reputation. Domains on shared IP ranges inherit bad neighbors' spam scores. A single campaign with a 0.5% complaint rate can trigger a block that takes weeks to reverse. Most AI agents have no visibility into these signals — they keep sending until the damage is done, at which point the remediation window has already closed.

The solution

How MultiMail solves this

MultiMail enforces deliverability guardrails at the infrastructure layer. Every mailbox has a warmup limit that prevents new senders from hitting volume thresholds before ISPs trust them. Per-mailbox reputation scores track bounce and complaint rates in real time against Google and Yahoo's published sender policy thresholds. Domain intelligence checks SPF, DKIM, and DMARC alignment before each send. When thresholds are breached, MultiMail's graduated enforcement tiers automatically throttle or pause sending — protecting the shared sending commons without requiring operator intervention in the critical path.

1

Warmup within safe limits

MultiMail enforces per-mailbox daily send limits during the warmup period. New mailboxes ramp from 50 to 500 to 5,000 emails per day over 30 days, matching the volume curve ISPs expect from legitimate senders. Exceeding the limit returns HTTP 429 with a Retry-After header — the send is not silently dropped.

2

Check domain health before sending

Before each outbound batch, your agent queries the domain intelligence endpoint to validate SPF, DKIM, and DMARC alignment on the sending domain. Sends from misconfigured domains are blocked before they reach the wire. The response includes the DMARC policy mode, active DKIM selectors, and a list of specific DNS issues to fix.

3

Send with verified identity

The send_email endpoint requires a mailbox that has passed identity verification. MultiMail signs outbound messages with DKIM and enforces alignment with the DMARC policy on the sending domain. The from address must match the verified mailbox — spoofing a different domain is rejected at the API layer.

4

Track per-mailbox reputation

MultiMail aggregates hard bounce codes, complaint signals from Postmaster Tools integrations, and delivery rates into a per-mailbox reputation band: clean, watch, at_risk, or suspended. Your agent reads this score before starting any send campaign and adjusts strategy — reducing volume, pausing, or switching mailboxes — based on current standing.

5

Automated threshold enforcement

When bounce rate exceeds 2% or complaint rate exceeds 0.1% — the thresholds Google and Yahoo enforce under their 2024 bulk sender requirements — MultiMail automatically throttles outbound from that mailbox and fires a webhook event. If rates continue climbing, the mailbox is suspended and requires manual review before sends resume.

Code examples

Implementation

Check domain health before a send campaign
python
import requests

api_key = "$MULTIMAIL_API_KEY"
base_url = "https://api.multimail.dev"

response = requests.get(
    f"{base_url}/v1/domain-health",
    params={"domain": "acme.com"},
    headers={"Authorization": f"Bearer {api_key}"}
)
health = response.json()

if health["status"] != "clean":
    issues = health.get("issues", [])
    raise RuntimeError(
        f"Domain not ready to send: {&"cm">#039;, '.join(issues)}"
    )

print(f"Status: {health[&"cm">#039;status']}")
print(f"DMARC policy: {health[&"cm">#039;dmarc_policy']}")
print(f"SPF valid: {health[&"cm">#039;spf_valid']}")
print(f"DKIM selectors: {health[&"cm">#039;dkim_selectors']}")

Query domain intelligence to verify SPF, DKIM, and DMARC alignment before starting an outbound sequence. Block the campaign if the domain is misconfigured.

Read per-mailbox reputation before sending
python
import requests

api_key = "$MULTIMAIL_API_KEY"
base_url = "https://api.multimail.dev"
mailbox_id = "mbx_01HXYZ"

response = requests.get(
    f"{base_url}/v1/mailboxes/{mailbox_id}/reputation",
    headers={"Authorization": f"Bearer {api_key}"}
)
rep = response.json()

"cm"># Google/Yahoo enforce 0.1% complaint, 2% bounce
BOUNCE_THRESHOLD = 0.02
COMPLAINT_THRESHOLD = 0.001

bounce_rate = rep["bounce_rate"]
complaint_rate = rep["complaint_rate"]
band = rep["reputation_band"]  "cm"># "clean" | "watch" | "at_risk" | "suspended"

if band == "suspended":
    raise RuntimeError("Mailbox suspended — sending paused by MultiMail enforcement")
elif bounce_rate > BOUNCE_THRESHOLD:
    print(f"Bounce rate {bounce_rate:.2%} exceeds threshold — throttling campaign")
elif complaint_rate > COMPLAINT_THRESHOLD:
    print(f"Complaint rate {complaint_rate:.3%} exceeds threshold — review list before continuing")
else:
    print(f"Reputation: {band}. Bounce: {bounce_rate:.2%}, Complaint: {complaint_rate:.3%}")

Retrieve the current reputation band, bounce rate, and complaint rate for a mailbox. Use this to decide whether to continue, throttle, or pause a campaign.

Send with identity enforcement and warmup handling
python
import requests
import time

api_key = "$MULTIMAIL_API_KEY"
base_url = "https://api.multimail.dev"

response = requests.post(
    f"{base_url}/v1/send_email",
    headers={
        "Authorization": f"Bearer {api_key}",
        "Content-Type": "application/json"
    },
    json={
        "from": "[email protected]",
        "to": ["[email protected]"],
        "subject": "Deliverability report - March 2026",
        "text": "Your mailbox reputation: clean. Bounce rate: 0.3%. Complaint rate: 0.01%.",
        "tags": ["deliverability-report", "march-2026"],
        "track_opens": True,
        "track_clicks": False
    }
)

if response.status_code == 202:
    result = response.json()
    print(f"Queued: {result[&"cm">#039;message_id']}")
elif response.status_code == 429:
    # Warmup limit or rate limit — MultiMail enforced throttle
    retry_after = int(response.headers.get("Retry-After", 3600))
    print(f"Throttled. Retry after {retry_after}s")
    time.sleep(retry_after)
elif response.status_code == 403:
    result = response.json()
    print(f"Send blocked: {result[&"cm">#039;reason']}")
    "cm"># reason will be one of: domain_misconfigured, mailbox_suspended, identity_mismatch

Use send_email with a verified mailbox. Handle the 429 warmup throttle and 403 identity block responses explicitly rather than treating all non-200s as generic errors.

Webhook handler for enforcement events
python
from flask import Flask, request, jsonify
import hmac
import hashlib

app = Flask(__name__)
WEBHOOK_SECRET = "your_webhook_secret"

@app.route("/webhooks/multimail", methods=["POST"])
def handle_multimail_webhook():
    sig = request.headers.get("X-MultiMail-Signature", "")
    body = request.get_data()
    expected = hmac.new(
        WEBHOOK_SECRET.encode(), body, hashlib.sha256
    ).hexdigest()
    if not hmac.compare_digest(sig, expected):
        return jsonify({"error": "invalid signature"}), 401

    event = request.json
    event_type = event.get("type")
    data = event.get("data", {})

    if event_type == "mailbox.reputation.throttled":
        mailbox_id = data["mailbox_id"]
        bounce_rate = data["bounce_rate"]
        print(f"Mailbox {mailbox_id} throttled — bounce rate {bounce_rate:.2%}")
        pause_agent_sends(mailbox_id)

    elif event_type == "mailbox.reputation.suspended":
        mailbox_id = data["mailbox_id"]
        print(f"Mailbox {mailbox_id} suspended — manual review required")
        alert_operator(mailbox_id)

    return jsonify({"received": True})

def pause_agent_sends(mailbox_id): ...
def alert_operator(mailbox_id): ...

Handle MultiMail reputation enforcement webhooks to pause agent send queues when a mailbox is throttled or suspended.

Benefits

What you get

Warmup enforcement before sends reach ISPs

MultiMail applies daily send limits at the API layer during warmup. New mailboxes ramp volume automatically over 30 days without manual scheduling. Attempts to exceed the limit return a 429 — the send is never silently dropped or queued past the safe window.

Automated threshold enforcement

When bounce rate exceeds 2% or complaint rate exceeds 0.1% — the thresholds Google and Yahoo enforce for all bulk senders — MultiMail throttles or suspends the mailbox automatically. Your agent does not need to poll for these conditions; enforcement is a platform-level guarantee.

Per-mailbox reputation scoring

Every mailbox gets a reputation band derived from real bounce codes, complaint signals, and delivery rates. Your agent reads this score via the reputation API before each campaign and can adjust volume, switch mailboxes, or pause based on current standing.

Domain intelligence on every send

SPF, DKIM, and DMARC alignment is checked per domain before each outbound batch via the domain health endpoint. Sends from misconfigured domains are blocked at the API layer before they reach ISPs and damage sender reputation across the shared pool.

CAN-SPAM compliance enforced at the infrastructure layer

MultiMail enforces unsubscribe processing, opt-out honoring, and suppression list management as infrastructure constraints under CAN-SPAM. Your agent does not need to implement these requirements in application logic — non-compliant sends are rejected before delivery.

Oversight

Recommended oversight mode

Recommended
autonomous
Deliverability optimization is reactive and time-sensitive. ISP signals arrive continuously and require immediate adjustment — warmup throttles, reputation enforcement, and domain health blocks all need to respond faster than a human approval loop allows. The enforcement logic is deterministic and platform-enforced by MultiMail, so the risk surface of autonomous operation is bounded by platform guardrails rather than agent judgment. Human oversight belongs at the policy level — setting custom thresholds, reviewing suspended mailboxes, and approving domain configuration changes — not in the per-send loop where latency directly degrades deliverability outcomes.
FAQ

Common questions

What happens when a mailbox hits the complaint rate threshold?
MultiMail automatically throttles outbound from that mailbox when complaint rate exceeds 0.1% (the Google and Yahoo enforcement threshold). If the rate continues climbing, the mailbox is suspended and a mailbox.reputation.suspended webhook event is fired to your configured endpoint. Sending resumes only after the rate drops below threshold and a manual review is completed through the dashboard or API.
How does warmup work for new mailboxes?
New mailboxes are subject to a daily send limit that increases over a 30-day warmup window: 50 per day in week 1, 500 per day in week 2, 2,500 per day in week 3, and up to 5,000 per day in week 4. Attempts to exceed the limit return HTTP 429 with a Retry-After header indicating when capacity resets. The ramp schedule matches what major ISPs expect from a new sender building legitimate reputation.
Does MultiMail handle DKIM signing automatically?
Yes. When you add a custom domain, MultiMail generates a DKIM key pair and provides the DNS records to publish. All outbound messages from that domain are signed automatically. You can verify alignment using the GET /v1/domain-health endpoint before starting a campaign. The response includes which selectors are active and whether DMARC alignment is passing.
What does the reputation_band field mean?
reputation_band is a four-state signal derived from bounce rate, complaint rate, and delivery history: clean means all metrics are within safe thresholds; watch means one metric is approaching a threshold but no action has been taken yet; at_risk means one metric has crossed a threshold and throttling is active; suspended means multiple metrics are over threshold and sending is paused. Check this field before starting any new send campaign.
Can I configure custom bounce and complaint thresholds?
You can set thresholds tighter than the platform defaults, but not looser. The platform enforces the Google and Yahoo minimums (0.1% complaint rate, 2% bounce rate) as a non-negotiable floor to protect the shared sending infrastructure. Custom thresholds let you pause sending earlier — for example, pausing at 0.05% complaint rate if your use case requires a higher deliverability bar than the regulatory minimum.
How does MultiMail distinguish hard bounces from soft bounces?
Hard bounces (permanent delivery failures indicated by 5xx SMTP codes) are immediately added to a per-mailbox suppression list. That address will not receive mail from that mailbox again until manually removed via the API. Soft bounces (temporary failures, 4xx codes) are retried with exponential backoff for up to 72 hours. Only permanent failures count toward the bounce rate threshold used for reputation enforcement.
Related

Explore more use cases

Transactional Email for AI Agents

operations

View guide →

Bounce Management

operations

View guide →
Get started

The only agent email with a verifiable sender

Email infrastructure built for AI agents. Verifiable identity, graduated oversight, and a 50-tool MCP server. Formally verified in Lean 4.

Read the Docs See Pricing