The Scenario
Someone in marketing signed up for a bulk email service. They connected it to the website or CRM, typed in a test message, hit send, and... nothing. The email never arrived. Or it landed in spam. Or they got an error about "spoofing" that made no sense.
This is one of the most common calls we get. Not from the marketing person directly, but from someone else in the company who noticed that their regular business emails stopped being delivered properly. What started as a newsletter project quietly became an IT problem that affected the whole organization.
Here's what happened, and what to do about it.
The Typical Story
A marketing team member decides the company needs to start sending newsletters, promotional emails, or automated messages from a website contact form. They find a service like SendGrid, Mailchimp, or SMTP2GO, create an account, and start configuring it. They use the company email address as the "from" address because they want the emails to look professional. Makes sense.
Then the testing starts, and things go sideways.
Messages bounce. Spam filters block them. The service flags the account. And in some cases, the company's normal everyday email starts having delivery problems too.
The root cause is almost always the same: the email was sent without updating the technical records that tell the rest of the internet, "Yes, this service is allowed to send email on our behalf."
How Email Authentication Works (The Plain Language Version)
When you send an email from your company's address, the receiving mail server doesn't just trust it blindly. It checks your domain's DNS records to verify the message is legitimate. There are three records that matter here, and they all work together.
SPF (Sender Policy Framework) is a list of servers that are authorized to send email for your domain. Think of it as a guest list. If an email arrives from a server that's not on the list, the receiving server treats it with suspicion. When marketing signs up for SendGrid and starts sending emails from yourcompany.com without adding SendGrid to the SPF record, the receiving server sees an uninvited guest.
DKIM (DomainKeys Identified Mail) adds a digital signature to each email. The receiving server uses it to verify the message hasn't been tampered with in transit and that it really came from who it claims. Setting this up requires adding a specific DNS record provided by the email service. Without it, the email looks unsigned, which is another red flag for spam filters.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) ties SPF and DKIM together and tells receiving servers what to do when a message fails one or both checks. Should they let it through? Quarantine it? Reject it outright? Without a DMARC policy, each receiving server makes its own decision, and it's usually not in your favour.
This Isn't Optional Anymore
Google and Yahoo began enforcing stricter DMARC requirements for bulk senders in 2024. If you're sending more than a handful of messages, having all three records properly configured is the minimum.
If you're not sure what DNS is or why it matters, we covered that in detail in a previous post: Who Should Manage Your DNS? (Hint: Not Your Web Developer). The short version is that SPF, DKIM, and DMARC records all live in DNS, which is why this is an IT question, not a marketing question.
Why You Should Never Send Bulk Email From Your Primary Domain
Your company's primary domain (yourcompany.com) is used for everything. Day-to-day email between employees and clients. Invoices. Proposals. Password resets. Every message your business sends.
That domain has a reputation. Email providers like Google, Microsoft, and Yahoo track how recipients interact with messages from your domain. Do people open them? Do they mark them as spam? Do the messages bounce? Over time, this builds a reputation score, and that score determines whether your emails reach the inbox or disappear into a spam folder.
When you send bulk email from your primary domain, you put that reputation at risk. Even a well-run marketing campaign will generate some bounces and some spam complaints. That's normal. But if the reputation of yourcompany.com takes a hit, it doesn't just affect the marketing emails. It affects every email your company sends. Your sales team's follow-ups start landing in spam. Client invoices go undelivered. Internal messages from external addresses get flagged.
The fix is straightforward: use a subdomain for bulk email. Instead of sending from marketing@yourcompany.com, send from marketing@mail.yourcompany.com or marketing@news.yourcompany.com. The subdomain builds its own reputation, separate from your primary domain. If something goes wrong with the marketing emails, your regular business email stays unaffected.
Setting up a subdomain for email is not complicated. Your IT team or provider can configure it in a few minutes. But it needs to happen before the first bulk message goes out, not after the damage is done.
Why You Need a Relay Service (And Can't Just Use Microsoft 365)
Some businesses try to skip the third-party service entirely and send bulk email straight through their regular email system. If you're on Microsoft 365, this seems logical. You already pay for it. It already works.
The problem is that Microsoft 365 was built for normal business email, not for sending hundreds or thousands of messages at once. Microsoft imposes strict sending limits. Depending on your plan, you may be limited to 10,000 recipients per day, and individual mailboxes typically have much lower thresholds. If you exceed these limits, Microsoft doesn't just slow you down. It locks the mailbox. No one using that mailbox can send anything, sometimes for 24 hours or more.
This is why services like SendGrid, SMTP2GO, and Mailchimp exist. They are purpose-built for high-volume email. They handle deliverability, provide analytics on open rates and bounces, manage unsubscribe lists, and have infrastructure designed to send large volumes without triggering the kind of lockouts you'd get from Microsoft 365.
Using a relay service isn't an extra cost for something you already have. It's the right tool for the job.
Warming Up: Why You Can't Send 5,000 Emails on Day One
New domains and new email accounts have no reputation. To email providers, they're unknown, and unknown senders are treated with suspicion.
This is why "warming up" a new sending domain or IP address matters. Instead of sending your full mailing list on the first day, you start small. Maybe 50 or 100 messages. Then you gradually increase the volume over several weeks, giving email providers time to observe your sending behaviour and build confidence that you're a legitimate sender.
Skipping this step is like a brand new business trying to get a large line of credit on its first day. There's no track record. No trust. The bank says no. Email providers do the same thing. They throttle delivery, divert messages to spam folders, or block them outright.
Most relay services have built-in warm-up guidance or automated warm-up features. Following them takes patience, but it's the difference between a successful email program and one that's dead on arrival.
One more thing to know: if you're using a shared IP through your relay service (which is typical for new accounts), your sending reputation is partly influenced by the other senders on that same IP. Another reason to start slow, monitor your deliverability metrics, and consider a dedicated IP once your volume justifies it.
A Word About Canadian Anti-Spam Law
If your business operates in Canada, you need to be aware of CASL, the Canadian Anti-Spam Legislation. It's one of the stricter anti-spam laws in the world, and ignorance is not a defence.
The short version: you need express or implied consent before sending commercial electronic messages. You need to clearly identify yourself as the sender. And you need a working unsubscribe mechanism in every message that's honoured within 10 business days.
Violations can result in penalties up to $10 million per violation for a business. This isn't theoretical. Fines have been levied.
Marketing teams setting up bulk email independently may not think about CASL compliance. They're focused on getting the newsletter out the door, not on whether the contact list was collected with proper consent or whether the unsubscribe link actually works. This is another reason to involve people beyond the marketing department before hitting send.
Bounce Rates and List Hygiene
Relay services monitor the quality of your sending. Two numbers matter most: bounce rate and complaint rate.
Bounce rate measures how many of your emails fail to deliver. There are "hard" bounces, where the address simply doesn't exist, and "soft" bounces, where there's a temporary issue. If your hard bounce rate climbs too high, the relay service will throttle your account or suspend it. This commonly happens when someone imports an old contact list that hasn't been cleaned.
Complaint rate tracks how many recipients click "mark as spam" on your messages. Even a complaint rate above 0.1% can cause problems. Google specifically publishes this threshold.
The fix is list hygiene. Before your first send, run your contact list through a validation service that removes invalid addresses. Remove addresses that haven't engaged in a long time. And make it easy for people to unsubscribe, because if they can't unsubscribe, they'll mark you as spam instead, which is worse for your reputation.
Talk to IT Before You Set Anything Up
This is the part that would have prevented most of the problems described above.
Marketing teams aren't making these mistakes out of carelessness. They're trying to get things done. The tools are easy to sign up for, the interfaces are friendly, and nothing in the onboarding process says "stop and call your IT department first."
But email authentication records live in DNS. DNS is managed by IT. Subdomain configuration is managed by IT. Understanding how a new sending service interacts with your existing email setup is an IT question. And the consequences of getting it wrong don't stay in marketing. They ripple across the entire company.
A quick conversation before signing up for a service can save weeks of troubleshooting after. Your IT team (or provider) can set up the subdomain, add the right SPF, DKIM, and DMARC records, confirm there are no conflicts with existing services, and help plan the warm-up schedule. It takes an afternoon. Cleaning up the mess afterward takes much longer.
Free Download: Bulk Email Setup Questionnaire
Planning a bulk email project? This fillable PDF gives your marketing team a simple way to gather everything IT needs before setup begins. No back-and-forth required.
Download the QuestionnaireThe Bottom Line
Sending bulk email is more involved than it looks. The tools make the setup seem simple, but underneath every marketing email is a set of technical requirements that, if missed, will cause delivery failures and can damage your company's ability to send regular business email.
Before launching any email campaign or connecting a new service to your domain, loop in your IT team. The checklist is short: use a subdomain, configure SPF, DKIM, and DMARC, choose the right relay service, warm up properly, clean your contact list, and make sure you're compliant with CASL.
None of it is complicated. But all of it needs to happen before the first message goes out.
Not Sure If Your Email Setup Is Right?
If your marketing team has already started sending bulk email, or you're planning to, we can review your DNS records, authentication setup, and domain reputation to make sure everything is configured properly.