Transactional & marketing email

Transactional and marketing email, hosted in the EU.

Epostix sends your product email and your campaigns from the same place — one API, one dashboard, one set of sending domains. Servers are in the EU, and a data processing agreement comes as standard.

EU-hostedTransactional + marketingREST API & SMTP
Free plan, no card required.
Sending for iGaming or other high-volume verticals?
Product screenshot
Overview dashboard — delivery and engagement across every sending domain, split by transactional and marketing.
16:9 · dashboard
Compliance and data residency,
included as standard.
EU-HostedGDPR-CompliantDPA includedEU data residency
One platform

Both kinds of email in one place

Most providers do either transactional or marketing email, so teams end up running two services with two bills and two sending reputations to watch. Epostix handles both. Receipts, password resets and notifications go out over the API or SMTP; campaigns, segments and reporting run from the same dashboard, on the same domains.

Transactional

Receipts, password resets, confirmations, notifications.

Sent over SMTP or API the instant your app calls. Webhooks for every event, templates, and real-time delivery logs.

SMTP & APIWebhooksTemplatesDelivery logs
Marketing

Campaigns, audience segmentation, engagement scoring.

Run from the same dashboard, on the same domains and sending reputation as your transactional email.

CampaignsSegmentsEngagement tiersReporting
Context

Why email delivery is harder than it looks.

Three things shape whether an email actually arrives. Each is easier to ignore than to handle correctly. The sections below describe how Epostix handles them.

Providers aren’t the same

Providers aren’t the same

Gmail, Microsoft, Yahoo, and Apple each throttle, bounce, and filter differently. A delivery system that treats them identically hits limits it doesn’t understand.

Reputation compounds

Reputation compounds

Sender reputation isn’t per-email — it’s per-domain, accumulated over time. A bounce spike today can affect future placement. Most dashboards don’t surface this trajectory.

Authentication is exacting

Authentication is exacting

SPF, DKIM and reverse DNS have to line up for every sending domain. When they don’t, mailbox providers quietly treat your mail as suspect — a common, hard-to-spot cause of spam-foldering.

The platform

How Epostix addresses this.

Deliverability

How sending actually works here

Mailbox providers don’t behave the same way. Gmail, Outlook and Yahoo each apply their own rate limits and filtering, so Epostix adjusts how it sends to each one rather than treating them as one queue. Every bounce is classified by type and cause, hard bounces are suppressed automatically, and sending pauses on its own if complaint or bounce rates climb past a threshold you can set.

01

Provider-specific sending

Different mailbox providers have different rules. The delivery engine handles each one separately.

  • Gmail — rate limit detection with automatic cooldown
  • Microsoft — concurrency management
  • Yahoo — adjusted retry intervals
  • Apple, Proton, Zoho, GMX — provider-tuned handling
  • Automatic queue pause when a provider signals overload
Product screenshot
Campaign report — deliverability by inbox provider with bounce volume broken down by type and cause.
920 × 540
Reports · bounces by type and provider
02

Sending safeguards

Problems with email sends tend to escalate fast. These safeguards catch them early.

  • Campaign circuit breaker. Automatically pauses sending if bounce or complaint rates spike.
  • Pre-send health checks. Validates content, unsubscribe links, spam risk, template variables, and recipient count — pass / warning / fail before any email goes out.
  • Duplicate detection. Blocks accidental repeat sends to the same recipient within a short window.
  • API idempotency. Safe to retry requests without creating duplicates.

Default thresholds: 2% hard-bounce, 0.3% complaint, 3× spike over 24h baseline. Configurable per workspace.

Product screenshot
Pre-send health check — per-check pass / warning status with the campaign spam score.
5:6
Pre-send health check · 5 of 7 checks passed
03

Bounce classification

When an email bounces, the reason matters as much as the fact. The system classifies every bounce by type, cause, and provider.

  • Hard bounces — permanent failures, auto-suppressed
  • Soft bounces — temporary issues, retried with provider-aware timing
  • Spam complaints — suppressed, source identified
  • Infrastructure issues — SPF/DKIM/DMARC problems flagged separately from recipient issues
  • Progressive suppression — contacts move through hold stages based on bounce patterns rather than a single-strike removal
04

Authentication and IPs

Sender authentication is set up for each domain, and dedicated IPs are available when you want to manage your own reputation.

  • SPF, DKIM and reverse DNS (FCrDNS) configured for every sending domain
  • Per-domain DKIM signing, managed for you
  • Dedicated IPs with a warm-up schedule when you need them
  • Open and click tracking, on or off per email type
Transactional

Transactional email.

Send password resets, receipts, confirmations, and notifications with per-email delivery tracking and automatic retry.

api.epostix.eu / v1 / email
curl https://api.epostix.eu/v1/email \
  -H "Authorization: Bearer $EPX_API_KEY" \
  -H "Idempotency-Key: order_4821_welcome" \
  -H "Content-Type: application/json" \
  -d '{
    "from": "hi@send.acme.eu",
    "to": "kasper@kvitkov.cz",
    "subject": "Welcome to Acme",
    "html": "
Welcome
You're in.
",
    "tags": ["welcome", "tier:pro"]
  }'
202 · acceptedid: msg_01HZ9K8XK7QM4Nqueued
Sending
  • REST API and SMTP relay
  • Template engine with variable substitution
  • Custom DKIM signing per domain
  • Open and click tracking, toggleable per email type
  • Webhook notifications — delivered, bounced, opened, clicked, complained
  • Official SDKs — TypeScript, Python, Go
Reliability
  • Automatic retry with exponential backoff — up to 10 attempts, 1-hour window
  • Idempotency keys — safe to retry API requests without duplicates
  • Duplicate detection — blocks accidental repeat sends within a short window
  • Dedicated IP with warming schedule
Security
  • API key auth with IP whitelisting and expiration tracking
  • Two-factor authentication (TOTP)
  • Role-based access — owner, admin, user
Per-email traceability

Every email has a detail page — sender, recipient, subject, send timestamp, current delivery status, and the rendered content as the recipient saw it.

Product screenshot
Per-email detail — sender, recipient, subject, send time, current delivery status, and the rendered message as the recipient saw it.
920 × 316
Marketing

Marketing email.

Run campaigns with pre-send validation, automatic safeguards, and engagement tracking across your full audience.

Audience · 37,858 contacts
Auto-tiered
Engaged23,481 · 62%
At-risk6,802 · 18%
Inactive5,303 · 14%
Cold2,272 · 6%
Contacts move between tiers based on opens, clicks, and recency. Cold and inactive contacts can be throttled or excluded automatically.
Pre-send health · April newsletter
Ready to send
Domain authentication
SPF, DKIM, DMARC validated for send.acme.eu
Audience health
37,858 contacts · 2.1% expected bounce rate
Content & spam scan
Rspamd score 0.4 · 14 links checked
Template variables
100/100 sample contacts · 100% coverage
Unsubscribe & list-unsubscribe
One-click and footer link both present
!
Circuit breaker armed
Pause on bounce or complaint rate spikes
Campaign management
  • Full lifecycle — draft, schedule, send, pause, resume, cancel
  • Performance reporting with engagement timeline
  • 48-hour retry window for persistent delivery
Safeguards
  • Pre-send health checks — content, unsubscribe link, spam score, template variables, recipient estimate, with pass / warning / fail
  • Campaign circuit breaker — automatic pause on bounce or complaint rate spikes
Audience
  • Tag-based targeting with auto-tagging rules
  • Engagement tier scoring — engaged, at-risk, inactive, cold
  • Visual segment builder with real-time audience count
  • CSV import / export
  • Reusable template components with versioning
Architecture

Built and operated in-house.

The delivery engine, bounce classifier, provider handling rules, and circuit breaker logic are developed and maintained by the Epostix team.

When provider behavior changes, the rules are updated by the people who wrote them.

Data location

Where your data lives

Email content, logs, analytics and contact data stay on servers in the EU. We include a data processing agreement by default and list our subprocessors publicly. If you have data-residency requirements, this keeps everything in one jurisdiction, so you’re not relying on transfer mechanisms like Standard Contractual Clauses or the EU–US Data Privacy Framework to move data abroad.

Data locationEuropean Union

Stored and processed in the EU

Email content, logs, analytics and contacts sit on servers in the European Union.

DPA included as standard

A data processing agreement is part of every plan, not just enterprise.

Subprocessors listed publicly

All subprocessors are EU-based and published, with notice before any change.

For developers

Built on a documented API

A REST API and standard SMTP, with an OpenAPI spec you can generate clients from. Idempotency keys so retries don’t create duplicates. Per-key permissions and IP allowlists. A sandbox for testing without spending quota, and webhooks for delivery, bounce, open, click and complaint events.

Product screenshot
API reference — POST /v1/email with request tabs (cURL, JS, Python, Go) and a live 200 response.
4:3
Developers · API reference · POST /v1/email

OpenAPI 3.0 specification

Generate clients in any language from the public spec.

API key auth + IP allowlist

Per-key permissions, per-key IP allowlists, rotate without downtime.

Idempotency built in

Safe to retry every send endpoint — duplicates are caught at the API layer.

Sandbox environment

Test sends without burning quota. Inspect every request and response.

Official SDKs

TypeScript, Python, and Go — generated from the spec.

Webhook events

Real-time delivery, bounce, open, click, and complaint notifications.

Pricing

Pricing.

Plans are based on how much you send and how many contacts you keep. Every plan includes the same provider-specific sending, safeguards and bounce handling. Move the slider to see what fits.

How many emails do you send a month?
10,000emails / month
1K2M+
Free
$0/mo
Up to 3,000 emails / month
Best fit
Starter
$9/mo
Up to 10,000 emails / month
Growth
$29/mo
Up to 50,000 emails / month
Included on every plan
  • SMTP & REST API access
  • Idempotency and duplicate detection
  • Real-time analytics
  • Webhook notifications
  • Template engine
  • Custom DKIM
  • Smart retry with exponential backoff
  • Official SDKs
  • Dedicated IP available on higher tiers
Free plan, no card requiredDomain verification before sendingCancel anytime

The free plan is fully functional — same sending, same safeguards. Domain verification typically completes within minutes.

Scope

What to expect.

01

Inbox placement depends on many factors beyond any sending platform’s control. Epostix provides sending controls, bounce data, and reputation signals — placement decisions are made by receiving providers.

02

Domain verification is required before sending. The platform reviews sending patterns to maintain infrastructure quality.

03

Delivery data and safeguards help senders make better decisions. List hygiene, content quality, and audience management remain the sender’s responsibility.

Security

Security.

API and SMTP traffic runs over TLS. Email content is encrypted at rest, and backups are encrypted too. Accounts support two-factor authentication and role-based access, and public endpoints are rate-limited.

TLS 1.2+ enforced

All API and SMTP traffic over modern TLS. Forward secrecy on every connection.

Two-factor authentication

TOTP-based 2FA on every account. Recovery codes. Session revocation across devices.

API key controls

IP whitelisting, expiration dates, and last-used tracking. Tokens hashed at rest — never stored in plain text.

Role-based access

Owner, admin, and user roles. Per-domain access controls. Team invitations only.

Encrypted storage

Email content stored encrypted at rest. Database backups encrypted.

Rate limiting & bot protection

Rate limiting on every public endpoint. Turnstile on login, signup, and password reset.

Data protection

Compliance.

End users can request their data or have it deleted, and deletion cascades through audiences, history and engagement records. Consent — method, date and source — is recorded per contact. Every campaign includes one-click unsubscribe. A standard DPA is available on every plan, not just enterprise.

GDPR data erasure

End users can request complete deletion. Cascades across audiences, history, and engagement records.

GDPR data export

Full contact data export on demand in machine-readable format. No support ticket required.

Consent tracking

Opt-in method, date, and source recorded per contact. Audit trail available for every subscriber.

List-Unsubscribe headers

One-click unsubscribe (RFC 8058) on every campaign email — compliant with current sender requirements.

EU subprocessors

All subprocessors EU-based and listed publicly. Updates ship with 30-day notice.

DPA on request

Standard Data Processing Agreement available for every workspace, no enterprise tier required.

Try it on your own domain

Sign up, verify a domain, and send a test in a few minutes. The free plan doesn’t need a card, and there’s no sales call to get started.

Free plan · no card required