IP reputation continues to be the most important factor that impacts deliverability. Providers are slowly moving to domain-based reputation systems that leverage DKIM. Gmail seems to weight domain reputation in their calculations higher than most currently.
This is an area that we're actively working to improve. The system is designed so that customers who are sending high quality messages get moved into better IP addresses. We look at metrics like complaint, bounce, and engagement rates to help make these decisions. This works much of the time, but is imperfect, especially when you start using Mailgun for the first time. We're developing and iteratively rolling out several machine learning classification systems that look at various features when you signup for Mailgun and place your account into better IP pools based on our internal risk calculation.
If you are seeing continuous problems, I'd love to take a look! My email address is on my profile.
Hi, we've been seeing problems like this with Mailgun for about a year (with the support ticket record to show for it) and I'd love to get in touch. FYI your email address is not currently visible in your profile (should be in the 'about' section).
Is this per-project, or per-customer? I run https://spa.mnesty.com/ with you, which has a 1.5% bounce rate (I'm guessing that's high? I don't really know), and I wouldn't want it to be interfering with my personal email (0% bounce) that I also run with you.
We are working on SSL support now. While this has drawbacks, you can terminate on a service like Cloudflare and we can enable HTTPS link writing for your sending domain. Otherwise, hangtight for a more integrated solution.
2fa is on its way. Encoding is a real pain. We went ahead and put more details about quoted printable encoding and updated our docs with some examples on how to handle this properly.
This is (and probably always will be) a work in progress for us. Our systems promote you into higher quality IP ranges as you send better e-mail. The downside is that this is a reactive process. We have some experiments that we're starting to run to help improve onboarding and IP assignment for legitimate users. In the meantime, support is always happy to review your account and expedite this process for you.
We (Mailgun) have a process to support EU model clauses that has allowed us to continue supporting most of our EU customers. There are a lot of nuances to all of this, so it's best to talk to someone on our team who has expertise and access to our legal team to come up with a plan for you.
Additionally, the landscape will change on this once Privacy Shield, the successor to Safe Harbor, is enacted. It will offer stronger protections and guarantees to EU customers without the need to have model clauses signed between entities.
Our sales team sales [at] mailgun [dot] com can talk to you about your specific situation.
I'm not sure why there was a disconnect with our sales team, but I'm happy to help. Could you e-mail me with more details? josh [at] mailgun [dot] com
The model clause process is not trivial and often requires work between the legal teams from Mailgun and the respective EU company. We've gone through the process and can definitely help any of our existing or prospective customers get through it, though. Every business is a little different, so we'd need to talk through the specifics.
We are working on this based on what we have discovered so far, there appears to be a content issue that's impacting deliverability. We have ruled out any issues with the IP address these messages are being sent from. Our lead reputation engineer going through this and we've not been successful in reaching out to the inboxtrail team yet.
Disclosure: I lead product development for Mailgun.
Though you definitely still have space for improvements. I have a Mailgun account and:
1. I didn't configure my MX so you don't track delayed (asynchronous) bounces. It should be your responsibility as an email provider to use an appropriate Return-Path so spam complaints/bounces reach back to the client in this situation.
2. I opened ticket #212817 a while ago (September) about how a MITM could capture emails and replay them by injecting duplicate Subject/From/To headers (article here: https://wordtothewise.com/2014/05/dkim-injected-headers/) but this still isn't fixed today :(
That said, we're very happy with the service :), one of the killer features is how easy it is to manage wildcard sub-domains (compared to the pain it is with Mandrill).
On issue #1, we're going to update the language around this in our control panel and put together better documentation. In reality, having MX records are important to allow for sender address verification [1], which many SMTP servers require.
On issue #2, Thanks and apologies for the slow response, This ticket slipped under our radar.
To give you a quick answer: we'll look into the approach you described in your blog post as well as RFC 6376. It seems legit but we'll need to do some more testing to ensure that deliverability does not suffer due to changing how we sign messages. If deliverability does suffer, we can always make this something that is an optional security setting that can be toggled, like how you can enable and disable TLS certificate validation now.
Our security engineer will take a look and reach out to you with more details in the ticket.
Great feedback. Our UI is definitely something that could use some attention and is a big priority for us this year. We've made some big hires that are 100% focused on making it a great experience.
If you'd like to talk about more specifics, please reach out at anytime josh [at] mailgun [dot] com.
