BIG BOX Hosting
Get a quote
Ljubljana — 46°03′N 14°30′E Est. 2002 — Issue №24

Email infrastructure
that lands in
the inbox.

We run dedicated PowerMTA and KumoMTA stacks for senders pushing hundreds of thousands to tens of millions of messages a day. Tuned per ISP, billed in euros, hosted in jurisdictions that answer to European law — not to a parent company in California.

See pricing → Talk to an engineer
No minimum term Wire, card, PayPal, BTC 4h ticket SLA Stack live in 24h
Live fra04.bigboxhosting.com 00:00:00
Deliveries / sec — last 60s 0msg/s
Gmail
0
today 0
Outlook
0
today 0
Yahoo
0
today 0
Stream time · isp · response · latency
    tail -f /var/log/pmta/acct.csv 0 sent today
    7M+ Emails delivered
    per hour, per node
    0.4% Median bounce
    on warmed IPs
    24yr Operating from
    Ljubljana, since 2002
    99.99% Network uptime
    last 24 months
    00  /  The state of email in 2026

    One in six emails never sees the inbox.

    The Validity 2026 benchmark puts global inbox placement at 83.5%. Two years after Gmail and Yahoo's bulk-sender rules went live, the gap between "delivered" and "actually read" has hardened into a structural problem.

    The number that should make any sender uncomfortable: technical delivery success now overstates real inbox reach by about 40 percentage points. An MTA can hand off a message, get back a clean 250 2.0.0 OK, and the message still ends up in spam, in the Promotions tab, or filtered out of user attention entirely. Authentication that was the gold standard in 2023 — full SPF plus DKIM plus DMARC alignment — only buys you the right to be evaluated. It does not buy placement.

    Engagement is what mailbox providers weight most heavily now. Gmail looks at how often your recipients actually open and click and reply — and how often they don't archive without reading. Yahoo runs a similar model. Microsoft is the harshest grader of the four, and the gap between best-case Gmail placement (around 95%) and worst-case Outlook placement (around 76%) is the difference between a campaign that pays for itself and one that loses money on send.

    The senders who are clearing 95% in 2026 share a pattern. They run their own infrastructure or rent dedicated capacity from someone who does. They do not co-tenant their reputation with the kind of bulk traffic that gets shared SMTP relays added to Spamhaus and SURBL within weeks. They warm IPs slowly, segment ruthlessly by engagement, and treat deliverability as a discipline that has to be maintained every week — not a setup task that ends when the DNS records propagate.

    The other shift, less visible but harder to ignore, is jurisdictional. The EU Data Act became fully applicable on 12 September 2025. Chapter VII obliges cloud providers operating in the EU to actively block unlawful third-country government access requests, including U.S. CLOUD Act demands. In a French parliamentary hearing in June 2025, Microsoft's legal director admitted under oath that no contractual or technical arrangement could override the CLOUD Act's reach over data held by U.S.-controlled entities — even when the data sits in Frankfurt. For senders who handle European customer lists, that admission changed the calculus. Geography is not jurisdiction. Where the parent company is incorporated decides who can lawfully demand access to your subscriber data.

    91%
    Inbox placement
    European recipients (Validity 2026)
    83%
    Global average
    across all regions
    78%
    APAC ceiling
    where global campaigns lose the most
    0.3%
    Gmail's hard limit
    on spam complaint rate
    01  /  How we operate

    Built for senders, not marketers.

    We are not an ESP and we are not a marketing platform. We rent and tune the infrastructure that ESPs and platforms run on top of — the layer where the SMTP handshake happens and where the deliverability fight is actually won or lost.

    Most companies who think they have an "email problem" actually have an infrastructure problem. They moved from a budget shared relay onto a marketing platform that still terminates through someone else's IP pool. They ran fine at 50,000 sends a month. At 500,000 they started to stall. At 5 million they hit a wall — temp-fails from Gmail, deferrals from Microsoft, soft bounces piling up in queues that should have drained in seconds. By the time most teams call us, the wall has been there for six weeks and three campaigns have already been written off.

    The fix is rarely exciting. It is almost always the same shortlist: dedicated IPs that nobody else is sharing, an MTA tuned per receiving domain rather than configured once and forgotten, an honest warm-up curve that respects the engagement cohort of the list, and someone on the operations side who reads tail -f /var/log/pmta/acct.csv as a daily habit rather than something they remember during incidents.

    The four products below cover the operating layer. Pricing is the second-to-last section on this page, and there is no asterisk attached to it. If you want to get a sense of fit before reading any further, the Sender tier at €259/month is what most agencies and B2B operators between 100,000 and 1.5M sends a month end up running. Anything above that gets quoted as Enterprise. Anything below tends to be solved by a shared SMTP relay at €49/month, and we will tell you so honestly.

    We have watched dozens of teams cut corners on engagement segmentation and blow up new IPs in the first two weeks. The schedule is forgiving. Bad data isn't. — Operations note, internal warm-up runbook

    One last thing worth saying out loud. Email is not a solved problem. The rules that worked in 2022 do not work now. The Google and Yahoo bulk sender enforcement that started in February 2024 is still tightening — Gmail's inbox placement dropped from 89.8% to 87.2% over the course of 2024 as engagement filtering got sharper. There is no provider, ourselves included, that can promise 99% inbox placement to a sender who refuses to clean a list, segment by engagement, or honour unsubscribes. What we can promise is that the infrastructure will not be the reason you fail. The MTA will be tuned correctly. The IPs will be warm. The DNS will be aligned. From there, the deliverability work is collaborative.

    ─────────────────────────────────────────────────────────────────────────
    02  /  What we operate

    The operating layer for serious senders.

    Six core products, all built around the same idea: dedicated capacity, transparent pricing, and an engineer in the loop. Pick the one that matches the volume and the use case. We will tell you honestly when the smaller plan is enough.

    № 02.01

    PowerMTA Hosting

    The commercial MTA that most large ESPs still run on. We host it on dedicated hardware, tune VirtualMTAs per ISP, and handle the bounce parsing, FBL processing, and PMTA accounting log analysis ourselves. No license headaches.

    from EUR 249 / mo
    № 02.02

    KumoMTA Hosting

    The open-source successor to PowerMTA, written in Rust, configured in Lua. Built by some of the same engineers. AWeber and Cloudmark plus a long list of mid-tier ESPs migrated in 2024 and 2025. We will run the migration if you have a PMTA config file.

    from EUR 299 / mo
    № 02.03

    SMTP Relay

    Plug-and-play SMTP and HTTP API for transactional or marketing or hybrid traffic. Managed deliverability included — we run the suppression list, watch the complaint rate, and handle the renewals. Best fit under 1M sends per month.

    from EUR 49 / mo
    № 02.04

    IP Warmup

    A 4 to 6-week reputation build with daily volume curves, ISP-by-ISP throttling, and live bounce analysis. Engaged cohort first, expanding by 15% per stage. We pause the ramp the moment the complaint rate trends the wrong way — not after.

    from EUR 199 / IP
    № 02.05

    Offshore Dedicated

    Full physical machines in jurisdictions outside the reach of the U.S. CLOUD Act. Slovenia, Luxembourg, Switzerland, Iceland, Sweden. Single-tenant, customer-controlled encryption keys, no parent company in California.

    from EUR 119 / mo
    № 02.06

    SPF / DMARC Audit

    Authentication review aligned with the Google and Yahoo bulk sender rules and the upcoming Microsoft tightening. We run the DNS, fix the alignment, advance you from p=none to p=reject on a schedule that does not break legitimate mail.

    from EUR 750 one-time
    ─────────────────────────────────────────────────────────────────────────
    03  /  Choosing your MTA

    PowerMTA or KumoMTA — and where does SES fit?

    The honest answer depends on volume — control and how much you want to write Lua at 2 a.m. Here is the comparison we walk every prospect through before they sign anything.

    The MTA layer in 2026 has consolidated around three real options for senders pushing serious volume. PowerMTA is the incumbent — about two decades of production use, a known configuration model, and a license that runs around USD 8,000 per year on the volume tier. KumoMTA arrived in 2023, written in Rust by former PowerMTA engineers — free and open-source under Apache 2.0. AWeber migrated their entire delivery infrastructure to it in 2024. Amazon SES is not really an MTA in the same sense — it is a managed service that hides the engine entirely — but it is what most teams compare against when they are doing the build-vs-buy maths.

    The shortlist below leaves out Postfix and Exim deliberately. Both are excellent for general-purpose mail and for small transactional volumes, but neither was designed for traffic shaping at the per-receiving-domain granularity that a serious sender needs once they pass roughly 500K messages a day.

    Feature PowerMTA KumoMTA Amazon SES
    Licensing model Commercial, per-server, ≈USD 8K/yr Apache 2.0, free, paid support optional Pay per email sent (≈USD 0.10/1000)
    Throughput per node 7–9M emails/hour 10M+ emails/hour Provider-managed, no node concept
    Configuration model Flat-file, no conditionals Lua scripting, full programmability Console + IAM, no per-domain tuning
    Per-domain throttling Native (VirtualMTAs) Native (egress sources) Limited, account-wide
    Real-time observability Accounting CSV + custom tools Native Prometheus, Grafana dashboards CloudWatch metrics + SNS events
    Webhook events Available via plugins Native HTTP, AMQP, Kafka SNS / EventBridge
    Custom IP pool routing Yes Yes (Lua-defined) Configuration sets, less granular
    Vendor lock-in Moderate (license dependency) None (Apache 2.0) High (AWS account binding)
    EU data sovereignty Self-hosted — depends on operator Self-hosted — depends on operator U.S. parent, CLOUD Act applies
    Best fit volume 5M+ daily, established team 500K – 50M+ daily Under 1M daily, transactional-heavy

    Where we land in 2026: for new infrastructure deployments without a strong reason to stay on PMTA, we recommend KumoMTA. The Rust core delivers higher throughput per box, the Lua configuration is more compact and far more flexible, and the free license eliminates the per-server cost that makes PowerMTA painful to scale horizontally. For migrations off existing PMTA setups where the team already has years of muscle memory in the flat-file syntax, we run both — many of our clients keep PowerMTA on the established IPs and bring up KumoMTA on the new ones, then migrate gradually.

    SES is a different conversation. It works well at low volume and as a failover lane. But you pay per send, you do not own the IPs, you cannot tune per-domain at the granularity Gmail and Microsoft now reward, and your jurisdiction is whatever Amazon's parent company says it is. For a sender doing 100K transactional emails a month, SES is fine. For anyone running a list, anyone whose business model depends on inbox placement, anyone with European recipients whose data needs to stay outside the CLOUD Act, it stops making sense around the second invoice.

    ─────────────────────────────────────────────────────────────────────────
    04  /  Selected work

    Three migrations, anonymised.

    Names are removed at client request. Volumes plus timelines plus metrics are real and unedited. We can introduce you to two of these teams as references after a signed NDA — the third operates in a sector where the relationship itself is confidential.

    B2B SaaS · 11M/mo

    From SendGrid to dedicated KumoMTA

    A Nordic B2B platform was bouncing off SendGrid's shared pool with a complaint rate above 0.4% — most of which traced back to other tenants. Inbox placement at Microsoft sat at 71%. We migrated them to a dedicated KumoMTA stack on two warmed /29 ranges across Frankfurt and Stockholm over six weeks. The migration ran in parallel with their existing pipeline and we cut traffic over in 10% increments while monitoring per-domain placement.

    +24pts
    Microsoft inbox placement
    71% → 95%, sustained at 60d
    ESP · 480M/mo

    PowerMTA tuning during peak season

    A French ESP serving 800+ resellers was throttling out of Gmail in mid-November — the worst possible time. The PMTA configuration had not been touched in three years and the VirtualMTA per-domain limits were calibrated for a 2022 Gmail. We rewrote the throttling tables, segmented the sender pools by complaint rate, and added a real-time circuit breaker on the worst-performing 5%. Done in 11 days without a single hour of campaign downtime.

    −68%
    Gmail temp-fail rate
    4.1% → 1.3% within 14 days
    Crypto-adjacent · undisclosed volume

    Migrating off SES to Iceland

    A platform with a regulated user base could not justify keeping subscriber data on AWS infrastructure after the Microsoft testimony to the French parliament made the CLOUD Act exposure explicit. We provisioned dedicated KumoMTA on Icelandic hardware, transferred the suppression list and the engagement cohort, and re-warmed two new /29 ranges with their most engaged 30-day audience. The legal team signed off on the architecture before the cutover.

    9days
    From signed contract
    to first production send
    ─────────────────────────────────────────────────────────────────────────
    05  /  Jurisdiction matters

    Frankfurt is in Germany. Your provider may not be.

    The single most important sentence about EU data sovereignty in 2026: residency is not jurisdiction. Where your bytes sit physically does not decide who can lawfully demand access to them.

    The EU Data Act became fully applicable on 12 September 2025. Chapter VII (Article 32) obliges cloud providers operating in the EU to put in place "all adequate technical, organisational and legal measures" — the directive's exact wording — to prevent unlawful third-country government access to non-personal data. When a provider receives an access request from a non-EU government — including a U.S. CLOUD Act demand — it must assess the request, challenge it where it conflicts with EU law, and disclose only the minimum data necessary if disclosure is unavoidable.

    That obligation collides directly with the U.S. CLOUD Act. The CLOUD Act, passed in 2018, gives U.S. law enforcement the authority to compel any U.S.-headquartered company to produce data under its custody, regardless of where the data is physically stored. Frankfurt, Dublin, Stockholm — the address does not matter. Jurisdiction follows the corporate parent.

    Microsoft's legal director told the French parliament under oath in June 2025 that no contractual or technical arrangement could override a properly executed CLOUD Act demand on EU customer data held by a Microsoft entity. — French Senate hearing, public record, June 2025

    That testimony reframed the entire compliance conversation. EU residency through AWS, Microsoft Azure, or Google Cloud is residency, not sovereignty. The "EU sovereign cloud" offerings from each of the three U.S. hyperscalers — Microsoft 365 EU Data Boundary, Amazon's European Sovereign Cloud, Google's Sovereign Controls — provide a degree of operational separation, but the parent company remains under U.S. jurisdiction and the CLOUD Act remains a live exposure.

    For email infrastructure specifically, this is more than abstract policy. Email subscriber lists are personal data under GDPR. Engagement logs from a marketing campaign include behavioural data. Bounce records identify individuals. A sender running list traffic through a U.S.-controlled SMTP relay is, in 2026, accepting that its EU subscriber data is reachable by U.S. legal process — even when the IPs are in Germany.

    Slovenia →
    Our headquarters and the jurisdiction our corporate counterparty operates under. EU member state and eurozone member with GDPR enforcement native to the legal system. NIS2 and Data Act compliance are native too. The Constitutional Court of the Republic of Slovenia struck down the national data-retention regime in judgment U-I-65/13 of 3 July 2014 — abrogating the provisions that transposed Directive 2006/24/EC and ordering operators to delete the data they already held. The judgment has held. We have operated from Ljubljana since 2002, and the regulatory environment has been more predictable than the marketing copy of any vendor we compete with.
    Luxembourg →
    One of the five jurisdictions in our network. EU member state, GDPR enforcement that produced the largest fine in EU history (€349 million against Amazon, July 2021), and the Article 41 professional secrecy framework of the Loi du 5 avril 1993. Procurement teams in regulated industries — financial services especially — recognise the Luxembourg jurisdiction without explanation, which is why roughly 38 percent of our offshore-dedicated deployments land here.
    Switzerland →
    Outside the EU, but adequacy-decision country with strong national privacy law (revFADP, in force since 2023). Long-standing tradition of resisting compelled foreign disclosure. Suitable when the sender wants EU-comparable protection but with non-EU jurisdiction.
    Iceland →
    EEA member, GDPR-aligned, constitutional protection of free expression that goes beyond most EU baselines. Iceland's Modern Media Initiative framework and the Free Speech Constitutional clause make it a popular choice for journalism platforms and politically-exposed senders.
    Sweden →
    EU member, no mandatory data retention regime since the Tele2 Sverige ruling. Strong tradition of source protection law. Stockholm is one of our larger PoPs for senders with Nordic-heavy lists.

    None of the above means we can promise immunity from every legal process anywhere. We cannot. What we can promise is that no parent company in our ownership structure is U.S.-incorporated, that we run our own provider-independent address space and have operated our network since 2003, and that any government request reaching our corporate counterparty comes through a Slovenian court or a Mutual Legal Assistance Treaty channel — not a unilateral demand from a foreign agency. Requests targeting infrastructure in the other four jurisdictions go through that jurisdiction's courts, under that jurisdiction's law.

    ─────────────────────────────────────────────────────────────────────────
    5.5  /  Field notes

    Latest from the blog.

    Engineering notes from the operations team — protocol shifts, regulatory updates, post-mortems. Roughly monthly. All posts →

    22 Apr 2026 · 6 min

    DKIM key rotation playbook for 2026

    The procedure looks simple — generate a new key pair, publish on a new selector, configure the MTA. Three steps. Here is what actually goes wrong, and the operational sequence that prevents it.

    06  /  What it costs

    Three plans. Real numbers.

    No hidden fees. No surcharge for SSL or rDNS or basic deliverability tuning — those are part of the work, not add-ons. VAT is added where applicable. Annual billing gets you two months free; we will quote it on request.

    Starter For solo senders and small lists
    • Shared SMTP relay, 1 sending domain
    • Up to 50,000 sends per month
    • Standard SPF / DKIM / DMARC support
    • Email-only support, 24h response
    €89 per month, VAT excl. Start sending →
    Sender For agencies and B2B operators
    • Dedicated PowerMTA or KumoMTA stack
    • Two dedicated IPs, full rDNS alignment
    • Up to 1.5M sends per month, no daily cap
    • IP warmup curve included
    • 24/7 ticket support, 4h SLA
    • Monthly delivery review
    €249 per month, VAT excl. Pick this plan →
    Enterprise For ISPs, ESPs, high-volume senders
    • 10+ dedicated IPs with rotation strategy
    • Multi-region MTA fleet, no message cap
    • Custom DNS, vMTA segmentation
    • Dedicated deliverability engineer
    • 1h SLA, named on-call rotation
    Custom Quoted by volume Talk to sales →
    ─────────────────────────────────────────────────────────────────────────
    07  /  Common questions

    Direct answers, no sales fluff.

    Written by the engineering team. If yours is not here, write to us at [email protected] — we add the new ones every month.

    01 What is the actual difference between PowerMTA and KumoMTA, and which one should we pick? +
    PowerMTA is the long-standing commercial MTA used by most large ESPs since the 2000s. The license runs around USD 8,000 per year on the volume tier, and the configuration is a flat-file format that does not support conditionals or iteration. KumoMTA is the open-source alternative, written in Rust by some of the same engineers, configured in Lua, free under Apache 2.0. AWeber and Cloudmark both migrated, plus a long list of mid-tier ESPs in 2024 and 2025.

    For new infrastructure, we recommend KumoMTA in almost every case. The Rust core delivers higher per-node throughput, the Lua config is more compact and far more flexible, and there is no per-server license tax. For migrations off existing PMTA setups where the team has years of muscle memory, we run both in parallel and migrate gradually. The exception: if your team requires a vendor SLA backed by a commercial entity for procurement reasons, PowerMTA's parent company sells one. KumoMTA also offers paid support tiers if that is the deciding factor.
    02 Are you really offshore, or is "offshore" just marketing? +
    Offshore in our usage means hosted in a jurisdiction that operates under its own legal framework and is not subject to U.S. extraterritorial reach via the CLOUD Act. We have hardware in Slovenia (our home jurisdiction), Luxembourg, Switzerland, Iceland, and Sweden. We do not have hardware in the United States. We do not have hardware in the United Kingdom. We do not have hardware in any other country with a Mutual Legal Assistance Treaty that materially weakens local protection.

    What we are not is a "DMCA-ignored" host. If a Slovenian court issues a lawful order against content we operate, we comply with that order. If a Luxembourg, Swiss, Icelandic, or Swedish court issues a lawful order against infrastructure within their jurisdiction, we comply with that too. If a U.S. agency makes a unilateral demand for data, we do not — we are not subject to U.S. jurisdiction. We will explain the actual legal reality of each location during a sales call rather than promise something that does not exist. Anyone selling true CLOUD-Act immunity for data they hold in their own custody is either a non-U.S. provider being honest, or a U.S.-controlled provider being economical with the truth.
    03 How long does IP warmup take in 2026, and what changed with the Google and Yahoo bulk sender rules? +
    Four to six weeks for a single new IP, longer for cold domains. The first ten days are the critical window — that is when ISPs decide whether to even open the door. We start with a 30-day-engaged segment only, hold there through week two, then expand to 60-day engaged in week three, then 90-day in week four. Volume increases by no more than 2× per day, never on a Friday or before a public holiday in the recipient cohort.

    The February 2024 Google and Yahoo bulk sender rules raised the floor: SPF plus DKIM plus DMARC alignment, one-click List-Unsubscribe via the POST header, complaint rate sustained under 0.3%. Those rules are the minimum to avoid being filtered, not the formula for inbox placement. Engagement still drives placement. A warmed IP sending to an unengaged list will sit in spam regardless of how clean the authentication is.

    If your IP has been dormant for more than 30 days, treat it as cold and rerun the full warmup. Most reputation systems retain data for about 30 days; longer than that and you are starting from zero in the eyes of the major mailbox providers.
    04 What payment methods do you accept? +
    International wire transfer and PayPal are the most common options. We also accept the major credit and debit card brands (Visa, Mastercard, American Express). For privacy-conscious clients we also accept Bitcoin and the main altcoins (Ethereum, Litecoin, USDT, USDC) through a non-custodial processor. We do not accept SEPA direct debit. We invoice in euros; if you need a USD or GBP invoice for accounting, we issue it at the spot rate on the billing date.
    05 We are doing 50,000 sends a month. Do we need a dedicated IP, or is shared fine? +
    Shared is fine, in your case provably so. Dedicated IPs only outperform shared pools above roughly 100,000 sends a month — below that threshold the IP does not see enough volume to maintain a stable reputation, and a quiet IP is a suspicious IP. The other variable is consistency: if you send 100K once a quarter and nothing in between, dedicated is the wrong choice regardless of total volume.

    Where shared goes wrong is reputation contamination from co-tenants. The right shared pool is one where the operator segments by industry and engagement profile, removes bad actors aggressively, and runs continuous spam-trap monitoring. The wrong shared pool is whatever the cheapest provider on Hostsearch is selling for €5 a month — those are inhabited by senders who would not pass our intake review. Our €89/month Starter tier is a curated shared pool. If a co-tenant's complaint rate trends bad, we move them off before they can damage the rest.
    06 Can you migrate us off SendGrid, Mailgun, SES, or Postmark without breaking our pipelines? +
    Yes, and parallel migration is the only sensible way to do it. We provision your KumoMTA or PowerMTA stack with new IPs, warm them on a 30-day engaged segment from your existing list, and run both pipelines side by side while we shift traffic over in 10% increments. The application keeps writing to your existing SMTP relay until the cutover — we just attach a second relay endpoint and route through both.

    Suppression list transfer is the underrated part. Most migrations go wrong because someone forgets to import the bounce list and complaint history from the old provider, then re-mails 8,000 hard-bounce addresses on day one and torches the new IPs. We pull the suppression list, deduplicate against your active list, and load it into the new MTA before any traffic flows. Typical migration runs 4 to 6 weeks end-to-end and we never charge for the legacy provider's overlap period — that is your problem with them, not with us.
    07 What is the actual difference between an SMTP relay and a dedicated MTA stack? +
    An SMTP relay is a managed service: you submit messages over SMTP or HTTP, the provider's infrastructure does the heavy lifting (queueing, retry, throttling, authentication signing), and you share the underlying IPs and engine with other tenants. A dedicated MTA stack is the full thing — you (or we, on your behalf) operate PowerMTA or KumoMTA on dedicated hardware with dedicated IPs, configure the per-domain throttling tables yourself, parse the accounting CSV yourself, and own the reputation outright.

    Below 1M messages a month, the relay is almost always the right choice. Above 5M a month and especially above 10M, the dedicated stack pays for itself within the first quarter through better placement, lower per-message cost, and the ability to tune for the specific failure modes you see. The middle band — 1M to 5M — is judgment-call territory and depends on whether your traffic is bursty, what mix of transactional vs marketing you have, and whether you need per-tenant isolation for compliance reasons.
    08 How do you measure inbox placement and how is it different from delivery rate? +
    Delivery rate is the percentage of messages the receiving MTA accepted with a 250 response. Inbox placement is the percentage of those accepted messages that ended up in the recipient's primary inbox rather than spam, the Promotions tab, or filtered out of view entirely. The gap between the two is the deliverability problem. Validity's 2026 benchmark puts delivery rates around 99% for properly authenticated senders, and inbox placement at 83.5% globally. The 15-percentage-point gap is real revenue.

    We measure inbox placement through a combination of seed-list testing across Gmail, Outlook, Yahoo, and Apple Mail, ISP-specific feedback loops where they exist (Yahoo CFL, Microsoft SNDS), Google Postmaster Tools data, and engagement-based inference from your own list. None of these is perfect on its own. Together they are accurate to roughly ±2 percentage points at the per-domain level, which is enough to make tuning decisions on. We send a monthly placement report to every Sender and Enterprise client.
    09 Do you require a long contract or a setup fee? +
    No on both. Month-to-month billing, cancel any time with 30 days' notice. There is no setup fee on the Starter or Sender tiers — provisioning is part of the service. Enterprise deployments occasionally have a one-time engineering fee when the client needs a custom Lua configuration or a multi-region failover topology, and we quote that explicitly before any work starts. We do not believe in setup fees that exist only because they are easy to charge.
    10 What happens if our complaint rate spikes or our IPs get listed on Spamhaus? +
    We watch the complaint rate continuously. If it crosses 0.15% (our internal alert threshold, half of Gmail's hard limit) we open a ticket with your operations contact within the hour. If you go above 0.25% we pause new sends until the underlying issue is identified — usually a single bad campaign or a list segment that should not have been mailed. Recovery from a complaint spike typically takes 30 to 60 days of clean sending.

    For Spamhaus listings, we delist on your behalf when the listing is on infrastructure we operate. The listing process at the major blacklists (Spamhaus SBL, CSS, XBL; Spamcop; Barracuda BRBL; SURBL; URIBL) is well-documented and we have institutional relationships with the operators that go back years. We cannot make a listing disappear if the underlying behaviour has not changed — and we will not pretend otherwise. What we can do is move quickly through the appeal process, document the corrective action, and get your IPs back to a clean state.
    11 What kind of support do you actually provide and what does the 4-hour SLA mean? +
    Tickets are handled by engineers, not by a triage queue that escalates after a day of automated responses. The 4-hour SLA on the Sender tier means a human reads your ticket and responds with action or with the question we need answered to take action — within 4 hours, 24/7. Enterprise clients get a 1-hour SLA and a named on-call engineer with a phone number.

    For Starter clients (€89/month), email support runs on a 24-hour SLA during European business hours. We do not sell a "premium support" upgrade because we think charging extra for a working support channel is the wrong business model. Either we support the customer or we do not — there is no middle tier where you pay more to be treated like a customer.
    12 Why are you based in Ljubljana specifically? +
    We have been here since 2002 — that part is historical more than strategic. The reasons we have stayed are deliberate, though. Slovenia is an EU member state and eurozone member with native GDPR enforcement and a constitutional court with a documented record of striking down disproportionate surveillance law — judgment U-I-65/13 of 3 July 2014 abrogated the national data-retention regime and ordered operators to delete the data they already held, going further on the remedy than the CJEU's Digital Rights Ireland decision earlier that year. The judgment has held. Ljubljana sits on the Central-European fibre corridor, and the Slovenian Internet Exchange provides the kind of carrier-neutral peering that the larger Western hubs are known for. Our PoPs in the other four jurisdictions are extensions of a Slovenian parent, not a U.S. parent — that is the variable that decides whether the corporate counterparty falls under U.S. extraterritorial reach, and ours does not.
    13 Do you offer a free trial or a money-back guarantee? +
    Not in the conventional "first month free" sense. The Starter tier at €89/month is the closest thing — provisioning takes under an hour, you can cancel after the first billing cycle, and you have lost €89 if it does not work for you. For Sender and Enterprise we will run a paid pilot of 30 to 45 days with the option to terminate without penalty if the agreed deliverability targets are not hit. We are confident enough in the work that we will commit to specific placement and bounce-rate numbers in writing before the pilot starts.
    14 Can you give us references? +
    Yes, after a signed mutual NDA. We have clients in B2B SaaS, in a couple of regulated sectors, and in independent media — most of whom prefer not to name us publicly because the offshore-hosting decision is itself sensitive. We will introduce you to two reference clients in your size range during the sales process. The third bucket of work, in regulated and crypto-adjacent sectors, we cannot name even under NDA — but we will describe the architecture in detail.