b2bemail
01Security, GDPR

How do we reduce spam and reputation risk?

Every outgoing email passes through a 9-point check line. Your day-to-day company email and your main domain stay protected throughout — separate sending domains, separate mailboxes, gradual warm-up. Every decision is logged.

Last reviewed: June 2026.

Approval workflow

Every email is checked three times before it goes out.

01

Draft

The operator writes the email, tailored to the ICP and to the tone of voice you agreed on together.

02

Security check

The 9-point security filter runs over the email: do-not-contact list (DNC), blocked words, mailbox health, domain authentication.

03

Client approval

For the first campaigns, you can see and approve every email before it goes out.

04

Send

Logged sending, during European business hours, within a gradually increasing daily quota.

For the first campaigns, you can see and approve each individual email. A campaign only moves to semi-automatic or automatic mode once the agreed security rules have proven themselves.

Security filter

9 checks before every email.

Every outgoing email runs through the full filter line — whether it is manually approved or sent automatically. If any check fails, the email does not go out or is routed to a human approval queue.

The result of every check is recorded in the audit log — any decision can be traced after the fact.

  1. 01

    Do-not-contact list (DNC)

    Blocking at the email, domain, and company level. A single incoming unsubscribe instantly blocks that contact globally across every campaign.

  2. 02

    Blocked terms

    Checks the subject line and body against words and text patterns supplied by the client. On a match, the email does not go out.

  3. 03

    Recipient cooldown

    A global contact log. The same person does not receive a new outreach from another mailbox during the cooldown period (30 days by default).

  4. 04

    Domain authentication

    SPF, DKIM, and DMARC checks. Email is only sent from domains with a verified (HEALTHY) status — missing authentication is an immediate block.

  5. 05

    Mailbox health

    The sending account's status must be WARMING or READY. Nothing is sent from a PAUSED mailbox.

  6. 06

    Daily limit

    If the account has reached its daily sending limit, further emails are queued. The count is real-time — it is not based on a delayed counter.

  7. 07

    Deliverability score

    The mailbox must have a score of at least 70/100 — a composite of SPF/DKIM/DMARC, blocklist (RBL), bounce, and complaint rates.

  8. 08

    Readiness snapshot

    A status of the entire system's health, refreshed every 30 minutes. It blocks on PAUSE and warns on THROTTLE.

  9. 09

    Approval mode

    Manual, semi-automatic, or automatic mode — the client chooses. In manual mode, every email goes to a person for approval.

Mailbox health

Continuous scoring across 13 signals.

Every sending account receives a 0–100 score for its health. The score is a combination of deliverability, reputation, and behavioral signals.

$ mailbox-status --account hello@send.b2brelay.com

  spf      = pass        dkim   = pass        dmarc  = pass
  bounce   = 0.6%        complaint = 0.04%    rbl    = clean
  warmup   = day 18 / 21 score   = 82 / 100   status = READY
READYScore: 75–100

READY · can send

All signals are healthy. The mailbox can send at full capacity.

  • SPF, DKIM, DMARC all valid
  • Bounce < 1%, complaint < 0.1%
  • Blocklist (RBL) and Postmaster: clean
  • Reputation: stable
WARMINGScore: 60–74

WARMING · ramping up

Some signals are weakening, or the account is still warming up. It keeps sending at a reduced pace, and an operator reviews it.

  • Elevated bounce (1–2%)
  • Or: elevated complaint rate (0.1–0.3%)
  • Or: weakening reputation signal
  • Operator is notified
PAUSEDScore: 0–59

PAUSED · stopped

A critical signal. The mailbox does not send until an operator has reviewed and restored it.

  • Bounce > 2%, complaint > 0.3%
  • Listed on a blocklist (RBL)
  • Domain status: blocklisted
  • DNS / auth error
Warm-up

3 weeks, gradually.

A new mailbox sends only a few emails per day at first. We only increase the volume when reply and bounce rates are in good shape. This way the account does not look new and suspicious to receiving servers.

Days 1–3
5 emails/day
Days 4–7
10 emails/day
Week 2
15 emails/day
Week 3+
20 emails/day
Separate sending infrastructure

We don't send from your day-to-day company email account.

Automatic pause

If something goes wrong, it stops.

The system stops sending if the signals turn bad. Concrete, measurable thresholds. The operator is notified immediately.

Bounce rate
Mailbox pauses automatically, operator notified
> 2% (24 h)
Complaint rate
Mailbox pauses automatically, manual review
> 0.3% (24 h)
Unsubscribe rate
Daily limit reduced, operator alert
> 3%
Blocklist (RBL) listing
Immediate stop, domain investigation
Critical
Domain status
Every mailbox on the affected domain stops
Blocklisted
Data source

Where do the addresses come from?

We use only transparent sources licensed for B2B use. The source is documented for every new campaign, and you can request it at any time.

  • Public company databases and data sources licensed specifically for B2B use.

  • We use only work (corporate) email addresses; never personal ones.

  • Every new list is run against the global DNC list before a single email goes out.

  • We document the data source at the campaign level; you can request it at any time.

Unsubscribe

One click — blocked globally.

An unsubscribe takes effect immediately across every mailbox and every campaign. The do-not-contact list is central, and the security filter checks it first.

  • Every email contains a clear unsubscribe option.
  • A single unsubscribe excludes the recipient globally — from every mailbox, every campaign.
  • Company-level blocking is also supported: a single "not interested" signal can be extended to the entire domain.
  • Against over-frequent outreach: a 30-day cooldown toward the same company by default.

"We don't bombard the same company from several campaigns at once."

GDPR

A GDPR-aware process, tailored to all 27 EU member states.

  • A clear unsubscribe option on every email
  • B2B outreach on a legitimate-interest basis, with a documented balancing test per country
  • A data processing agreement (DPA) available to every client
  • Lead data stored only for the duration of the active campaign
  • Industry-specific rules (finance, healthcare)
  • We apply a stricter consent threshold for DE, AT, IT, and ES
  • Mandatory footer text per country
Audit log

Every decision is logged.

  • Every send, reply, approval, and rejection — timestamped
  • The audit log cannot be modified after the fact
  • Who, what, when, why — every event is traceable
  • Operator and system decisions kept separate
  • Throttle operations and mailbox status changes are recorded
  • DNC list changes with their source (who added the entry and why)
  • The log for any given period is available on the client's request

Working in a conservative industry?

Finance, healthcare, government clients — we help you navigate the industry-specific rules and language requirements.

Request an intro callRequest an intro call