When I started my SaaS, I sent every email from the same Gmail-connected address. Welcome emails, password resets, marketing campaigns, support replies, everything from hello@myproduct.com. It worked fine for the first 500 users.

Then I sent my first marketing campaign to 2,000 people. A handful marked it as spam. Totally normal. But because I was sending everything from the same domain with the same reputation, my transactional emails started landing in spam too. Password reset emails. Receipt emails. Account verification emails. The important stuff.

I spent a weekend untangling the mess, separating infrastructure, warming up new subdomains, and rebuilding reputation. It would have taken 30 minutes to set up correctly from the start.

This guide is the setup guide I wish I'd had.

The Two Types of Email Your SaaS Sends

Transactional Email

Triggered by a user action. The user expects it. It contains information they need.

Examples:

• Password reset links
• Email verification
• Payment receipts
• Account notifications (new login, security alerts)
• Shipping/delivery confirmations
• Subscription changes (upgrade confirmation, cancellation confirmation)
• Usage alerts (approaching limits, quota warnings)

Characteristics:

• Sent to one person at a time
• Triggered by user behavior, not by a schedule
• Time-sensitive (password resets need to arrive in seconds)
• High deliverability is critical (users need these emails)
• Low complaint rates (users expect them)

Marketing Email

Sent by the business to drive engagement, sales, or awareness. The user may or may not expect it.

Examples:

• Newsletters and content updates
• Promotional campaigns
• Product announcements
• Onboarding sequences
• Re-engagement campaigns
• Upsell and cross-sell emails
• Event invitations

Characteristics:

• Can be sent to many people at once
• Sent on a schedule or triggered by business rules
• Not time-critical (arriving a few hours late is fine)
• Higher complaint rates (some recipients will mark as spam)
• Unsubscribe required by law

The Gray Area

Some emails fall between transactional and marketing:

• Welcome emails: Transactional (triggered by signup) but often include marketing content
• Onboarding sequences: Triggered by user action but designed to promote usage
• Product update notifications: Informational but promotional
• Review requests: Triggered by a purchase but marketing in nature

For gray-area emails, treat them as marketing from an infrastructure perspective. This protects your transactional deliverability.

Email Architecture for SaaS

Level 1: The Basics (0-1,000 users)

At this stage, simplicity matters more than optimization.

Setup:

• One transactional email service for system emails (password resets, verification, receipts)
• One marketing platform for campaigns and sequences
• Both using subdomains of your main domain

Subdomains:

• mail.yourdomain.com for transactional
• news.yourdomain.com (or updates.yourdomain.com) for marketing

DNS records needed:

• SPF records for both subdomains
• DKIM signing for both subdomains
• DMARC policy on your main domain

This basic separation is enough to protect transactional deliverability while keeping things simple to manage.

Level 2: Growth Stage (1,000-10,000 users)

More email volume means more reputation management.

Additional setup:

• Dedicated IP for transactional email (if your provider offers it)
• Separate sending pools for different marketing email types
• Monitoring for deliverability metrics
• List hygiene automation (remove bounced addresses, inactive subscribers)

Segmentation:

• Separate sending streams for onboarding vs. campaigns vs. product updates
• Different "from" addresses for different types (team@, updates@, support@)
• Preference center so users can opt out of marketing without losing transactional

Level 3: Scale (10,000+ users)

At scale, email becomes a significant infrastructure concern.

Additional setup:

• Multiple dedicated IPs for marketing (warm them gradually)
• IP rotation strategies for large campaign sends
• Real-time deliverability monitoring and alerting
• Automated suppression management
• Feedback loop integration with major email providers

Considerations:

• Send rate throttling to avoid overwhelming recipient servers
• Time-zone optimized sending for global audiences
• A/B testing infrastructure for subject lines and content
• Compliance automation for different jurisdictions (CAN-SPAM, GDPR, CASL)

Authentication: SPF, DKIM, and DMARC

Email authentication is non-negotiable. Without it, your emails are more likely to land in spam.

SPF (Sender Policy Framework)

SPF tells receiving servers which servers are authorized to send email on behalf of your domain.

What to do: Add SPF records for every service that sends email on your behalf. This includes your transactional service, marketing platform, support tool, and any other sender.

Common mistake: Having too many SPF lookups (limit is 10). If you're using many services, consolidate or use SPF flattening.

DKIM (DomainKeys Identified Mail)

DKIM adds a cryptographic signature to your emails, proving they haven't been tampered with.

What to do: Enable DKIM signing on every email service you use. Each service will give you a DNS record to add.

Common mistake: Forgetting to set up DKIM for secondary services. Every service that sends email needs its own DKIM configuration.

DMARC (Domain-based Message Authentication, Reporting, and Conformance)

DMARC tells receiving servers what to do when SPF or DKIM checks fail.

What to do: Start with a monitoring policy (p=none) to see what's happening. Once you're confident all legitimate email passes authentication, move to quarantine (p=quarantine) and eventually reject (p=reject).

Common mistake: Jumping straight to p=reject without monitoring first. This can block legitimate emails from services you forgot to authorize.

Deliverability Management

For Transactional Email

Transactional deliverability should be 99%+. If it's lower, something is wrong.

Maintain high deliverability by:

• Never sending marketing content through your transactional infrastructure
• Processing bounces immediately (remove hard bounces after the first occurrence)
• Monitoring delivery times (transactional emails should arrive within seconds)
• Using a dedicated transactional service designed for speed and reliability

Red flags:

• Delivery rate dropping below 98%
• Emails taking more than 30 seconds to arrive
• Bounce rate above 2%
• Any spam complaints on transactional emails

For Marketing Email

Marketing deliverability is naturally lower due to spam complaints and unengaged recipients.

Maintain good deliverability by:

• Cleaning your list regularly (remove users who haven't opened in 90-180 days)
• Honoring unsubscribes immediately
• Warming up new sending IPs gradually
• Monitoring spam complaint rates (target below 0.1%)
• Segmenting by engagement (send to your most engaged users first)

Red flags:

• Spam complaint rate above 0.3%
• Bounce rate above 5%
• Open rates dropping consistently
• Delivery rate below 90%

The Preference Center

Users should be able to control what they receive without losing access to critical transactional emails.

Categories to offer:

• Account notifications: Security alerts, billing updates (these should be hard to turn off)
• Product updates: New features, changelog, announcements
• Marketing: Campaigns, promotions, content
• Usage reports: Weekly digests, analytics summaries

Don't let users unsubscribe from: Password resets, security alerts, payment receipts. These are legally and functionally required.

Make it easy to: Reduce frequency, switch to digest format, pause all marketing emails for a set period.

Compliance Considerations

CAN-SPAM (US)

• Marketing emails need a physical mailing address
• Unsubscribe must be processed within 10 business days
• Subject lines can't be deceptive
• Must identify the message as an ad (if applicable)

GDPR (EU)

• Need explicit consent before sending marketing email
• Must provide easy way to withdraw consent
• Data processing must be documented
• Right to erasure includes email data

CASL (Canada)

• Stricter than CAN-SPAM: requires express consent (not just implied)
• Must identify sender clearly
• Must include unsubscribe mechanism

For all jurisdictions: Transactional emails are generally exempt from marketing-specific requirements, but they still need to be truthful and relevant to the user's relationship with your service.

Choosing Your Email Stack

The Unified Approach

One platform for everything (transactional + marketing).

Pros: Simpler to manage, unified subscriber data, one billing relationship Cons: If the platform has deliverability issues, everything is affected Best for: Early-stage SaaS that wants simplicity

The Separated Approach

Different services for transactional and marketing.

Pros: Deliverability isolation, best-in-class tools for each purpose Cons: More complex to manage, data sync challenges, higher total cost Best for: Growth-stage SaaS with significant email volume

The Hybrid Approach

One marketing platform that also handles some transactional, plus a dedicated transactional service for critical emails.

Pros: Good balance of simplicity and protection Cons: Still need to manage two services Best for: Most SaaS companies

Common Architecture Mistakes

Sending everything from one address. When marketing complaints affect transactional deliverability, you've got a major problem that's hard to fix quickly.

Not setting up authentication. SPF, DKIM, and DMARC are table stakes. Without them, your emails are more likely to be flagged as suspicious.

Ignoring list hygiene. Sending to addresses that bounce or never open degrades your sender reputation over time. Clean your list regularly.

Over-engineering too early. At 500 users, you don't need multiple IPs, complex routing, and enterprise-grade monitoring. Start simple and add complexity as you grow.

Not monitoring deliverability. If you're not tracking inbox placement, bounce rates, and complaint rates, you won't know there's a problem until users complain that they're not getting your emails.

Start Here

1. Today: Check if your transactional and marketing emails send from the same subdomain. If so, plan the separation.
2. This week: Set up separate subdomains for transactional and marketing email with proper SPF, DKIM, and DMARC records.
3. Next week: Audit your email stack. Make sure every service that sends email on your behalf is properly authenticated.
4. Ongoing: Monitor deliverability metrics monthly. Watch for drops in delivery rates, increases in bounce rates, and spam complaint trends.

With Sequenzy, you get both transactional and marketing email in one platform with built-in sender separation. Your transactional emails (receipts, notifications, password resets) go through a dedicated sending infrastructure while marketing campaigns and sequences use separate reputation. You set up one platform instead of stitching together three different services.