Email stack is outdated and must die ASAP. Strange statement coming from the developer of an email company , huh?
Imagine a world where every time you hit a 404 error somewhere, your ISP immediately blocks the service from you, calls the police saying you committed fraud and possibly hit your wife in the face, and any new registration anywhere now requires you to bring a drug analysis no older than 15 minutes. Sounds absurd, right? Well, that’s exactly the world you live in right now.
A little bit of context.
The story begins in early May 2025. I was casually browsing GoDaddy, looking for some fun domain names with the intention of buying, promising myself that I would build something awesome there, and, of course, forgetting about it instantly after completing the transaction. One of the domains I bought there was iusevimbtw.com. This domain made me laugh instantly, and ideas started bubbling so rapidly that I immediately opened VIM to craft a quirky landing page.
I made a landing page, applied all my creativity, wrote some jokes, added a waitlist subscription form, and deployed it to my Raspberry Pi cluster . A week passed, all my friends appreciated the landing, and with the “job done” feeling, I decided to move on, leaving this landing as a funny joke for a small and very special group of people. You can’t imagine what I felt when somebody put the link to my landing page in ThePrimeagen’s stream chat and he retweeted that link on his X. The number of visitors exploded. My Raspberry Pi cluster surprisingly coped with the load well, even though I had only one single instance of PostgreSQL deployed there on the same cluster for this landing.
A couple of weeks passed, and I got 60k+ waitlist subscribers and thousands of emails in my inbox about “when will you finally do this?”. That was huge. The thing that was supposed to be a joke got its community, wow.
I brought in a couple of teammates from other projects, a Lovable AI, and started crafting. First, I decided to take the simplest route and provide a very cheap Linktree alternative—people would get their subdomains with the ability to build a nice-looking HTML page with links to their social networks, websites, or set a 302 redirect to any other destination. I decided to start from that because I knew building an email service that would be secure and wouldn’t land all letters in spam was a tough task requiring a bigger team and more dedication. Before investing more resources, I had to test if the subscribers I got were really ready to use it.
The disaster.
Okay, so the first feature of the service was done, tested, and deployed to the new production environment on AWS. I sat in my office in front of my laptop looking at the 60k emails, thinking about how to send 60k email messages announcing the service launch.
Since I’d already opted into SendGrid’s transactional emails plan, I decided to check their marketing plans to see what they could offer.
I had 60k people waiting for the service launch announcement, and I needed to send 60k emails. SendGrid offered me a $200 plan for storing 100k contacts and sending 300k emails in a month. In my mind, that was a great deal—I had a reliable large partner who knew what they were doing; I had a problem, and they had a solution. I immediately opted in, paid for the subscription, imported my database, composed a letter, configured the campaign, and hit “send.”
A few minutes later, my inbox chimed with an “Account Suspended” notification for “Unexpected activity.” Seriously?
It’s like picking up a teddy bear from a store shelf, paying at checkout, then getting punched by security for actually buying it.
The funny thing is they suspended the entire account—not just the campaign, but the whole account, including all transactional messages, meaning people couldn’t even sign up or use 2FA because no email validation or OTP messages could be sent.
Also, as reported by users shortly after this disaster, SendGrid disabled all links in my emails. Every link became a 404.
Of course, SendGrid did not respond to any of my replies to the “Account suspension” ticket.
A complete disaster.
Fixing things.
In a hurry, I opened another account on Mailgun for transactional messages. I verified my domain there, moved all message templates, and rewrote my backend to send messages through Mailgun. Temporarily, I disabled OTP and email verification to ensure people could sign up and log in.
Now I know for sure I must apply “microservice architecture” to my emails decomposing transactional emails from marketing emails, ensuring if one gets banned again, the other will still work. I did quick research and opted into Mailchimp - previously, I had worked at a huge software company that outsourced all emails there, and I remembered Mailchimp’s support being fast and helpful. Although their cost is higher than other providers, support time and effectiveness are crucial to me.
Investigation.
Before sending anything I wanted to make sure that everything will be fine. I’ve reached Mailchimp support explaining them in details everything I knew at that moment. They transfferred me to the compliance team to let them help me check the “domain reputation” and see what could go wrong with Sendgrid and what could go wrong if I do the same actions in Mailchimp.
I spent 72 hours with Mailchimp’s compliance team proving I wasn’t a fraud, my message wasn’t spam, and that I’d collected 60k emails legitimately. After those 72 hours, SendGrid finally answered, showing a report of 20k hard bounces due to IP blacklisting and typos in addresses.
So for $200, SendGrid basically handed me a script that spams SMTP servers from blacklisted IPs—what a groundbreaking service!
The conclusion.
iusevimbtw.com lost its email reputation because of my naive approach. SendGrid is essentially just an HTTP layer on top of SMTP, using terrible IP addresses—nothing more.
Mailchimp’s compliance team educated me extensively about the email industry. Apparently, if your domain hits SMTP’s “404 errors” enough times, your domain’s reputation could be permanently ruined and potentially unrecoverable. Similarly, using previously blocked IP addresses can severely damage your reputation.
After 15 years of building APIs at all sorts of scales, this situation makes zero sense to me. When you’re deeply embedded in a context, these things might seem logical. However, from an outside perspective, it’s absurd:
- Systems occasionally hitting 404 errors with POST requests don’t trigger SWAT teams to your door and Earth still on it’s orbit.
- Using VPS IP addresses previously flagged for suspicious activity shouldn’t be catastrophic.
- If someone floods my API with requests, I simply throttle the requests - I don’t publicly label the client as fraudulent or criminal.
SMTP, returning a 404 or handling tens of thousands of requests is not a big deal.
Are we really so afraid of spam? Open X, Facebook, LinkedIn, Instagram - any app - you’ll find minimal relevant content amid endless spam and meaningless posts with thousands of interactions, and guess what? - no one died.
The thing I enjoy the most: thousands of compliance workers and automated systems cannot prevent my Gmail spam folder from being flooded with “Google” alerts sayng i have to pay to continue use my @gmail.com account.
This 43-year-old technology desperately needs retirement. It’s time we create something smarter.