Comment by mhykim
14 hours ago
We do have robust checks in place to catch spam and bad actors(reputation, SPF DKIM DMARC, etc.) but as with all tools there will be bad actors who come up with creative ways to scheme for nefarious purposes.
We expect our infra and policies to evolve with usage, and one of our goals is to make agent driven email safer than the status quo, not just more scalable
But as of now you're just wide open for abuse? Okay
Resend uses SES since it's almost impossible to get private IP mail to hit the inbox through ProofPoint filters. Looks like you have no idea about any of this. You don't even have knowledge of email reputation, much less a plan. Have you heard of Senderscore? You will have all zeros. Saying "SPF DKIM DMARC" is wild - that's a checklist from 15 years ago.
I think we’re aligned on the hard parts here, so let me be precise.
We’re not wide open for abuse nor are we bypassing the hard parts of email reputation. Quite the opposite. We also utilize SES's infrastructure and monitor reputation continuously, but we don’t assume SPF/DKIM/DMARC are sufficient on their own. They’re basics we have implemented, not the entire strategy.
You are correct private IPs per customer make sense once you’re sending meaningful volume (on the order of ~10k+/day per IP). But its inaccurate to say we are sending from a single private IP. IP pools are typically segmented by reputation and traffic profile for customers.
Reputation here is earned at multiple layers: per-IP, per-domain, per-inbox, and over time. We rate-limit, isolate, or revoke bad actors without poisoning unrelated senders. Hopefully this makes sense.