Email deliverability
How Meridian ensures your transactional emails reach inboxes, not spam folders.
SPF
Sender Policy Framework authorizes our sending IPs via a TXT record on getnimbus.net. Receiving MTAs check this record to confirm the email originated from a permitted source. Without SPF, spoofed messages degrade domain reputation.
DKIM
DomainKeys Identified Mail attaches an Ed25519 or RSA signature to every outbound message. The public key lives in DNS. Intermediate relays cannot alter the body or key headers without breaking the signature, so mailbox providers trust the integrity of the message.
DMARC alignment
DMARC ties SPF and DKIM together with a policy that tells receivers what to do when checks fail. Meridian runs a p=reject policy — unauthorized mail is discarded outright. Alignment requires theFrom domain to match the authenticated domain, closing the spoofing gap that SPF or DKIM alone leaves open.
Why Resend
We route all transactional mail through Resend. They maintain dedicated IP pools with warm reputations, handle MTA retry logic, and surface real-time delivery events via webhooks. This lets us focus on product while a specialized provider manages the infrastructure that inbox placement depends on.
Monitoring bounces
Hard bounces (invalid addresses) are suppressed immediately to protect sender score. Soft bounces trigger exponential backoff with a three-strike rule before suppression. The dashboard surfaces bounce rate trends so we catch delivery regressions before they impact domain reputation.
Questions about email setup? Reach out in Discord.