HES is able to identify senders with anomalous outbound email behavior – for example, sending bulk emails or sudden increase in email volume. Depending on the dynamic threshold settings, HES will take actions like temporarily block emails for a certain period of time. When this happens, Mail Tracking will log the rate limited emails like the picture above.
This mechanism is HES’ way of protecting not just itself but also all our customers from the following situations:
- Service Abuse – Without burst email detection, it will be easy for any client to abuse the service with burst email sending. Such abusive behavior may cause service disruption and damage to the service’s reputation.
- 3rd Party RBL Listing – 3rd IP Reputation or Real-Time Blackhole List (RBL) providers may add HES’ IP address to their blocked list when burst email behavior is detected from one or more of its outbound MTA. Since HES is a multi-tenant service, multiple customers may be affected if its IP is blocked by 3rd party RBL providers.
- Denial-of-Service - Without rate limiting, it may be possible for an attacker to launch a simple Denial-of-Service attack by continuously sending huge amounts of email within a short period of time.
When faced with this scenario, customers have the following options if there is a requirement for sending emails in bulk like newsletters and marketing mails.
- Be wary of email sending behavior. Find a way to trickle the rate at which the bulk mail is being sent to HES. If possible, send them in batches and only send several mails per minute.
- Use a smarthost for sending the bulk emails. Especially when the bulk email is going to just one or a few domains, configuring the mail server to deliver the mails directly to the destination mail server could be a better option. Most MTAs and mail servers have a way to do this.
- Use a 3rd party bulk email service provider for sending out these types of mails. This will eliminate the need to relay them through HES.
- Use DNS query for routing bulk mails. If possible, configure the mail server or application sending the bulk emails to use DNS MX query when delivering them.
- Separate mails by purpose (user mails vs. bulk mails) and use different email address, domain, and/or IP address for each function. This way, bulk mail routing can be configured separately without affecting the user emails.
It is important to note that when sending the bulk emails directly to recipients, it is also possible that your own IP may be listed to the blocked list of different IP Reputation and RBL service providers. Always consider regulating your own email sending rate to avoid being blacklisted.
Rate Limiting is not unique to HES. Every public email service provider implements some form of rate limiting for the same exact reasons stated above. Protecting the service and keeping it available at all times is the responsibility of both the service provider and its users/customers.