Isolate · Multi-Tenant SaaS
Email Infrastructure for SaaS Products
Sending email at scale for a multi-tenant platform introduces requirements single-product email operations never face: per-customer isolation, compliance, and reputation protection across every tenant.
Shared reputation pool
no control planeOne abusive tenant poisons the pool — every customer degrades.
Isolated with Sendarix
blast radius containedThe bad tenant is quarantined to its own pool — everyone else stays healthy.
The multi-tenant email problem
One tenant's bad list should never sink everyone else.
When your product sends from yourplatform.com on behalf of customer.com, a failure for one customer hits the shared reputation that all customers depend on.
Traditional email platforms offer no per-tenant isolation. If one customer's list quality degrades, it damages the sending reputation every other customer relies on. Sendarix makes isolation the default unit of operation.
| Tenant | Pool | Signal | Status |
|---|---|---|---|
| acme-corp | dedicated-ip-12 | Clean sends | healthy |
| northwind | shared-eu-3 | Stable | healthy |
| tenant_8842 | quarantine-1 | Complaints rising | isolated |
| globex | shared-us-1 | Stable | healthy |
Representative product UI — illustrative data, not live customer metrics.
Per-customer sending domain isolation
Each customer sends from their own verified domain, so one customer's reputation problems never touch another's.
Customer owns their sending domain
Each customer configures DKIM and SPF for their own domain pointing to Sendarix. The customer retains full DNS control; Sendarix acts as the relay, not the domain owner.
Subdomain delegation for white-label
For white-label subdomains (e.g. notify.customer.com), configure SPF to authorize both the subdomain and Sendarix. DKIM is signed by the white-label domain.
IP pool isolation
High-volume customers can be assigned dedicated IP pools with independent warmup and reputation history, managed through email routing rules.
Suppression management per tenant
A bounce or complaint on one customer's list must never trigger suppression on another's. Suppression lists are isolated per domain.
Per-tenant suppression scope
When a recipient hard bounces for Customer A, the address is suppressed only for Customer A's domain. Customer B continues sending if they hold independent permission.
Cross-tenant complaint handling
Feedback loops are configured per sending domain. Complaints for one tenant never affect the reputation or suppression list of any other tenant.
Customer self-service suppression
Expose suppression management to customers via API so they handle their own unsubscribes and list hygiene without routing through your support team.
Audit trail per tenant
Retain suppression event history per domain for compliance. GDPR and CCPA require documented suppression on request — per-tenant isolation keeps it auditable.
Programmable per-tenant routing
Routing rules for multi-tenant platforms
Each customer domain gets independent routing configuration, set programmatically on domain verification via email routing rules.
Configure failover independently per routing domain. If Customer A's primary IP pool degrades, their traffic routes to their backup pool — not the shared pool — preserving isolation under stress.
When sending_domain = customer.com Then route through customer_dedicated_pool apply customer_warmup_schedule use customer_suppression_list alert bounce_rate > 3% → customer@example.com
Compliance requirements for B2B SaaS email
Multi-tenant email carries obligations your customers inherit. Sendarix builds the controls auditors expect.
GDPR — data processing
Customer data processed on behalf of your product requires a DPA. Sendarix Enterprise includes GDPR-specific processing terms; suppression and deletion events are honored within the contracted retention period.
CAN-SPAM — unsubscribe handling
All commercial email needs a functional unsubscribe. On multi-tenant platforms, each customer's emails must unsubscribe from that customer's list — not the platform as a whole.
Healthcare SaaS evaluations
Healthcare platforms should evaluate whether message content contains PHI before transmission. Contact enterprise sales to discuss healthcare requirements and available agreements.
Audit logging for compliance reviews
Audit logs for email events, suppression changes, and routing modifications are available via API for security and compliance reviews. See security & compliance.
Monitoring and alerting per customer
Each customer's program needs independent thresholds that notify the right customer — not your ops team for everyone at once.
Alert if > 2% over a 24h rolling window. Alert recipient: customer email on file.
Alert if > 10% over 24h. Indicates temporary provider issues or quota problems.
Alert if > 0.1% over 7 days. At 0.3%, most major providers begin filtering.
Alert on a drop > 5 percentage points from the customer's 30-day average.
Verwandte Produkte
Build multi-tenant email into your platform
The Sendarix API supports programmatic domain verification, routing configuration, and per-tenant webhook setup. Provision a customer sending domain inside your onboarding flow — no manual DNS work required.
