How SMEs Can Design Bulk Email Without Locking Themselves Into a Vendor
The short answer
For an SME sending bulk email to outside recipients, the realistic setup comes down to four points:
- Send to each recipient individually - no big
Bccblast; one message per address - Own your subscriber state - keep
active,unsubscribed, andbouncedin your own DB - Accept unsubscribes automatically - put a link in the body and set the
List-Unsubscribeheader - Authenticate your sending domain - SPF / DKIM / DMARC / PTR / TLS, all in place
The point of “not depending on one specific service” is really about not handing the rules and state of your sending over to someone else.
Why a single Bcc blast isn’t enough
| Problem | What goes wrong | What hurts later |
|---|---|---|
| No way to track unsubscribes | “Stop sending” comes back via reply or phone | Easy to mis-send next time |
| No bounce handling | You keep mailing dead addresses | Your reputation drops |
| No record of consent | You can’t say when or where someone agreed | Weak position on legal or complaint issues |
| Mixed mail types | Sales blasts and notifications go from the same inbox | Daily order emails get caught up too |
| No rate control | Easy to fire everything at once | More likely to hit limits or spam filters |
| Person-dependent | Runs on one staff member’s mail client and habits | Hard to hand over |
What you should keep in-house
State you own
- Subscriber data (email address, consent timestamp, source of consent, delivery category, unsubscribe state)
- Delivery rules (what goes to whom, at what rate, how bounces and unsubscribes feed back)
- Sender identity (sending domain, SPF/DKIM/DMARC, reply-to address, unsubscribe URL)
Things you can swap out
- The actual SMTP relay
- How the admin UI is built
- Where the send queue lives
- Where logs are stored
Minimum delivery stack (parts list)
- Subscriber table - who you can send to
- Suppression table - unsubscribes, hard bounces, complaints
- Templates - subject, body (HTML/text), delivery category
- Send queue - per-recipient state, send result, retry count
- SMTP relay - your existing mail platform or your own server
- Logs - who got what when, success/failure, suppression/bounce updates
Minimum fields for the subscriber table
| Field | Example | Why |
|---|---|---|
| user@example.com | The address itself | |
| status | active / unsubscribed / bounced | Decides whether to send |
| consent_at | 2026-03-20 12:34:56 | Evidence of consent timing |
| consent_source | form / trade show / existing contract | Explains where consent came from |
| consent_purpose | newsletter / seminar invites | What they actually agreed to receive |
| unsubscribed_at | 2026-03-29 09:10:11 | Evidence of opt-out |
| last_bounce_at | 2026-03-30 08:00:00 | Decides whether to keep trying |
Important: suppression always wins. Even if an address is still in your sales CRM, if the suppression table says unsubscribed, you don’t send. That rule needs to be hard-coded.
What to do at different volumes
Once a month, a few dozen recipients
- A merge-style template for outbound only
- Per-recipient sending
- Unsubscribe URL
- Send logs
- SPF / DKIM / DMARC in place
A few times a month, a few hundred recipients
- All of the above, plus a send queue, rate control, automatic bounce handling, and immediate unsubscribe processing
- A dedicated subdomain for sending
- Separate everyday human mail from promotional or announcement mail (e.g.
billing@,notice@,news@)
Approaching a few thousand a day
At this scale, a dedicated service is often cheaper. Google now requires senders pushing more than 5,000 messages a day to Gmail to have SPF/DKIM/DMARC, one-click unsubscribe, and similar basics.
Legal and deliverability essentials you can’t skip
Consent
Promotional and marketing email generally requires prior consent. Keep evidence of:
- Consent timestamp
- Where it was collected
- What kind of mail it covers
- The wording shown to the recipient
- The screen or copy used to capture consent
Required disclosures
The footer needs:
- Sender’s name or company name
- Unsubscribe URL
- A statement that recipients can opt out
- Sender’s address
- A contact for complaints and inquiries
Authentication and deliverability
| Item | Minimum |
|——|———|
| Sending domain | SPF / DKIM / DMARC configured |
| Sending server | A stable host with PTR records and TLS |
| From / Reply-To | A real address that can receive replies |
| Unsubscribe | Body link plus the List-Unsubscribe header |
| List quality | Opt-in only; remove dead addresses |
| Send rate | Ramp up steadily; don’t spike volume |
| Monitoring | Watch bounces, spam rate, and complaints |
Common failures
- Sending normal human mail and promotional mail from the same address
- Tracking consent in a free-text memo field
- Handling unsubscribes manually by replying to email
- Dumping an old stack of business cards into the list
- Suddenly sending the largest batch you’ve ever sent
- Mixing promotional copy into transactional notifications
- Letting the customer CRM override the suppression table (suppression has to win)
Wrap-up
The real question isn’t “which button do I press?” It’s these five things:
- Per-recipient sending, not one big Bcc
- A subscriber table and a suppression table
- A flow that accepts unsubscribes automatically
- SPF / DKIM / DMARC / PTR / TLS
- Separating transactional mail from promotional mail
For a few dozen to a few hundred recipients per send, you can run this perfectly well without a dedicated service. The shortcut isn’t “blast it from a mail client” - it’s designing a small delivery system of your own.
Related Articles
Recent articles sharing the same tags. Deepen your understanding with closely related topics.
Why PPAP Fails as Email Security, and What to Do Instead
PPAP (password-protected ZIP plus a follow-up password email) looks encrypted but fails on interception, misdelivery, malware scanning, s...
Connecting Articles to Service Pages: The Basics of Internal Link Design
A practical guide to internal link design that brings readers back from articles to service and pillar pages, covering anchor text, three...
How to Build a Service Page - A Practical Outline for Technical B2B
A step-by-step guide to building a service page as a 'page to start a conversation,' not just a description page, for technical B2B sites...
When Inquiries Stop Coming In: The First Three Pages to Fix
When a site has stopped generating inquiries, fix the homepage, service page, and contact page first, in that order. Here is how to spot ...
Sorting out Windows text encodings and line endings - Shift_JIS / UTF-8 / UTF-16, mojibake, CRLF / LF, and why it gets confusing
A practical guide that breaks Windows text-file trouble down into independent pieces — bytes, encoding, BOM, and CRLF / LF — and walks th...
Related Topics
These topic pages place the article in a broader service and decision context.
Windows Technical Topics
Topic hub for KomuraSoft LLC's Windows development, investigation, and legacy-asset articles.
Where This Topic Connects
This article connects naturally to the following service pages.
Website Development
We reorganize the homepage, service pages, company pages, and contact flow so the business is clearly understood.