- May 2022
European email senders face specific deliverability challenges not encountered in US-centric sending programmes: EU ISP behaviour, GDPR compliance, multilingual unsubscribe flows, and cross-border data hosting. This note documents what experience building European sending infrastructure teaches.
Building and operating email sending infrastructure for European commercial senders requires understanding a different set of ISP relationships, compliance requirements, and operational practices than US-centric email infrastructure. European senders deal with ISPs that most US deliverability guides do not address, compliance obligations that US programmes do not share, and audience expectations about data handling and communication standards that differ from US commercial norms. This note documents the operational lessons that years of building European sending infrastructure produce.
European ISP Landscape
The European consumer ISP landscape is more fragmented than the US market. While Gmail, Yahoo, and Microsoft collectively dominate US consumer email, European senders must maintain ISP relationships with: GMX and Web.de (25-30% of German consumer email, owned by United Internet), T-Online (Deutsche Telekom, 20-25% of German consumer email), Orange.fr and Free.fr (major French consumer ISPs), Libero.it and Tiscali.it (major Italian consumer ISPs), and multiple country-specific ISPs in the Netherlands, Spain, and Nordics. Each of these ISPs has distinct rate limiting behaviour, authentication requirements, and postmaster contact channels.
The operational implication: European-focused sending infrastructure requires per-domain configuration for a significantly longer list of ISP destinations than US-focused infrastructure. The PowerMTA domain block configuration for a European programme should include dedicated blocks for GMX/Web.de, T-Online, the major French ISPs, and the major Italian ISPs — not just the globally dominant ISPs. Each European ISP has its own effective rate limit, its own throttle pattern, and its own postmaster escalation channel that differ from the major US ISPs.
GMX and Web.de specifically deserve detailed treatment: they apply stricter rate limits than most US ISPs at the same reputation tier, require FCrDNS to pass (their MTA rejects connections from IPs without valid PTR records more aggressively than Gmail or Yahoo), apply greylisting extensively for new IP-domain combinations, and have a postmaster contact channel (postmaster@gmx.net) that is responsive for deliverability issues. European sending infrastructure that is not calibrated for GMX/Web.de specifically will generate elevated throttle and delayed delivery to a significant portion of German consumer email addresses.
GDPR Operational Impact
GDPR does not just create compliance documentation requirements — it creates operational practices that affect how email infrastructure is configured and operated day-to-day. The GDPR operational practices that European infrastructure must support: (1) Consent timestamp tracking: every consent event (subscription, purchase opt-in) must be stored with a timestamp and the mechanism that generated it. This requires the sending application to maintain a consent audit log that can be queried to prove consent for any specific email address on request from a data subject or regulator. (2) Erasure on request: the infrastructure must support a complete-erasure workflow that removes all data associated with a specific email address from all systems — sending application, accounting log, suppression list, consent log, and any backup or archive systems — within 30 days of a verified erasure request.
(3) Data minimisation in the accounting log: the accounting log should not retain email addresses in plain text beyond the operational retention period (typically 90 days). After this period, email addresses should be pseudonymised (SHA-256 hashed) or removed. The hashed identifier retains the ability to correlate delivery events without retaining the personally identifiable address. (4) Purpose limitation: email addresses collected for newsletter subscription should not be used for cold prospecting without separate consent. The infrastructure must support purpose-limited sending — different lists for different purposes, with the purpose specified at consent time and enforced at campaign injection time.
These GDPR operational requirements are infrastructure and application design requirements, not just policy documents. Building them into the infrastructure from the start — consent logging in the subscriber database, pseudonymisation in the accounting log ETL pipeline, erasure workflow in the contact management system — is the data protection by design approach that GDPR Article 25 requires. Retrofitting these capabilities to existing infrastructure is significantly more complex than building them correctly from the outset.
Multilingual Unsubscribe and Compliance
European email programmes frequently send to audiences in multiple languages across multiple jurisdictions. The unsubscribe flow — a critical compliance element — must function correctly in all languages the programme sends in. A unsubscribe link that leads to a German-language landing page for a recipient who received an English-language email creates friction that reduces self-service unsubscribe completion, increasing the probability of spam marking (the recipient marks as spam instead of using the unsubscribe link). Language-matched unsubscribe flows are both a compliance best practice and a reputation management practice.
The one-click unsubscribe (RFC 8058, List-Unsubscribe-Post header) required by Gmail's 2024 bulk sender requirements is language-neutral — the POST request and 200 OK response require no language-specific interface. For European programmes, implementing one-click unsubscribe via the List-Unsubscribe-Post header satisfies the technical compliance requirement regardless of the recipient's language. The traditional web-form unsubscribe flow should still be provided in the recipient's language for recipients who prefer it, but the one-click mechanism handles the majority of unsubscribe actions from Gmail interface users without language friction.
European email infrastructure, built and operated with awareness of the ISP landscape, GDPR operational requirements, and multilingual compliance considerations, produces a programme that operates sustainably in the European market without the compliance incidents and ISP relationship problems that ignore these factors produce. The lessons from building European infrastructure are ultimately lessons about operating at the intersection of technical capability and regulatory obligation — the operational standard that European commercial email demands and that well-managed infrastructure achieves. Build for the European context from the start; maintain the operational disciplines that context requires; and the European programme will deliver reliably, compliantly, and sustainably for the programme's full operational lifetime in the market.
Infrastructure Assessment
Our managed infrastructure is built specifically for European senders — EEA data centres, per-EU-ISP domain block configurations, GDPR-compliant data handling, and operational practices calibrated for the European ISP landscape and regulatory environment. Request assessment →